Computer Networks最新文献

EPC: An ensemble packet classification framework for efficient and stable performance EPC：一个集成包分类框架，具有高效和稳定的性能

IF 4.4 2区计算机科学

Computer Networks Pub Date : 2025-04-24 DOI: 10.1016/j.comnet.2025.111306

Haiyang Ren , Shiyou Qian , Zhonglong Zheng , Jiange Zhang , Zhengyu Liao , Hanwen Hu , Jian Cao , Guangtao Xue , Minglu Li

{"title":"EPC: An ensemble packet classification framework for efficient and stable performance","authors":"Haiyang Ren , Shiyou Qian , Zhonglong Zheng , Jiange Zhang , Zhengyu Liao , Hanwen Hu , Jian Cao , Guangtao Xue , Minglu Li","doi":"10.1016/j.comnet.2025.111306","DOIUrl":"10.1016/j.comnet.2025.111306","url":null,"abstract":"<div><div>The increasing demands of emerging network applications have compelled routers to offer enhanced functions, such as traffic accounting and quality of service (QoS). These functions rely heavily on packet classification. With network transmission speeds reaching unprecedented levels, the optimization of throughput has become a common practice. One such method is the deployment of multiple algorithm replicas with the best parameter configuration for parallel packet classification. However, this solution fails to address the issue of performance fluctuations in individual specific instance of algorithm (SIA). This is because most algorithms prioritize the optimization of average lookup speed, often neglecting overall performance stability. Our evaluation of five state-of-the-art algorithms has revealed that these algorithms commonly suffer from performance fluctuations due to data skewness. To address this issue, this work proposes a novel solution called Ensemble Packet Classification (EPC) that aims to achieve efficient and stable performance. EPC leverages the principles of ensemble learning to generate an optimal combination scheme of diverse SIAs that exhibit similar performance but possess complementary characteristics. To evaluate the effectiveness of EPC, we select five state-of-the-art algorithms as baselines. The experiment results show that when augmented with EPC, the throughput of parallel solutions based on these algorithms increases by 12.07%–19.26%. Additionally, the 95th percentile of lookup time is reduced by 14.78%–26.77%. By fully harnessing the complementarity of SIAs, EPC effectively addresses the issue of long-tail while increasing throughput.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111306"},"PeriodicalIF":4.4,"publicationDate":"2025-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143870834","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A model checking-based framework for testing security properties of protocols under development 用于测试正在开发的协议的安全属性的基于模型检查的框架

IF 4.4 2区计算机科学

Computer Networks Pub Date : 2025-04-21 DOI: 10.1016/j.comnet.2025.111259

Jiangyuan Yao , Weiyang Xin , Xia Yin , Xingang Shi , Zhiliang Wang , Li Zhou , Ting Jin

{"title":"A model checking-based framework for testing security properties of protocols under development","authors":"Jiangyuan Yao , Weiyang Xin , Xia Yin , Xingang Shi , Zhiliang Wang , Li Zhou , Ting Jin","doi":"10.1016/j.comnet.2025.111259","DOIUrl":"10.1016/j.comnet.2025.111259","url":null,"abstract":"<div><div>It is important to validate the security properties of network protocols. Most validation methods either verify design models or test implementations. These two techniques are usually applied separately. For protocols under development (PUDs), which are under development and have yet to be issued as a final release, the specifications, implementations and even security properties may change. The use of verification or testing alone may not achieve satisfactory results. In this paper, we propose a security property testing framework for PUDs. Following this framework, we use several rounds of iterative validation to address changeful specifications, implementations and security properties. In each round, we combine verification and testing. We employ a model checker to facilitate verification of the design models. Then, we convert the verification results into executable test cases and test the prototype implementations. Developers can modify the specifications, implementations and security properties and subsequently perform another round of validation. Finally, they can obtain a version of the protocol that passes both verification and testing. We apply our method to two PUDs as case studies: the source address validation improvements (SAVI) and the stateful firewall application of software-defined networking (SDN). Our approach can expose vulnerabilities in different development versions. After several rounds of verification, testing and improvement, developers can release high-quality protocols.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111259"},"PeriodicalIF":4.4,"publicationDate":"2025-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143874516","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

HERO: From High-dimensional network traffic to zERO-Day attack detection 从高维网络流量到零日攻击检测

IF 4.4 2区计算机科学

Computer Networks Pub Date : 2025-04-21 DOI: 10.1016/j.comnet.2025.111264

Jesús F. Cevallos M., Alessandra Rizzardi , Sabrina Sicari , Alberto Coen-Porisini

{"title":"HERO: From High-dimensional network traffic to zERO-Day attack detection","authors":"Jesús F. Cevallos M., Alessandra Rizzardi , Sabrina Sicari , Alberto Coen-Porisini","doi":"10.1016/j.comnet.2025.111264","DOIUrl":"10.1016/j.comnet.2025.111264","url":null,"abstract":"<div><div>Recent trends in zero-day attack (ZdA) detection use <em>collective</em> anomaly detection to give insights on out-of-distribution anomalies in a <em>zero-shot</em> fashion. Among these, existing frameworks propose the use of specialised labelling strategies to mimic a step-wise abstract anomaly detection algorithm that generalise ZdA-detection over low-dimensional traffic-flow statistics. To enlarge such applicative scenarios, this paper proposes <span>hero</span>, which is compatible with <strong>H</strong>igh-dimensional raw-network traffic captures when performing z<strong>ERO</strong>-day attack detection. To reach convergence over such a high-dimensional and noisy input space, <span>hero</span> decouples the <em>representation</em> task and the correspondent gradient updates from the <em>discriminative</em> task, following the <em>neural algorithmic reasoning</em> blueprint. Specifically, a neural processor is first trained on the discriminative task using synthetic data, and the weights are then frozen. A second training phase successfully optimises the encoding and decoding networks using raw-traffic captures and the algorithmically-aligned processor. Experiments with well-known intrusion detection datasets demonstrate the crucial advantage of using a two-stage training framework to achieve convergence. To the best of the authors’ knowledge, <span>hero</span> is the first deep learning-based instrument that performs collective anomaly detection and categorisation over raw network traffic on a zero-shot basis, i.e., without using labels.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111264"},"PeriodicalIF":4.4,"publicationDate":"2025-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143864743","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Joint content popularity and audience retention-aware live streaming over RSMA edge networks 在RSMA边缘网络上联合内容流行度和观众保留意识直播

IF 4.4 2区计算机科学

Computer Networks Pub Date : 2025-04-21 DOI: 10.1016/j.comnet.2025.111301

Fayshal Ahmed , The-Vinh Nguyen , Nam-Phuong Tran , Nhu-Ngoc Dao , Sungrae Cho

{"title":"Joint content popularity and audience retention-aware live streaming over RSMA edge networks","authors":"Fayshal Ahmed , The-Vinh Nguyen , Nam-Phuong Tran , Nhu-Ngoc Dao , Sungrae Cho","doi":"10.1016/j.comnet.2025.111301","DOIUrl":"10.1016/j.comnet.2025.111301","url":null,"abstract":"<div><div>The exponential growth of high-quality live streaming services over cellular networks, particularly in heterogeneous environments facilitated by 6G, has underscored the need for novel wireless communication. To address this challenge, Rate Splitting Multiple Access (RSMA) has emerged as a promising interference management scheme in advanced cellular networks. This paper considers such a potential environment where the impacts of content popularity and audience retention are jointly investigated to maximize the average video resolution of live streaming services over RSMA edge networks. The complex problem is modeled as a Markov Decision Process and subsequently addressed using an appropriate reinforcement learning framework leveraging the Deep Deterministic Policy Gradient (DDPG) technique, named DDPG-BARMAS. Simulation results demonstrate that the proposed DDPG-BARMAS method significantly outperforms existing algorithms in terms of video resolution improvement, highlighting its potential as a robust solution for future wireless live-streaming services.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111301"},"PeriodicalIF":4.4,"publicationDate":"2025-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143860457","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

TND: Two-stage non-invasive defense of intrusion detection system from adversarial attack TND：入侵检测系统对抗攻击的两阶段非侵入性防御

IF 4.4 2区计算机科学

Computer Networks Pub Date : 2025-04-18 DOI: 10.1016/j.comnet.2025.111287

Zhichao Hu , Dewen Kong , Junzhong Miao , Qing Guo , Gang Du , Likun Liu , Lina Ma , Xiangzhan Yu

{"title":"TND: Two-stage non-invasive defense of intrusion detection system from adversarial attack","authors":"Zhichao Hu , Dewen Kong , Junzhong Miao , Qing Guo , Gang Du , Likun Liu , Lina Ma , Xiangzhan Yu","doi":"10.1016/j.comnet.2025.111287","DOIUrl":"10.1016/j.comnet.2025.111287","url":null,"abstract":"<div><div>Deep learning methods have demonstrated notable success in intrusion detection systems (IDS). However, these models exhibit inherent vulnerabilities to adversarial attacks, where minimal perturbations can cause misclassification. Current IDS implementations often lack built-in protections against such threats, creating exploitable security gaps. While existing defense approaches typically employ adversarial training or data purification to enhance robustness, they face critical limitations in online IDS scenarios: adversarial training requires computationally expensive model retraining that may degrade performance, while comprehensive data purification imposes significant resource overhead and risks misclassifying legitimate samples. To address these challenges, we propose <em>TND</em>—a novel two-stage non-invasive defense framework. <em>TND</em> first efficiently filters adversarial examples using Locality-Sensitive Hashing (LSH), then applies a contrastive learning-optimized denoising autoencoder for precise data purification. Experimental results show <em>TND</em> achieves 0.873 adversarial detection accuracy (comparable to MANDA’s 0.875) while reducing training time to just 3% of MANDA’s requirements. This yields superior operational efficiency, enabling 7% and 5% improvements in IDS classification rates on CICIDS2017 and NSL-KDD datasets respectively—without modifying the underlying IDS model. By combining low computational overhead with non-intrusive deployment, <em>TND</em> establishes a practical, scalable solution for real-world adversarial defense in IDS environments.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111287"},"PeriodicalIF":4.4,"publicationDate":"2025-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143852186","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Cross-domain trust aggregation in blockchain-based Internet of Things with dual-layer incentive mechanism 基于区块链的物联网中的跨域信任聚合与双层激励机制

IF 4.4 2区计算机科学

Computer Networks Pub Date : 2025-04-17 DOI: 10.1016/j.comnet.2025.111297

Fang Ye , Zitao Zhou , Yifan Wang , Yibing Li , Xiaoyu Geng

{"title":"Cross-domain trust aggregation in blockchain-based Internet of Things with dual-layer incentive mechanism","authors":"Fang Ye , Zitao Zhou , Yifan Wang , Yibing Li , Xiaoyu Geng","doi":"10.1016/j.comnet.2025.111297","DOIUrl":"10.1016/j.comnet.2025.111297","url":null,"abstract":"<div><div>Blockchain-based IoT (BIoT) has the potential to establish trust networks across different service domains, enabling reliable cross-domain collaboration for IoT resource exchange and driving related industries toward higher-end development. To address the scalability and cryptoeconomic security challenges of using blockchain to construct large-scale trust networks in IoT, this paper proposes a trust aggregation framework based on PoS restaking protocols, which allows sidechains to inherit and share part of the trust of the mainchain. To achieve efficient resource allocation and ensure incentive compatibility among participants in heterogeneous BIoT systems, this paper proposes a dual-layer incentive mechanism based on combinatorial contracts and multilateral auctions. Firstly, we design an independent contract-based incentive mechanism that reveals validators’ true risk preferences under asymmetric information and explores optimal reward and punishment design in the mainchain. Then, on this basis, we establish a corresponding combinatorial contract mechanism to provide optimal restaking incentives in sidechains. Secondly, we develop an auction-based incentive mechanism between the mainchain and sidechains, studying optimal strategies for allocation and payments under limited resources and uncertain sidechain demand. Additionally, to address potential collusion and cascade risks arising from increased corruption profits due to trust aggregation, we propose a reputation-based exemption mechanism to balance the benefits and risks of trust aggregation. Finally, we conduct detailed simulations to verify the feasibility and effectiveness of the proposed methods. Theoretical derivations and simulation results demonstrate that our approach can achieve mutual benefits for all parties, enhance the scalability and cryptoeconomic security of BIoT systems, promote efficient and reliable cross-domain IoT collaboration.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111297"},"PeriodicalIF":4.4,"publicationDate":"2025-04-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143864742","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Blockchain security threats: A comprehensive classification and impact assessment 区块链安全威胁：全面分类和影响评估

IF 4.4 2区计算机科学

Computer Networks Pub Date : 2025-04-17 DOI: 10.1016/j.comnet.2025.111284

Zhijun Wu, Hanwen Xu, Meng Yue, Yanrong Lu

{"title":"Blockchain security threats: A comprehensive classification and impact assessment","authors":"Zhijun Wu, Hanwen Xu, Meng Yue, Yanrong Lu","doi":"10.1016/j.comnet.2025.111284","DOIUrl":"10.1016/j.comnet.2025.111284","url":null,"abstract":"<div><div>Blockchain technology has become a key force driving social, economic, and technological progress. Its features, such as decentralization, transparency, and immutability, have demonstrated enormous application potential across various fields, including finance, healthcare, government, and the Internet of Things. However, as the application of blockchain continues to expand, associated security issues have become increasingly prominent. The unique characteristics of blockchain systems present a series of complex challenges in terms of security. To clarify the security challenges and risks of blockchain technology, this paper provides a detailed and comprehensive literature review. This paper classifies the main security threats faced by blockchain technology systematically, according to its different layers. Based on this classification, we further refine the types of attacks and summarize them. In addition, we compile and organize the impact of each attack on blockchain systems and participants, making it easier to understand the damages caused by different attacks in a more intuitive and effective way. Finally, the paper identifies future research directions in blockchain security, offering guidance for researchers interested in further exploring this field.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111284"},"PeriodicalIF":4.4,"publicationDate":"2025-04-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143852301","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

FDSS: Flight data sharing scheme based on blockchain with dynamic, secure and efficient consensus algorithm FDSS：基于区块链的飞行数据共享方案，采用动态、安全和高效的共识算法

IF 4.4 2区计算机科学

Computer Networks Pub Date : 2025-04-16 DOI: 10.1016/j.comnet.2025.111275

Feiyi Xu , Shihao Hu , Ying Sun , Xiaoxuan Hu , Jin Qi , Yanfei Sun , Zhenjiang Dong

{"title":"FDSS: Flight data sharing scheme based on blockchain with dynamic, secure and efficient consensus algorithm","authors":"Feiyi Xu , Shihao Hu , Ying Sun , Xiaoxuan Hu , Jin Qi , Yanfei Sun , Zhenjiang Dong","doi":"10.1016/j.comnet.2025.111275","DOIUrl":"10.1016/j.comnet.2025.111275","url":null,"abstract":"<div><div>As the number of data providers and the volume of data in flight data sharing networks continue to grow, achieving secure and efficient sharing of flight data across multiple institutions faces significant challenges. The phenomenon of data silos is prevalent, severely hindering the flow and utilization of information. To address these issues, this paper proposes a flight data sharing scheme (FDSS) that integrates cloud computing and blockchain. In this scheme, we propose a separation mechanism of metadata on-chain storage and entity data off-chain storage, which effectively improves the data storage efficiency. At the same time, we also offload the complex computation tasks during data access to the edge servers for processing, which realizes the refinement of data access and reduces the computation burden on the user side. Given that all information exchanges between data requesters and data owners are conducted via the blockchain, the block generation speed becomes critical to ensure the efficient operation of the scheme. To this end, we also make significant improvements to traditional consensus algorithms, aiming to comprehensively enhance the overall system efficiency. In the end, through in-depth theoretical analysis and experimental verification, the FDSS scheme demonstrates excellent performance and high feasibility, fully proving its great potential and value in the field of flight data sharing.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111275"},"PeriodicalIF":4.4,"publicationDate":"2025-04-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143845203","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Exploring the unseen: A transformer-based unknown traffic detection scheme with contextual feature representation 探索未知：基于变换器的未知流量检测方案与上下文特征表征

IF 4.4 2区计算机科学

Computer Networks Pub Date : 2025-04-15 DOI: 10.1016/j.comnet.2025.111286

Yongseok Kwon , Seyoung Ahn , Minho Cho , Yushin Kim , Soohyeong Kim , Sunghyun Cho

{"title":"Exploring the unseen: A transformer-based unknown traffic detection scheme with contextual feature representation","authors":"Yongseok Kwon , Seyoung Ahn , Minho Cho , Yushin Kim , Soohyeong Kim , Sunghyun Cho","doi":"10.1016/j.comnet.2025.111286","DOIUrl":"10.1016/j.comnet.2025.111286","url":null,"abstract":"<div><div>Network traffic classification is vital for ensuring security, guaranteeing quality of service (QoS), and optimizing performance. Accurate classification of network traffic, particularly the detection of unknown traffic, becomes increasingly challenging in modern environments characterized by encrypted and dynamic traffic patterns. In this study, we propose a novel framework designed to address these challenges. The proposed method employs a bidirectional encoder representations from transformers (BERT)-based feature extraction model to capture contextual and discriminative features from packet bytes in traffic, followed by a feature verification model that computes similarity scores between packet classes to enable precise traffic classification. Even in dynamic situations where the unknown traffic ratio varies, our proposed adaptive algorithm can effectively detect unknown traffic by leveraging these similarity scores. We conduct extensive experiments on two benchmark datasets across various unknown traffic ratios and demonstrate that the proposed method outperforms state-of-the-art methods by a minimum of 4.55%p and a maximum of 32.04%p improvement in overall accuracy.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111286"},"PeriodicalIF":4.4,"publicationDate":"2025-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143845205","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Snowflakes: Efficient schemes for source location privacy in Wireless Sensor Networks 雪花：无线传感器网络中有效的源位置隐私方案

IF 4.4 2区计算机科学

Computer Networks Pub Date : 2025-04-15 DOI: 10.1016/j.comnet.2025.111277

Sain Saginbekov , Dossay Oryspayev

引用次数: 0