Computer Networks最新文献

{"title":"LDD-Track: An energy-efficient deep reinforcement learning framework for multi-subject tracking in mobile crowdsensing","authors":"Erfan Parhizi,&nbsp;Rasool Esmaeilyfard,&nbsp;Reza Javidan","doi":"10.1016/j.comnet.2025.111735","DOIUrl":"10.1016/j.comnet.2025.111735","url":null,"abstract":"<div><div>Multi-subject tracking in Mobile Crowdsensing Systems (MCS) is a challenging task due to dynamic mobility, limited energy resources, and the need for real-time decisions. Traditional models like Kalman Filters and Hidden Markov Models struggle in such conditions, while Transformer-based deep learning methods offer high accuracy but are too computationally demanding for mobile use. Unlike previous studies that focus on one-to-one or collaborative group tracking, which often lack scalability and adaptability to real-world complexities, we propose LDD-Track, a novel multi-subject tracking framework that integrates Long Short-Term Memory (LSTM) networks with an adaptive attention mechanism, Density-Based Spatial Clustering of Applications with Noise (DBSCAN), and Deep Q-Network (DQN)-based user allocation. The LSTM model, enhanced with attention mechanisms, dynamically assigns weights <span><math><msub><mi>α</mi><mi>t</mi></msub></math></span> to past trajectory points, filtering noise and improving prediction accuracy. The DBSCAN clustering technique effectively groups subjects based on predicted movement, optimizing resource allocation and reducing computational overhead. The DQN-based user assignment strategy models resource optimization as a Markov Decision Process (MDP), leveraging the Q-value function <span><math><mrow><mi>Q</mi><mo>(</mo><msub><mi>s</mi><mi>t</mi></msub><mo>,</mo><msub><mi>a</mi><mi>t</mi></msub><mo>)</mo></mrow></math></span> to ensure adaptive and energy-efficient user allocation. Extensive experiments on the Taxi Mobility in Rome dataset demonstrate the superiority of LDD-Track. The framework achieves a 51 % reduction in energy consumption, a 39 % increase in Coverage Completion Rate (CCR), and a 9.7 % improvement in resource allocation efficiency compared to state-of-the-art methods. These findings validate the effectiveness of integrating attention-based prediction and deep reinforcement learning in large-scale, real-time MCS environments.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111735"},"PeriodicalIF":4.6,"publicationDate":"2025-09-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145220813","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"RF-AbVib: Environment-independent vibration monitoring using COTS RFID devices","authors":"Min Li ,&nbsp;Guangxuan Bai ,&nbsp;Di Gao ,&nbsp;Shuai Wang ,&nbsp;Siye Wang ,&nbsp;Yanfang Zhang ,&nbsp;Yue Feng","doi":"10.1016/j.comnet.2025.111738","DOIUrl":"10.1016/j.comnet.2025.111738","url":null,"abstract":"<div><div>Endowing IoT devices with self-security monitoring capabilities without relying on external hardware marks a significant advancement in the field. RFID-equipped smart cabinets, while providing robust protection for sensitive items such as documents and electronic devices, remain vulnerable to violent break-ins or physical disturbances such as slapping and shaking, which produce characteristic vibration patterns. We demonstrated that the cabinet’s integral RFID system can inherently detect such vibrations, thus enhancing its self-security. However, overcoming environmental dependency remains a critical challenge: variations in the shape, size, material, and spatial arrangement of items inside the cabinet interfere with RFID signal propagation, resulting in complex multipath effects that compromise vibration-sensing accuracy and weaken security detection. To address this limitation and enable self-security monitoring, we proposed RF-AbVib, a novel solution that utilizes commercial off-the-shelf RFID readers in conjunction with a fixed reference tag mounted on the inner wall of the cabinet to achieve environment-independent vibration monitoring. We pre-trained and fine-tuned a meta-learning model to enable RF-AbVib to process variable-length data and adapt to diverse environmental conditions. Furthermore, we proposed a bilateral threshold filtering (BTF) algorithm combined with discrete wavelet transform (DWT) to remove outliers and hardware noise while preserving subtle vibration features in RFID signals. Evaluated across 31 distinct environments, RF-AbVib achieved 95.59 % accuracy in detecting three abnormal behaviors with only one sample, regardless of the reference tag’s position, orientation, or type. Relevant data has been uploaded to the <span><span>RF-AbVib dataset</span><svg><path></path></svg></span>.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111738"},"PeriodicalIF":4.6,"publicationDate":"2025-09-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145220812","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Defense against backdoor attacks in federated learning with robust adaptive learning rates","authors":"Hongtao Li ,&nbsp;Yongjun Fang ,&nbsp;Jie Wang ,&nbsp;Xianglin Li ,&nbsp;Bo Wang","doi":"10.1016/j.comnet.2025.111720","DOIUrl":"10.1016/j.comnet.2025.111720","url":null,"abstract":"<div><div>Federated Learning (FL) serves as a privacy-preserving paradigm that not only protects user privacy, but also improves model generalization ability and data security. However, by launching a backdoor attack, a vicious client can embed the backdoor in a the global model to deviate the direction of the model update, leading to the desired misclassification. To defend against backdoor attacks, we proposes a Robust Adaptive Learning Rate method (RALR). RALR takes into account the way of voting the gradient symbols of the clients by dimension, which means that no single client will have too much power. In addition, RALR adaptively finds the learning threshold so that the symbol voting value of each dimension reaches a certain number before it can participate in the global aggregation, and the bad influence of backdoor attackers on the global model training will be weakened as a result. In addition, the introduction of the sign gradient mechanism effectively protects the privacy of the update parameters. RALR not only ensures the performance of the main task under different experimental conditions, but also effectively eliminates the backdoor. The experimental results show that the robust adaptive learning rate method can defend against the backdoor attack very effectively. The successful rate of the attack is reduced to 1.9 % compared to the existing defense.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111720"},"PeriodicalIF":4.6,"publicationDate":"2025-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145220811","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Adversarial attack and defence of federated learning-based network traffic classification in edge computing environment","authors":"Azizi Ariffin ,&nbsp;Faiz Zaki ,&nbsp;Hazim Hanif ,&nbsp;Nor Badrul Anuar","doi":"10.1016/j.comnet.2025.111739","DOIUrl":"10.1016/j.comnet.2025.111739","url":null,"abstract":"<div><div>Network Traffic Classification (NTC) is vital for network management and security. However, as internet traffic volume increases, centralised model training causes scalability and privacy issues for NTC. To address these issues, distributing NTC model training to multiple edge clients via Federated Learning (FL) provides a solution by reducing latency, improving system scalability, and preserving data privacy. Nonetheless, the distributed nature of FL makes it vulnerable to various adversarial attacks from multiple clients, consequently degrading the model's performance. Most studies focus on a limited range of attacks, often overlooking more advanced and subtle threats, such as backdoor attacks and those based on Generative Adversarial Networks (GANs). Despite the growing attack complexity, existing defensive measures in the NTC domain struggle to mitigate multiple adversarial attack types simultaneously. To validate this claim, this study investigates the vulnerabilities of FL-based NTC training against four types of adversarial attacks: label flipping (LF) and model poisoning, and introduces customized backdoor and GAN-based attack scenarios tailored specifically to FL-based NTC training. When evaluated using the ISCX-VPN 2016 dataset, the results demonstrate that FL-based NTC is vulnerable to all four types of adversarial attacks. For instance, the LF attack reduced accuracy by 98.66 % in a collusive scenario, while the backdoor attack achieved a 40 % success rate. In comparison, the GAN attack lowered the F1 score of the target class by 18 %. Therefore, to strengthen the defense against adversarial attacks, this study proposes a robust conceptual defense framework capable of defending against multiple adversarial attack types simultaneously. The framework incorporates remote attestation scoring, hierarchical training, and an adaptive aggregation mechanism and conducts logic analysis to evaluate its effectiveness. The analysis demonstrates that it successfully maintains the model with 76 % accuracy under multiple adversarial attacks during training compared to an 80 % reduction without defensive measures.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111739"},"PeriodicalIF":4.6,"publicationDate":"2025-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145220809","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A provably efficient in-network computing services deployment approach for security burst","authors":"Danyang Zheng ,&nbsp;Chao Wang ,&nbsp;Honghui Xu ,&nbsp;Wenyi Tang ,&nbsp;Yihan Zhong ,&nbsp;Xiaojun Cao","doi":"10.1016/j.comnet.2025.111737","DOIUrl":"10.1016/j.comnet.2025.111737","url":null,"abstract":"<div><div>The emerging in-network computing (INC) technique delegates computations to the network data plane, enabling clients' data to be processed during transmission. However, processing transmitted data within INC-enabled network devices may lead to security concerns and broaden the attack surface as sensitive data can be exposed during computation, making the network more susceptible to various cyber-attacks. To protect against such cyber-attacks, especially in security-sensitive applications such as finance and healthcare, clients might periodically enhance service security requirements regarding the importance of their to-be-transmitted data. This periodic security enhancement is called a “security burst” (SEB). To meet such enhancement, one may implement security-aware network functions (S-NFs) like firewall and deep packet inspection on smart routers or switches along the forwarding path while maximizing the re-utilization of this path. Despite the growing interest in INC and security service deployment, existing solutions typically assume static security requirements and overlook the dynamic, on-demand security enhancements such as SEBs. Furthermore, prior approaches rarely consider the re-utilization of existing in-path services, leading to higher additional costs. To fill this gap, this work shows pioneering efforts in tackling SEB for INC-enabled services. Assuming that re-employing the resources along the original forwarding path does not incur bandwidth cost, we formally establish a novel problem called INC-enabled Service Migration for SEB (ISME) to optimize additional cost and prove its NP-hardness. To solve this problem, we design an efficient cost-security-burst (CSB) measure and develop an innovative CSB measure-based security enhancement (CSB-SE) algorithm, which is mathematically proved to be logarithm approximate. Extensive simulations show that CSB-SE guarantees logarithm-approximate performance and outperforms the benchmark by an average of 37.11 % regarding the total service cost and 102.38 % in terms of the additional cost.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111737"},"PeriodicalIF":4.6,"publicationDate":"2025-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145220818","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"DSAFL:Decentralized secure aggregation with communication path optimization for cross-silo federated learning","authors":"Ling Li ,&nbsp;Cheng Guo ,&nbsp;Xinyu Tang ,&nbsp;Yining Liu","doi":"10.1016/j.comnet.2025.111732","DOIUrl":"10.1016/j.comnet.2025.111732","url":null,"abstract":"<div><div>Cross-Silo Federated Learning (CSFL) facilitates collaborative machine learning (ML) across organizations by locally training models and centrally aggregating model updates. Currently, this approach is shifting to decentralized aggregation due to the limitations of centralized aggregation such as single-point failures and network congestion. However, existing decentralized aggregation methods often suffer from privacy leakage and high communication cost. To address these issues, we propose DSAFL, a decentralized secure aggregation scheme for CSFL. In DSAFL, we present a staged secure aggregation method based on multi-key homomorphic encryption, which enables load-balanced collaborative aggregation computation across clients while preserving model update confidentiality and providing verifiability of the aggregation result. DSAFL optimizes communication paths by jointly considering communication cost and reliability, enabling cost-efficient and robust secure aggregation across diverse network topologies, and further reduces communication cost through non-interactive decryption. The security analysis proves that DSAFL is semi-honestly secure and resistant to client collusion attacks. The experimental results confirm the practicality and applicability of DSAFL, and show significant advantages in both accuracy and privacy. With a combination of computational balancing, low communication cost, and privacy preservation, DSAFL provides a solution for enabling sustainable ML collaboration across organizations.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111732"},"PeriodicalIF":4.6,"publicationDate":"2025-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145220814","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"FuzzyDoo: A framework for finding flaws in the 5G landscape","authors":"Rosario G. Garroppo,&nbsp;Michele Pagano,&nbsp;Gabriele Pongelli","doi":"10.1016/j.comnet.2025.111734","DOIUrl":"10.1016/j.comnet.2025.111734","url":null,"abstract":"<div><div>The increasing complexity and criticality of 5G networks demand rigorous security testing methodologies, particularly in black-box environments where source code access is restricted. This paper introduces FuzzyDoo, an open-source, mutation-based structure-aware fuzzing framework designed to assess the robustness and security of 5G Core (5GC) network functions under black-box conditions. FuzzyDoo advances the state of the art by enabling dynamic test message generation for encrypted communications, supporting extensible protocol integration, and facilitating flexible deployment of monitoring components in multi-system environments. The paper details the framework modular architecture – to the best of our knowledge, the first of its kind in the open-source domain – and demonstrates its efficacy through experimental evaluations on three open-source 5GC frameworks. These experiments reveal implementation-specific vulnerabilities and underscore FuzzyDoo diagnostic capabilities for root cause analysis.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111734"},"PeriodicalIF":4.6,"publicationDate":"2025-09-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145220815","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Towards trustworthy digital twins collaboration in the internet of things: An overview of essential design guidelines","authors":"Claudio Marche ,&nbsp;Michele Nitti","doi":"10.1016/j.comnet.2025.111733","DOIUrl":"10.1016/j.comnet.2025.111733","url":null,"abstract":"<div><div>The growth of the Internet of Things (IoT), characterized by billions of interconnected devices represented by Digital Twins (DTs), poses significant challenges in ensuring reliable communication. While Service Level Agreements (SLAs) and Key Performance Indicators (KPIs) offer a foundation for performance monitoring, they are insufficient in decentralized scenarios where devices frequently interact without knowing each other. In this context, Trust Management Systems (TMSs) emerge as a possible solution to support cooperation, evaluating the reliability of both data and DTs. In this context, this paper addresses the problem of trust in the IoT by modeling interactions among DTs through a game-theory approach, where each DT is seen as a game-rational player. Based on this model, we derive a set of design guidelines for the development of TMSs that consider both errors and malicious behaviours. Furthermore, we apply these guidelines to assess and compare several recognized TMSs from the literature, highlighting their strengths and limitations.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111733"},"PeriodicalIF":4.6,"publicationDate":"2025-09-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145220817","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Automatic generation of industrial internet attack graphs with graph neural networks and Bayesian models","authors":"Luyao Zhang ,&nbsp;Gaigai Tang ,&nbsp;Xin He ,&nbsp;Kaiyuan Qi ,&nbsp;Guangfeng Su ,&nbsp;Huiyun Zhang","doi":"10.1016/j.comnet.2025.111736","DOIUrl":"10.1016/j.comnet.2025.111736","url":null,"abstract":"<div><div>Industrial Internet is increasingly exposed to highly complex, heterogeneous, and multi-stage security threats, posing long-term potential risks to system security. Efficient and intelligent attack graph generation techniques are essential for accurately modeling potential attack paths and enabling visual analysis, thereby supporting proactive defense and attack attribution. However, existing methods primarily rely on static rules or expert knowledge, making them inadequate in capturing the dynamic nature, uncertainty, and complex dependencies of attack paths, and thus ineffective against emerging and sophisticated attack scenarios. To address these challenges, this paper proposes a novel automatic attack graph generation method for the Industrial Internet, termed IndustGNN-AG, which integrates Graph Neural Networks (GNNs) with Bayesian inference. The proposed method leverages the deep feature learning capability of GNNs to automatically extract network behavior features and employs Bayesian techniques to model the uncertainty of attack paths. A multi-layer graph attention mechanism is introduced to capture inter-node dependencies, and a probabilistic path estimation framework is developed by combining node-level and edge-level uncertainties, enabling a more comprehensive analysis of potential attack paths. Experimental results on three representative Industrial Internet attack datasets, namely Mirai_Botnet, SSDP Flood, and SYN DoS, demonstrate that IndustGNN-AG achieves accuracy rates of 99.40%, 100%, and 96.33%, respectively, in attack graph generation tasks. Compared with existing approaches, IndustGNN-AG exhibits significant improvements on accuracy and scalability.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111736"},"PeriodicalIF":4.6,"publicationDate":"2025-09-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145220810","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Entangled qubit pricing for quantum networks","authors":"Xiaoyu Wang ,&nbsp;Yu Jia ,&nbsp;Yangming Zhao ,&nbsp;Shouxi Luo ,&nbsp;Haoze Chen ,&nbsp;Chen Tian ,&nbsp;Dong Zhang ,&nbsp;Bingheng Yan","doi":"10.1016/j.comnet.2025.111728","DOIUrl":"10.1016/j.comnet.2025.111728","url":null,"abstract":"<div><div>In this paper, we propose an approach named Entangled quBit Pricing (EBP) to price the entangled quantum bits (called ebits) in Resources as a Service (RaaS) quantum networks. In such a quantum network, the service provider pursues the maximum payoff by setting the price of ebits over each link, based on which users decide the number of ebits to purchase such that they can obtain the maximum payoff from establishing entanglement connections (ECs). The unique feature of the routing related pricing issue in quantum networks is that a user may purchase a different number of ebits over each link along his entanglement path in order to establish one EC. By taking into consideration the interaction between the service provider and users, EBP can derive a pricing scheme such that each user will automatically choose the entanglement path and purchase ebits following the way to maximize the service provider’s payoff. Extensive simulations show that the service provider can obtain 97 % more payoff with EBP compared with simply setting higher prices to ebits that can successfully create entanglements with higher probability.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111728"},"PeriodicalIF":4.6,"publicationDate":"2025-09-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145158527","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}