Computer Networks最新文献

{"title":"Protecting unauthenticated messages in LTE/5G mobile networks: A two-level Hierarchical Identity-Based Signature (HIBS) solution","authors":"","doi":"10.1016/j.comnet.2024.110814","DOIUrl":"10.1016/j.comnet.2024.110814","url":null,"abstract":"<div><div>As an essential public infrastructure, the security and reliability of mobile networks have a profound impact on people’s production and life. Although the security of LTE/5G networks has been improved a lot with the evolution of standards, there are still some unprotected messages being transmitted between the cellular network and device due to the symmetric key-based security architecture and the trade-off between security and other criteria like network availability. By exploiting these messages, various security attacks have been proposed and demonstrated against commercial mobile networks and devices in existing literature, such as user location tracking, bidding-down, and DoS attacks. To address this security issue, in this paper, we aim to protect these unauthenticated messages in mobile networks using digital signatures. Based on the idea of Hierarchical Identity-Based Signature (HIBS) in existing work, we analyse and design a two-level HIBS solution in detail in terms of different aspects such as keys generation and provisioning procedures, replay mitigation, and cell selection. Unlike previous work, our proposed solution also supports the protection of individual vulnerable RRC and NAS layer signalling in addition to authenticating the base station. We evaluated the efficiency and feasibility of several existing HIBS schemes and implemented the most efficient one in the 5G standalone network setup using open-source software. The implementation results further proved the feasibility of the solution in practice.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142312481","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"On the aggregation of FIBs at ICN routers using routing strategy","authors":"","doi":"10.1016/j.comnet.2024.110794","DOIUrl":"10.1016/j.comnet.2024.110794","url":null,"abstract":"<div><p>Utilizing in-network caching is essential for the current communication network. In the last decade, ICN (Information-Centric Networking) has been under the spotlight as a network that mainly focuses on transmitted and received data rather than on hosts that transmit and receive data. In ICNs, to appropriately forward request packets, a router maintains a routing table called FIB (Forwarding Information Base). However, it is unsuitable for us to assume that FIB can store entries of all contents within a network. This is mainly because the FIB memory is not large enough to store the prefix of all contents. Thus, for realizing global-scale ICNs, it is crucial to develop an effective technique to reduce the size of FIB. In this paper, to tackle the reduction in the FIB size with the aggregation, we propose a routing strategy called <em>constrained shortest-path tree (CSPT) routing</em>. The fundamental idea of our CSPT routing is to combine shortest-paths on the network and that on a shortest-path tree of the network, which is intended to enhance the effect of FIB aggregation. Furthermore, we extensively investigate the relationship, i.e., trade-off, between the FIB aggregation and the communication performance of ICN using CSPT routing. Consequently, we reveal that our CSPT routing can dramatically reduce the number of FIB entries while suppressing the increase in the number of hops required to deliver request packets.</p></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142274082","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"SD-MDN-TM: A traceback and mitigation integrated mechanism against DDoS attacks with IP spoofing","authors":"","doi":"10.1016/j.comnet.2024.110793","DOIUrl":"10.1016/j.comnet.2024.110793","url":null,"abstract":"<div><p>Traceback has been very attractive against DDoS attacks with IP spoofing instead of traditional mitigation methods because attacks require removal near attackers, resulting in affecting legitimate traffic as little as possible. There have been some approaches dedicated to achieving effective traceback. However, existing approaches often modify protocols to apply to multi-domain scenarios, and the implemented mitigation usually lags behind traceback. Therefore, this paper proposes the Software-Defined Multi-Domain Network Tracer and Mitigator (SD-MDN-TM) to traceback and mitigate DDoS attacks with IP spoofing in multi-domain SDN scenarios. We apply systematic sampling and flow feature extraction based on the Count-Min Sketch data structure for the lightweight statistics collection of massive DDoS attack traffic. We also design the TracebackTree data structure to construct the traceback paths of attackers of distributed attack sources. The Border Switch Trigger Mechanism is proposed to overcome the drawbacks of the commonly-used packet marking in cross-domain traceback information transfer, achieving no modification of existing network protocols and independent traceback among multiple domains. Mitigation is integrated with traceback for faster removal of attacks from the network. The proposed scheme can traceback DDoS attack sources both inside and outside domains accurately and effectively by constructing traceback path. It can be implemented without modifying the existing protocols, therefore achieving direct application to the existing network architecture. Furthermore, the traceback of attack sources outside domains can maintain independence in multi-domain scenarios. Mitigation integrated with traceback can achieve less impact on legitimate traffic and faster removal of attacks from the network.</p></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142274081","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A two-step linear programming approach for repeater placement in large-scale quantum networks","authors":"","doi":"10.1016/j.comnet.2024.110795","DOIUrl":"10.1016/j.comnet.2024.110795","url":null,"abstract":"<div><p>Thanks to the applications such as Quantum Key Distribution and Distributed Quantum Computing, the deployment of quantum networks is gaining great momentum. A major component in quantum networks is repeaters, which are essential for reducing the error rate of qubit transmission for long-distance links. However, repeaters are expensive devices, so minimizing the number of repeaters placed in a quantum network while satisfying performance requirements becomes an important problem. Existing solutions typically solve this problem optimally by formulating an Integer Linear Program (ILP). However, the number of variables in their ILPs is <span><math><mrow><mi>O</mi><mrow><mo>(</mo><msup><mrow><mi>n</mi></mrow><mrow><mn>2</mn></mrow></msup><mo>)</mo></mrow></mrow></math></span>, where <span><math><mi>n</mi></math></span> is the number of nodes in a network. This incurs infeasible running time when the network scale is large. To overcome this drawback, this paper proposes to solve the repeater placement problem by two steps, with each step using a linear program of a much smaller scale with <span><math><mrow><mi>O</mi><mrow><mo>(</mo><mi>n</mi><mo>)</mo></mrow></mrow></math></span> variables. Although this solution is not optimal, it dramatically reduces the time complexity, making it practical for large-scale networks. Moreover, it constructs networks that have higher node connectivity than those by existing solutions, since it deploys slightly more number of repeaters into networks. Our extensive experiments on both synthetic and real-world network topologies verified our claims.</p></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S1389128624006273/pdfft?md5=514277d17e6855a7161cf9235a13a0a6&pid=1-s2.0-S1389128624006273-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142274083","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Network traffic prediction based on PSO-LightGBM-TM","authors":"","doi":"10.1016/j.comnet.2024.110810","DOIUrl":"10.1016/j.comnet.2024.110810","url":null,"abstract":"<div><p>Network traffic prediction is critical in wireless network management by allowing a good estimate of the traffic trend, which is also an important approach for detecting traffic anomalies in order to enhance network security. Deep-learning-based method has been widely adopted to predict network traffic matrix (TM) though with the main drawbacks in high complexity and low efficiency. In this paper, we propose a traffic prediction model based on Particle Swarm Optimization (PSO) and LightGBM (PSO-LightGBM-TM), which optimizes the LightGBM parameters for each network flow by PSO so that LightGBM can adapt to each of the network traffic flow. Compared with existing commonly used deep learning models, our model has a more straightforward structure and yet outperforms existing deep learning models. Sufficient comparison tests on three real network traffic datasets, Abilene, GÉANT, and CERNET have been conducted, and the results show that our model provides more accurate results and higher prediction efficiency.</p></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142274077","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"GCP: A multi-strategy improved wireless sensor network model for environmental monitoring","authors":"","doi":"10.1016/j.comnet.2024.110807","DOIUrl":"10.1016/j.comnet.2024.110807","url":null,"abstract":"<div><p>Nowadays, smart environmental monitoring devices are widely used in various fields, and one of the most representative tools is the wireless sensor network (WSN). WSNs are easy to deploy and provide real-time information feedback, which is very suitable for environmental monitoring. As we all know, the environmental monitoring network because of the special nature of its work requirements, the need for uninterrupted and real-time transmission of monitoring data, which leads to energy consumption is extremely large, and this cannot meet the needs of its long-term work. Existing traditional routing has problems such as unscientific cluster head election and high redundancy in data transmission, which usually lead to a large amount of energy consumption, which is not conducive to the long-term stable operation of sensor networks. In this paper, we improve the traditional routing protocol and design a cluster head election method based on the genetic algorithm, which proposes a new fitness function in terms of energy, distance, and the number of nodes in the cluster, and performs the selection of cluster head nodes based on this method. In addition, we propose a new grey prediction model, which can realize the real-time update of data queues, and optimize the data transmission process of traditional WSNs based on this prediction model to reduce the amount of intra-cluster data transmission. Combining these improvements, a grey cluster prediction (GCP) model is proposed, and the performance of the model is tested based on real mine and soil data sets. The simulation results show that the model significantly reduces energy loss and extends the network life cycle while ensuring the integrity of data transmission. It can also meet the requirements of long-term stable operation of environmental monitoring equipment.</p></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142274078","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A truthful double auction mechanism for resource provisioning and elastic service in vehicle computing","authors":"","doi":"10.1016/j.comnet.2024.110806","DOIUrl":"10.1016/j.comnet.2024.110806","url":null,"abstract":"<div><p>Intelligent vehicles, equipped with powerful computing and sensing resources, serve as versatile mobile computing platforms, offering many resources to users. This study focuses on resource provisioning and elastic service to address the paramount issue of resource provisioning for in-vehicle computing. It introduces an elastic sensing service, enabling users to declare multiple requested areas to obtain sensing data. It allows various vehicles to collaborate in providing services to a single user when individual vehicles cannot complete the task alone. The approach formulated as a double auction-based setting involves a market with multiple self-interested users and vehicles. The main objective is to design a mechanism that maximizes social welfare. First, a greedy mechanism provides different task allocation strategies while ensuring truthfulness. The proposed mechanism is truthful and equilibrium-driven, achieving individual rationality, consumer sovereignty, and budget balance. It demonstrates the approximation ratio. Simulation results indicate that the proposed mechanism can increase social welfare and the number of served users by at least 29% and 9%, respectively, compared with baseline methods. This research paves the way for more efficient resource provisioning in intelligent vehicles, ultimately enhancing these mobile computing platforms’ overall user experience and capabilities.</p></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142274079","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Multi-objective joint optimization of task offloading based on MADRL in internet of things assisted by satellite networks","authors":"","doi":"10.1016/j.comnet.2024.110801","DOIUrl":"10.1016/j.comnet.2024.110801","url":null,"abstract":"<div><div>The Internet of Things (IoT) integrates a large number of heterogeneous terminals and systems, possessing ubiquitous sensing and computing capabilities. Satellite networks are the crucial supplement to terrestrial networks, particularly in remote areas where network infrastructures are sparingly distributed or unavailable. Combining edge computing with satellite networks provides on-orbit computing capabilities for IoT applications, reducing service delay and enhancing service quality. Due to the resource constraints of satellites, achieving collaborative services through task offloading among multiple satellites becomes essential. Both the privacy leakage risk arising from frequent data interactions and the load imbalance resulting from offloading preferences cannot be overlooked. The key challenge of task offloading is to safeguard the privacy of offloaded data and ensure the system’s load balance while minimizing the delay and energy consumption. In this paper, the task offloading problem is formulated as a Partially Observable Markov Decision Process (POMDP), and a task offloading algorithm based on multi-objective joint optimization using multi-agent deep reinforcement learning in a distributed architecture is proposed. The simulation results validate the efficacy of our model and algorithm, demonstrating that our proposed algorithm achieves better performance in minimizing comprehensive offloading costs.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S1389128624006339/pdfft?md5=db265398ca7ed57c38d747a29dd0706e&pid=1-s2.0-S1389128624006339-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142312482","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Enhancing security offloading performance in NOMA heterogeneous MEC networks using access point selection and meta-heuristic algorithm","authors":"","doi":"10.1016/j.comnet.2024.110802","DOIUrl":"10.1016/j.comnet.2024.110802","url":null,"abstract":"<div><p>The research delves into the intricate domain of security offloading within the context of non-orthogonal multiple access (NOMA) heterogeneous mobile edge computing (het-MEC) networks operating over Rayleigh fading channels. The investigation centers on a system model comprising a single antenna-equipped edge user, denoted as <span><math><mi>U</mi></math></span>, which strategically offloads computational tasks to two distinct heterogeneous wireless access points (APs): the far AP (<span><math><mrow><mi>A</mi><msub><mrow><mi>P</mi></mrow><mrow><mn>1</mn></mrow></msub></mrow></math></span>) and the near one (<span><math><mrow><mi>A</mi><msub><mrow><mi>P</mi></mrow><mrow><mn>2</mn></mrow></msub></mrow></math></span>), employing NOMA techniques. Notably, the research accounts for a passive eavesdropper (<span><math><mi>E</mi></math></span>) intending to intercept the <span><math><mrow><mi>U</mi><mo>−</mo><mi>A</mi><msub><mrow><mi>P</mi></mrow><mrow><mn>2</mn></mrow></msub></mrow></math></span> transmission. A four-phase protocol is proposed to ensure the security offloading process, namely SAPS, which leverages wireless access point selection (APS) and physical layer security (PLS) techniques. The focus extends to derive a closed-form expression for a novel critical system performance metric: the secrecy successful computation probability (SSCP). Furthermore, an algorithm based on Ant Colony Optimization (ACO) within the continuous domain is introduced, which aims to enhance the SSCP by intelligently determining system parameters. The impact of critical factors such as transmit power, power allocation coefficient, bandwidth, CPU frequency, and task division ratio under the SAPS scheme is explored and compared to the conventional approach using pure NOMA. Remarkably, the algorithm in the proposed scheme demonstrates up to a 3% performance improvement. The validity and accuracy of the study findings are verified through Monte-Carlo simulations. The work contributes significantly to advancing secure offloading strategies in NOMA-based MEC networks, offering valuable insights for practical deployment and optimization.</p></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142241817","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"6TiSCH IIoT network: A review","authors":"","doi":"10.1016/j.comnet.2024.110759","DOIUrl":"10.1016/j.comnet.2024.110759","url":null,"abstract":"<div><div>Low-power and Lossy Networks (LLN) constitute an interconnected network of numerous resource-constrained nodes, forming a wireless mesh network. The Time slotted Channel Hopping (TSCH) mode, introduced as a revision of the Medium Access Control (MAC) section within the IEEE 802.15.4 standard, stands as an emerging standard for industrial automation and process control. In 2013, the Internet Engineering Task Force (IETF) established the IPv6 over the TSCH mode of IEEE 802.15.4e (6TiSCH) working group (WG), defining the IPv6 deterministic wireless network—6TiSCH. This development is pivotal for advancing the broader adoption of IPv6 in industrial standards and facilitating the convergence of operational technology (OT) and information technology (IT). As of July 2023, the primary documents encompassing architecture, configuration and parameters, and Minimum Scheduling Function for the 6TiSCH protocol stack have been completed, and the status of the WG has transitioned from active to concluded. Over the past decade, the academic community has extensively researched protocol stacks related to 6TiSCH. This paper furnishes a comprehensive survey of the architecture and developmental processes underlying the 6TiSCH network, encapsulating research achievements since its inception, and delineating the challenges and prospective directions for its future development.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142312483","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}