Computer Networks最新文献

{"title":"vClos: Network contention aware scheduling for distributed machine learning tasks in multi-tenant GPU clusters","authors":"Xinchi Han ,&nbsp;Shizhen Zhao ,&nbsp;Yongxi Lv ,&nbsp;Peirui Cao ,&nbsp;Weihao Jiang ,&nbsp;Qinwei Yang ,&nbsp;Yunzhuo Liu ,&nbsp;Shengkai Lin ,&nbsp;Bo Jiang ,&nbsp;Ximeng Liu ,&nbsp;Yong Cui ,&nbsp;Chenghu Zhou ,&nbsp;Xinbing Wang","doi":"10.1016/j.comnet.2025.111285","DOIUrl":"10.1016/j.comnet.2025.111285","url":null,"abstract":"<div><div>Distributed machine learning (DML) technology enables training large neural networks in reasonable time. However, with computing power growing faster than network capacity, network communication becomes the DML training bottleneck. Current multi-tenant GPU clusters suffer network contention due to hash-collision, which not only increases the overhead of communication but also will increase the waiting time of users. This paper analyzes how network contention slows training throughput and summarizes training traffic patterns as a <span><math><mi>P</mi></math></span>-incast-free Pattern. We propose a <em>Balanced Routing</em> which leverages training traffic patterns to reduce contention. Furthermore, we introduce <em>vClos</em> to handle contention through jointly considering topology, routing, communication pattern, and GPU assignment. Evaluations via testbed experiments and real-trace-based simulations show <em>vClos</em> reduces average job completion time up to 67.6% compared to ECMP in heavy workloads.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"268 ","pages":"Article 111285"},"PeriodicalIF":4.4,"publicationDate":"2025-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144195841","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"RLFE-IDS: A framework of Intrusion Detection System based on Retrieval Augmented Generation and Large Language Model","authors":"Xuewei Li ,&nbsp;Zengyang Zheng ,&nbsp;Mankun Zhao ,&nbsp;Yue Zhao ,&nbsp;Lifeng Shi ,&nbsp;Baoliang Wang","doi":"10.1016/j.comnet.2025.111341","DOIUrl":"10.1016/j.comnet.2025.111341","url":null,"abstract":"<div><div>Intrusion Detection Systems (IDS) play a critical role in network security as a key defense measure, often struggle to effectively handle unknown attacks or variations of known attacks. This challenge is exacerbated by the poor generalization of deep learning models. To enhance the adaptability of IDS, this article introduces an innovative framework called LLM-IDS, which explores the feasibility of leveraging Large Language Model (LLMs) for intrusion detection, due to its strong generalization capabilities. However, there is a significant difficulty in deploying LLMs. Moreover, since most LLMs are primarily designed for Natural Language Processing (NLP) tasks, significant differences arise when naively adapting them to intrusion detection tasks. To address them, this article introduces a novel framework called RLFE-IDS, comprising two key modules: Retrieval-Augmented Generation (RAG) and an embedding model called FE-Net. RAG employs a vector database to store network data alongside their corresponding vector representations. Based on the RAG framework, LLMs can be directly called through an Application Programming Interface (API), alleviating the difficulties in its deployment. The embedding model FE-Net, bridges the semantic gap between text data and network data. Upon receiving new network data, RLFE-IDS employs RAG to query the database for the most relevant network data, which is then fed into the LLM to classify. This article validates approach through experiments on four datasets, and deploys RLFE-IDS into the real network environment. Experiments show that the optimal accuracy of LLM-IDS is 99.36%, and that of RLFE-Net is 98.56%. The results demonstrate not only the feasibility of applying LLMs to intrusion detection, but also the robustness and superior performance of RLFE-IDS.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"268 ","pages":"Article 111341"},"PeriodicalIF":4.4,"publicationDate":"2025-05-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144139222","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Vehicular Cloud Computing: A cost-effective alternative to Edge Computing in 5G networks","authors":"Rosario Patanè ,&nbsp;Nadjib Achir ,&nbsp;Andrea Araldo ,&nbsp;Lila Boukhatem","doi":"10.1016/j.comnet.2025.111365","DOIUrl":"10.1016/j.comnet.2025.111365","url":null,"abstract":"<div><div>Edge Computing (EC) is a computational paradigm that involves deploying resources such as CPUs and GPUs near end-users, enabling low-latency applications like augmented reality and real-time gaming. However, deploying and maintaining a vast network of EC nodes is costly, which can explain its limited deployment today. A new paradigm called Vehicular Cloud Computing (VCC) has emerged and inspired interest among researchers and industry. VCC opportunistically utilizes existing and idle vehicular computational resources for external task offloading.</div><div>This work is the first to systematically address the following question: <em>Can VCC replace EC for low-latency applications?</em> Answering this question is highly relevant for Network Operators (NOs), as VCC could eliminate costs associated with EC given that it requires no infrastructural investment. Despite its potential, no systematic study has yet explored the conditions under which VCC can effectively support low-latency applications without relying on EC. This work aims to fill that gap.</div><div>Extensive simulations allow for assessing the crucial scenario factors that determine when this EC-to-VCC substitution is feasible. Considered factors are load, vehicles mobility and density, and availability. Potential for substitution is assessed based on multiple criteria, such as latency, task completion success, and cost. Vehicle mobility is simulated in SUMO, and communication in NS3 5G-LENA. The findings show that VCC can effectively replace EC for low-latency applications, except in extreme cases when the EC is still required (latency <span><math><mrow><mo>&lt;</mo><mn>16</mn><mspace></mspace><mi>ms</mi></mrow></math></span>).</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"268 ","pages":"Article 111365"},"PeriodicalIF":4.4,"publicationDate":"2025-05-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144168728","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Adaptive traffic engineering with segment routing through deep reinforcement learning","authors":"Ying Tian ,&nbsp;Zhiliang Wang ,&nbsp;Xia Yin ,&nbsp;Xingang Shi ,&nbsp;Jiahai Yang ,&nbsp;Han Zhang","doi":"10.1016/j.comnet.2025.111356","DOIUrl":"10.1016/j.comnet.2025.111356","url":null,"abstract":"<div><div>Segment Routing (SR) is a source routing technique that has been widely used in Traffic Engineering (TE) because of its scalability and flexibility. Despite extensive research on Traffic Engineering with Segment Routing (SR-TE) in recent years, online SR-TE still encounters challenges such as the absence of real-time traffic matrices (TMs), slow online decision speed, and unsatisfactory TE performance. Although TE with Reinforcement Learning (RL) may obviate the need for real-time TMs in online TE, existing studies struggle to handle the vast number of candidate routing plans introduced by SR-TE, as well as have significant training overhead. In this paper, we propose an online adaptive SR-TE algorithm named Adpt-SRTE. With the help of deep reinforcement learning (DRL), Adpt-SRTE is first trained with pre-collected historical TMs, and then provides SR routing configuration for new TMs online when only real-time link utilization is known. To deal with the massive number of candidate routing plans, Adpt-SRTE strategically combines the Proximal Policy Optimization (PPO) algorithm with action branching architecture. Besides, appropriate training methods are used to improve TE performance and reduce training overhead. Experimental results demonstrate that Adpt-SRTE can achieve good TE performance for both short and long time scale up to weeks, reducing the maximum link utilization by up to 33%. Besides, it has low offline training overhead, short online decision time and low path configuration overhead.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"267 ","pages":"Article 111356"},"PeriodicalIF":4.4,"publicationDate":"2025-05-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144116749","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Joint routing, band, and spectrum assignment in C+L band elastic optical networks towards ultra-broadband era","authors":"Weichang Zheng ,&nbsp;Mingcong Yang ,&nbsp;Yu Zheng ,&nbsp;Yongbing Zhang ,&nbsp;Kun Yang","doi":"10.1016/j.comnet.2025.111373","DOIUrl":"10.1016/j.comnet.2025.111373","url":null,"abstract":"<div><div>The rapid growth in Internet traffic is pushing single-fiber capacity closer to its Shannon limit, highlighting the need for advancements in optical communication technologies. Elastic Optical Networks (EONs) have emerged as a promising solution to improve spectral efficiency. Another method to expand capacity is by using both C and L bands, instead of relying solely on the C band, thereby expanding the available spectrum. However, the introduction of new transmission technologies and the expansion of spectrum resources necessitate operators to re-plan networks in a cost-effective manner. In this paper, we propose a two-layer network architecture that separates the C-band and L-band. Given that the optical parameters of these bands differ, it becomes essential to allocate routing and resources dynamically based on varying traffic demands. We define this problem as the Routing, Band, and Spectrum Assignment (RBSA) problem and prove its NP-hardness. To address it, we introduce an Integer Linear Programming (ILP) model aimed at minimizing capital expenditure (CAPEX), along with a heuristic algorithm for large-scale instances. Simulation experiments using different sizes of service request matrices on two network topologies demonstrate the effectiveness of both the ILP model and the heuristic algorithm. To the best of our knowledge, this is the first work that addresses the RBSA problem in C+L band EONs.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"267 ","pages":"Article 111373"},"PeriodicalIF":4.4,"publicationDate":"2025-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144107451","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Improving the performance of Dragonfly networks through restrictive Proxy routing strategies","authors":"Javier Navaridas,&nbsp;Jose A. Pascual","doi":"10.1016/j.comnet.2025.111334","DOIUrl":"10.1016/j.comnet.2025.111334","url":null,"abstract":"<div><div>Dragonfly has become the network of choice for large-scale high-performance computing systems and, indeed, it dominates the top positions of supercomputer rankings. The reason for this is that it offers a sweet spot in terms of cost, simplicity, performance, fault-tolerance and power consumption. In this work, we propose a collection of routing strategies which restrict proxies to be adjacent to either the local or the remote router. This way, it features shorter paths than the standard Valiant routing. We carry out an extensive simulation-based evaluation to assess their performance. Our experiments found latency reductions of up to 76% and throughput improvements of up to 26% when compared with standard Valiant routing when using synthetic traffic from independent sources at different scales. Furthermore, when using realistic application-inspired workloads, we found the strategies required between 5% and 20% less time to perform communications. In general, we observe that selecting proxies that are adjacent to the sender is more beneficial than those adjacent to the destination because the latter tends to generate backpressure in the last level of the interconnect. Interestingly, we found that the most restrictive proxy routing strategies obtain the best results in all scenarios and show that counterintuitively, the lower the path diversity, the more balanced the use of network resources. Our study includes investigating the interplay between routing and Dragonfly parameters and provide optimal parameters for proxy-based routing algorithms. Finally, we discuss some practical considerations related to the deployment of our strategies.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"267 ","pages":"Article 111334"},"PeriodicalIF":4.4,"publicationDate":"2025-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144116177","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Hybrid Quantum-Safe integration of TLS in SDN networks","authors":"Jaime S. Buruaga ,&nbsp;Ruben B. Méndez ,&nbsp;Juan P. Brito ,&nbsp;Vicente Martin","doi":"10.1016/j.comnet.2025.111355","DOIUrl":"10.1016/j.comnet.2025.111355","url":null,"abstract":"<div><div>Shor’s algorithm efficiently solves factoring and discrete logarithm problems using quantum computers, compromising all public key schemes used today. Algorithms such as RSA, DHKE, and ECC will not work in a world with quantum computers, since they can easily invert the functions that provide their computational strength in the classical world. These schemes rely on assumptions on their computational complexity, which quantum computers can easily bypass. The solutions have to come from new algorithms – called Post-Quantum Cryptography (PQC) – or from new methods, such as Quantum Key Distribution (QKD). The former replicate the computational security ideas of classical public key algorithms, while the latter recurs to use the quantum properties of nature, which also brings a mathematical security proof, potentially offering Information-Theoretic Security. To secure data in the future, we must adopt these paradigms. With the speed of quantum computing advancements, the transition to quantum-safe cryptography within the next decade is critical. Delays could expose long-lived confidential data, as current encryption may be broken before its value expires. However, the shift must balance the adoption of new technologies with maintaining proven systems to protect against present and future threats. In this work, we have selected Transport Layer Security (TLS), one of the most widely used protocols, as the foundation to hybridize classical, quantum, and post-quantum cryptography in a way suitable for broad adoption in Software-Defined Networking (SDN), the most flexible networking paradigm that has been used to deploy integrated quantum–classical networks. To this end, we use standards for QKD key extraction and SDN integration. The purposed implementation is based on the latest version of TLS (1.3) and demonstrates advanced capabilities such as rekeying and key transport across a large QKD network, while supporting crypto-agility and maintaining backward compatibility through the use of ciphersuites. The performance of this approach has been demonstrated using a deployed production infrastructure.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"267 ","pages":"Article 111355"},"PeriodicalIF":4.4,"publicationDate":"2025-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144107452","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"O-JRC: An open source software platform for mmWave Joint Radar-Communication development and experimentation","authors":"Xin Liu ,&nbsp;Haocheng Zhu ,&nbsp;Eylem Ekici","doi":"10.1016/j.comnet.2025.111337","DOIUrl":"10.1016/j.comnet.2025.111337","url":null,"abstract":"<div><div>Integrated Sensing and Communication (ISAC) systems unify sensing and communication functionalities on a single platform, opening avenues for innovative solutions in the mmWave spectrum. Joint Radar-Communication (JRC) represents one promising approach to realizing ISAC by integrating radar and communication functionalities on a single platform. The development of ISAC systems demands flexibility in both hardware and software to accommodate diverse experimental needs. However, existing Software-Defined Radio (SDR)-based platforms for ISAC often face limitations stemming from rigid hardware configurations and algorithmic constraints tied to SDR architectures. In this work, we present an open-source ISAC software platform, O-JRC, specifically designed to enable efficient development of experimental ISAC systems and validation of advanced algorithms under complex scenarios. A core feature of O-JRC is its layered and modular architecture, which disaggregates control logic from signal processing, facilitating seamless integration of advanced control algorithms developed in efficient programming languages. This modularity enhances development flexibility, enabling independent testing of various configurations without requiring code modifications, while also simplifying the evaluation of diverse algorithms. To demonstrate O-JRC’s versatility, we implemented and tested two fundamentally different machine learning algorithms on a fully-digital 4x2 MIMO ISAC experimental platform operating at 24 GHz with a 200 MHz bandwidth: a Convolutional Neural Network (CNN)-based control algorithm and a Multi-Armed Bandit (MAB)-based reinforcement learning algorithm. These implementations highlight O-JRC’s capability to support the development and experimentation of a wide range of control strategies. Comprehensive testing validated O-JRC’s performance, underscoring its potential to drive innovation in the ISAC field <span><span>¹</span></span>.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"268 ","pages":"Article 111337"},"PeriodicalIF":4.4,"publicationDate":"2025-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144190054","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Improving communication performance of Federated Learning: A networking perspective","authors":"Marica Amadeo ,&nbsp;Claudia Campolo ,&nbsp;Giuseppe Ruggeri ,&nbsp;Antonella Molinaro","doi":"10.1016/j.comnet.2025.111353","DOIUrl":"10.1016/j.comnet.2025.111353","url":null,"abstract":"<div><div>Federated Learning (FL) is gaining momentum as a promising solution to enable the efficient and privacy-preserving distributed training of Machine Learning (ML) models. Unlike centralized ML solutions, only the ML model and its updates are transferred between the clients and the aggregator server, eliminating the need to share large datasets. Notwithstanding, poor connectivity conditions experienced over the path that interconnects the FL clients and the aggregator server, either due to (wireless) channel losses or congestion, may deteriorate the training convergence. Several methods have been devised to reduce the training duration, primarily by minimizing data transfer through the design of ML algorithms at the application level. However, these solutions still exhibit unsettled issues, as they may only reduce the communication footprint but do not improve the communication process as a whole. Differently, in this work, our aim is to improve FL data exchange from a networking perspective by promoting Information Centric Networking (ICN) approaches rather than host-centric TCP/IP-based solutions. To this aim, we analyze the impact that host-centric transport protocols as well as ICN approaches have on the FL performance, in terms of duration of the model training and exchanged data (model and updates) load, under different channel loss settings. We show that ICN-based FL solutions significantly reduce the network data load and decrease the duration of the training round by up to an order of magnitude for high channel loss rates.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"267 ","pages":"Article 111353"},"PeriodicalIF":4.4,"publicationDate":"2025-05-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144107450","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"P4-Assisted Slowloris DDoS attack detection in IoT environments by using ML and DL","authors":"Erick D. Ramirez-Martinez ,&nbsp;Jesús A. Pérez-Díaz ,&nbsp;Noe M. Yungaicela-Naula","doi":"10.1016/j.comnet.2025.111364","DOIUrl":"10.1016/j.comnet.2025.111364","url":null,"abstract":"<div><div>Distributed denial of service (DDoS) attacks and their more sophisticated slow-rate variants continue to pose a major threat to next-generation networks, such as internet of things (IoT). Due to their limited computational and storage capacities, IoT devices often lack adequate security protections, leaving them vulnerable. Cybercriminals have exploited this problem to create botnets, which are then used to target vital infrastructures. Recent studies have employed Software-Defined Networking (SDN) and machine learning (ML) to autonomously identify slow-rate DDoS attacks. However, because recent works employ a centralized SDN controller, this strategy causes overload as the network size increases. To reduce the workload on the SDN controller, we propose a Programming Protocol-Independent Packet Processors (P4)-based framework that uses ML or deep learning (DL) to detect and mitigate Slowloris DDoS attacks in IoT networks. Our framework employs P4 programmable switches to collect network traffic characteristics and forward them to an intrusion detection system (IDS) for attack detection. We evaluated the framework using Mininet and BMv2 switches, demonstrating that it can detect Slowloris DDoS attacks with up to 98% accuracy using either of the following models: random forest (RF), k-nearest neighbor (KNN), decision tree (DT), long-short-term memory (LSTM) neural network, convolutional neural network (CNN), gated recurrent (GRU) neural network, and multi-layer perceptron (MLP) models. Mitigation is achieved by modifying the match action tables of the switches to block attacker IPs based on IDS results.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"267 ","pages":"Article 111364"},"PeriodicalIF":4.4,"publicationDate":"2025-05-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144116750","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}