Computer NetworksPub Date : 2025-04-24DOI: 10.1016/j.comnet.2025.111306
Haiyang Ren , Shiyou Qian , Zhonglong Zheng , Jiange Zhang , Zhengyu Liao , Hanwen Hu , Jian Cao , Guangtao Xue , Minglu Li
{"title":"EPC: An ensemble packet classification framework for efficient and stable performance","authors":"Haiyang Ren , Shiyou Qian , Zhonglong Zheng , Jiange Zhang , Zhengyu Liao , Hanwen Hu , Jian Cao , Guangtao Xue , Minglu Li","doi":"10.1016/j.comnet.2025.111306","DOIUrl":"10.1016/j.comnet.2025.111306","url":null,"abstract":"<div><div>The increasing demands of emerging network applications have compelled routers to offer enhanced functions, such as traffic accounting and quality of service (QoS). These functions rely heavily on packet classification. With network transmission speeds reaching unprecedented levels, the optimization of throughput has become a common practice. One such method is the deployment of multiple algorithm replicas with the best parameter configuration for parallel packet classification. However, this solution fails to address the issue of performance fluctuations in individual specific instance of algorithm (SIA). This is because most algorithms prioritize the optimization of average lookup speed, often neglecting overall performance stability. Our evaluation of five state-of-the-art algorithms has revealed that these algorithms commonly suffer from performance fluctuations due to data skewness. To address this issue, this work proposes a novel solution called Ensemble Packet Classification (EPC) that aims to achieve efficient and stable performance. EPC leverages the principles of ensemble learning to generate an optimal combination scheme of diverse SIAs that exhibit similar performance but possess complementary characteristics. To evaluate the effectiveness of EPC, we select five state-of-the-art algorithms as baselines. The experiment results show that when augmented with EPC, the throughput of parallel solutions based on these algorithms increases by 12.07%–19.26%. Additionally, the 95th percentile of lookup time is reduced by 14.78%–26.77%. By fully harnessing the complementarity of SIAs, EPC effectively addresses the issue of long-tail while increasing throughput.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111306"},"PeriodicalIF":4.4,"publicationDate":"2025-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143870834","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-04-21DOI: 10.1016/j.comnet.2025.111259
Jiangyuan Yao , Weiyang Xin , Xia Yin , Xingang Shi , Zhiliang Wang , Li Zhou , Ting Jin
{"title":"A model checking-based framework for testing security properties of protocols under development","authors":"Jiangyuan Yao , Weiyang Xin , Xia Yin , Xingang Shi , Zhiliang Wang , Li Zhou , Ting Jin","doi":"10.1016/j.comnet.2025.111259","DOIUrl":"10.1016/j.comnet.2025.111259","url":null,"abstract":"<div><div>It is important to validate the security properties of network protocols. Most validation methods either verify design models or test implementations. These two techniques are usually applied separately. For protocols under development (PUDs), which are under development and have yet to be issued as a final release, the specifications, implementations and even security properties may change. The use of verification or testing alone may not achieve satisfactory results. In this paper, we propose a security property testing framework for PUDs. Following this framework, we use several rounds of iterative validation to address changeful specifications, implementations and security properties. In each round, we combine verification and testing. We employ a model checker to facilitate verification of the design models. Then, we convert the verification results into executable test cases and test the prototype implementations. Developers can modify the specifications, implementations and security properties and subsequently perform another round of validation. Finally, they can obtain a version of the protocol that passes both verification and testing. We apply our method to two PUDs as case studies: the source address validation improvements (SAVI) and the stateful firewall application of software-defined networking (SDN). Our approach can expose vulnerabilities in different development versions. After several rounds of verification, testing and improvement, developers can release high-quality protocols.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111259"},"PeriodicalIF":4.4,"publicationDate":"2025-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143874516","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-04-21DOI: 10.1016/j.comnet.2025.111264
Jesús F. Cevallos M., Alessandra Rizzardi , Sabrina Sicari , Alberto Coen-Porisini
{"title":"HERO: From High-dimensional network traffic to zERO-Day attack detection","authors":"Jesús F. Cevallos M., Alessandra Rizzardi , Sabrina Sicari , Alberto Coen-Porisini","doi":"10.1016/j.comnet.2025.111264","DOIUrl":"10.1016/j.comnet.2025.111264","url":null,"abstract":"<div><div>Recent trends in zero-day attack (ZdA) detection use <em>collective</em> anomaly detection to give insights on out-of-distribution anomalies in a <em>zero-shot</em> fashion. Among these, existing frameworks propose the use of specialised labelling strategies to mimic a step-wise abstract anomaly detection algorithm that generalise ZdA-detection over low-dimensional traffic-flow statistics. To enlarge such applicative scenarios, this paper proposes <span>hero</span>, which is compatible with <strong>H</strong>igh-dimensional raw-network traffic captures when performing z<strong>ERO</strong>-day attack detection. To reach convergence over such a high-dimensional and noisy input space, <span>hero</span> decouples the <em>representation</em> task and the correspondent gradient updates from the <em>discriminative</em> task, following the <em>neural algorithmic reasoning</em> blueprint. Specifically, a neural processor is first trained on the discriminative task using synthetic data, and the weights are then frozen. A second training phase successfully optimises the encoding and decoding networks using raw-traffic captures and the algorithmically-aligned processor. Experiments with well-known intrusion detection datasets demonstrate the crucial advantage of using a two-stage training framework to achieve convergence. To the best of the authors’ knowledge, <span>hero</span> is the first deep learning-based instrument that performs collective anomaly detection and categorisation over raw network traffic on a zero-shot basis, i.e., without using labels.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111264"},"PeriodicalIF":4.4,"publicationDate":"2025-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143864743","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-04-21DOI: 10.1016/j.comnet.2025.111301
Fayshal Ahmed , The-Vinh Nguyen , Nam-Phuong Tran , Nhu-Ngoc Dao , Sungrae Cho
{"title":"Joint content popularity and audience retention-aware live streaming over RSMA edge networks","authors":"Fayshal Ahmed , The-Vinh Nguyen , Nam-Phuong Tran , Nhu-Ngoc Dao , Sungrae Cho","doi":"10.1016/j.comnet.2025.111301","DOIUrl":"10.1016/j.comnet.2025.111301","url":null,"abstract":"<div><div>The exponential growth of high-quality live streaming services over cellular networks, particularly in heterogeneous environments facilitated by 6G, has underscored the need for novel wireless communication. To address this challenge, Rate Splitting Multiple Access (RSMA) has emerged as a promising interference management scheme in advanced cellular networks. This paper considers such a potential environment where the impacts of content popularity and audience retention are jointly investigated to maximize the average video resolution of live streaming services over RSMA edge networks. The complex problem is modeled as a Markov Decision Process and subsequently addressed using an appropriate reinforcement learning framework leveraging the Deep Deterministic Policy Gradient (DDPG) technique, named DDPG-BARMAS. Simulation results demonstrate that the proposed DDPG-BARMAS method significantly outperforms existing algorithms in terms of video resolution improvement, highlighting its potential as a robust solution for future wireless live-streaming services.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111301"},"PeriodicalIF":4.4,"publicationDate":"2025-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143860457","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-04-18DOI: 10.1016/j.comnet.2025.111287
Zhichao Hu , Dewen Kong , Junzhong Miao , Qing Guo , Gang Du , Likun Liu , Lina Ma , Xiangzhan Yu
{"title":"TND: Two-stage non-invasive defense of intrusion detection system from adversarial attack","authors":"Zhichao Hu , Dewen Kong , Junzhong Miao , Qing Guo , Gang Du , Likun Liu , Lina Ma , Xiangzhan Yu","doi":"10.1016/j.comnet.2025.111287","DOIUrl":"10.1016/j.comnet.2025.111287","url":null,"abstract":"<div><div>Deep learning methods have demonstrated notable success in intrusion detection systems (IDS). However, these models exhibit inherent vulnerabilities to adversarial attacks, where minimal perturbations can cause misclassification. Current IDS implementations often lack built-in protections against such threats, creating exploitable security gaps. While existing defense approaches typically employ adversarial training or data purification to enhance robustness, they face critical limitations in online IDS scenarios: adversarial training requires computationally expensive model retraining that may degrade performance, while comprehensive data purification imposes significant resource overhead and risks misclassifying legitimate samples. To address these challenges, we propose <em>TND</em>—a novel two-stage non-invasive defense framework. <em>TND</em> first efficiently filters adversarial examples using Locality-Sensitive Hashing (LSH), then applies a contrastive learning-optimized denoising autoencoder for precise data purification. Experimental results show <em>TND</em> achieves 0.873 adversarial detection accuracy (comparable to MANDA’s 0.875) while reducing training time to just 3% of MANDA’s requirements. This yields superior operational efficiency, enabling 7% and 5% improvements in IDS classification rates on CICIDS2017 and NSL-KDD datasets respectively—without modifying the underlying IDS model. By combining low computational overhead with non-intrusive deployment, <em>TND</em> establishes a practical, scalable solution for real-world adversarial defense in IDS environments.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111287"},"PeriodicalIF":4.4,"publicationDate":"2025-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143852186","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-04-17DOI: 10.1016/j.comnet.2025.111297
Fang Ye , Zitao Zhou , Yifan Wang , Yibing Li , Xiaoyu Geng
{"title":"Cross-domain trust aggregation in blockchain-based Internet of Things with dual-layer incentive mechanism","authors":"Fang Ye , Zitao Zhou , Yifan Wang , Yibing Li , Xiaoyu Geng","doi":"10.1016/j.comnet.2025.111297","DOIUrl":"10.1016/j.comnet.2025.111297","url":null,"abstract":"<div><div>Blockchain-based IoT (BIoT) has the potential to establish trust networks across different service domains, enabling reliable cross-domain collaboration for IoT resource exchange and driving related industries toward higher-end development. To address the scalability and cryptoeconomic security challenges of using blockchain to construct large-scale trust networks in IoT, this paper proposes a trust aggregation framework based on PoS restaking protocols, which allows sidechains to inherit and share part of the trust of the mainchain. To achieve efficient resource allocation and ensure incentive compatibility among participants in heterogeneous BIoT systems, this paper proposes a dual-layer incentive mechanism based on combinatorial contracts and multilateral auctions. Firstly, we design an independent contract-based incentive mechanism that reveals validators’ true risk preferences under asymmetric information and explores optimal reward and punishment design in the mainchain. Then, on this basis, we establish a corresponding combinatorial contract mechanism to provide optimal restaking incentives in sidechains. Secondly, we develop an auction-based incentive mechanism between the mainchain and sidechains, studying optimal strategies for allocation and payments under limited resources and uncertain sidechain demand. Additionally, to address potential collusion and cascade risks arising from increased corruption profits due to trust aggregation, we propose a reputation-based exemption mechanism to balance the benefits and risks of trust aggregation. Finally, we conduct detailed simulations to verify the feasibility and effectiveness of the proposed methods. Theoretical derivations and simulation results demonstrate that our approach can achieve mutual benefits for all parties, enhance the scalability and cryptoeconomic security of BIoT systems, promote efficient and reliable cross-domain IoT collaboration.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111297"},"PeriodicalIF":4.4,"publicationDate":"2025-04-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143864742","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-04-17DOI: 10.1016/j.comnet.2025.111284
Zhijun Wu, Hanwen Xu, Meng Yue, Yanrong Lu
{"title":"Blockchain security threats: A comprehensive classification and impact assessment","authors":"Zhijun Wu, Hanwen Xu, Meng Yue, Yanrong Lu","doi":"10.1016/j.comnet.2025.111284","DOIUrl":"10.1016/j.comnet.2025.111284","url":null,"abstract":"<div><div>Blockchain technology has become a key force driving social, economic, and technological progress. Its features, such as decentralization, transparency, and immutability, have demonstrated enormous application potential across various fields, including finance, healthcare, government, and the Internet of Things. However, as the application of blockchain continues to expand, associated security issues have become increasingly prominent. The unique characteristics of blockchain systems present a series of complex challenges in terms of security. To clarify the security challenges and risks of blockchain technology, this paper provides a detailed and comprehensive literature review. This paper classifies the main security threats faced by blockchain technology systematically, according to its different layers. Based on this classification, we further refine the types of attacks and summarize them. In addition, we compile and organize the impact of each attack on blockchain systems and participants, making it easier to understand the damages caused by different attacks in a more intuitive and effective way. Finally, the paper identifies future research directions in blockchain security, offering guidance for researchers interested in further exploring this field.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111284"},"PeriodicalIF":4.4,"publicationDate":"2025-04-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143852301","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-04-16DOI: 10.1016/j.comnet.2025.111275
Feiyi Xu , Shihao Hu , Ying Sun , Xiaoxuan Hu , Jin Qi , Yanfei Sun , Zhenjiang Dong
{"title":"FDSS: Flight data sharing scheme based on blockchain with dynamic, secure and efficient consensus algorithm","authors":"Feiyi Xu , Shihao Hu , Ying Sun , Xiaoxuan Hu , Jin Qi , Yanfei Sun , Zhenjiang Dong","doi":"10.1016/j.comnet.2025.111275","DOIUrl":"10.1016/j.comnet.2025.111275","url":null,"abstract":"<div><div>As the number of data providers and the volume of data in flight data sharing networks continue to grow, achieving secure and efficient sharing of flight data across multiple institutions faces significant challenges. The phenomenon of data silos is prevalent, severely hindering the flow and utilization of information. To address these issues, this paper proposes a flight data sharing scheme (FDSS) that integrates cloud computing and blockchain. In this scheme, we propose a separation mechanism of metadata on-chain storage and entity data off-chain storage, which effectively improves the data storage efficiency. At the same time, we also offload the complex computation tasks during data access to the edge servers for processing, which realizes the refinement of data access and reduces the computation burden on the user side. Given that all information exchanges between data requesters and data owners are conducted via the blockchain, the block generation speed becomes critical to ensure the efficient operation of the scheme. To this end, we also make significant improvements to traditional consensus algorithms, aiming to comprehensively enhance the overall system efficiency. In the end, through in-depth theoretical analysis and experimental verification, the FDSS scheme demonstrates excellent performance and high feasibility, fully proving its great potential and value in the field of flight data sharing.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111275"},"PeriodicalIF":4.4,"publicationDate":"2025-04-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143845203","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-04-15DOI: 10.1016/j.comnet.2025.111286
Yongseok Kwon , Seyoung Ahn , Minho Cho , Yushin Kim , Soohyeong Kim , Sunghyun Cho
{"title":"Exploring the unseen: A transformer-based unknown traffic detection scheme with contextual feature representation","authors":"Yongseok Kwon , Seyoung Ahn , Minho Cho , Yushin Kim , Soohyeong Kim , Sunghyun Cho","doi":"10.1016/j.comnet.2025.111286","DOIUrl":"10.1016/j.comnet.2025.111286","url":null,"abstract":"<div><div>Network traffic classification is vital for ensuring security, guaranteeing quality of service (QoS), and optimizing performance. Accurate classification of network traffic, particularly the detection of unknown traffic, becomes increasingly challenging in modern environments characterized by encrypted and dynamic traffic patterns. In this study, we propose a novel framework designed to address these challenges. The proposed method employs a bidirectional encoder representations from transformers (BERT)-based feature extraction model to capture contextual and discriminative features from packet bytes in traffic, followed by a feature verification model that computes similarity scores between packet classes to enable precise traffic classification. Even in dynamic situations where the unknown traffic ratio varies, our proposed adaptive algorithm can effectively detect unknown traffic by leveraging these similarity scores. We conduct extensive experiments on two benchmark datasets across various unknown traffic ratios and demonstrate that the proposed method outperforms state-of-the-art methods by a minimum of 4.55%p and a maximum of 32.04%p improvement in overall accuracy.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111286"},"PeriodicalIF":4.4,"publicationDate":"2025-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143845205","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-04-15DOI: 10.1016/j.comnet.2025.111277
Sain Saginbekov , Dossay Oryspayev
{"title":"Snowflakes: Efficient schemes for source location privacy in Wireless Sensor Networks","authors":"Sain Saginbekov , Dossay Oryspayev","doi":"10.1016/j.comnet.2025.111277","DOIUrl":"10.1016/j.comnet.2025.111277","url":null,"abstract":"<div><div>A Wireless Sensor Network (WSN) can be used in various applications such as asset monitoring, where the location privacy of the asset is of paramount importance. If such applications do not use a scheme that protects the nodes’ location privacy, an adversary may easily locate the monitored asset. In this paper, we propose two schemes that protect the location privacy of assets from a global adversary. Both schemes are adaptive, energy-efficient, and delay-efficient. The first scheme, called Snowflake, divides the nodes into two types. The first type of nodes transmit packets frequently while the second type of nodes transmit packets less frequently. This approach allows us to improve the performance of the scheme. The second scheme, called Snowflake-S, divides the network area into sectors to reduce the packet overhead further. The simulation results show that our schemes outperform an existing algorithm.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111277"},"PeriodicalIF":4.4,"publicationDate":"2025-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143855803","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}