Computer Networks最新文献_第3页

Sparsity-resilient QoS prediction via ε-DP enhanced subgraph-inductive GNNs in internet of services 基于ε-DP增强子图感应gnn的服务网络稀疏弹性QoS预测

IF 4.6 2区计算机科学

Computer Networks Pub Date : 2026-04-01 Epub Date: 2026-02-03 DOI: 10.1016/j.comnet.2026.112085

Jianlong Xu, Rongtao Zhang, Dianming Lin, Mengqing Jin, Yuelong Liu

{"title":"Sparsity-resilient QoS prediction via ε-DP enhanced subgraph-inductive GNNs in internet of services","authors":"Jianlong Xu, Rongtao Zhang, Dianming Lin, Mengqing Jin, Yuelong Liu","doi":"10.1016/j.comnet.2026.112085","DOIUrl":"10.1016/j.comnet.2026.112085","url":null,"abstract":"<div><div>The rapid evolution of the Internet of Services (IoS) in the Web 3.0 era empowers users with access to an abundance of functionally similar services. This makes reliable Quality of Service (QoS) prediction essential for selecting optimal services. However, real-world QoS data often suffer from high sparsity, and privacy concerns frequently prevent users from sharing their raw QoS records. This creates a dual challenge: achieving high prediction accuracy while preserving data privacy in sparse environments. To address these challenges, we propose DPIS-GNN, a novel framework that integrates ε-Differential Privacy (ε-DP) with subgraph-inductive Graph Neural Networks (GNNs). Our approach first applies ε-DP mechanisms to obfuscate local datasets, protecting sensitive user information. These perturbed datasets are then aggregated into a unified interaction graph, from which relevant patterns are inferred. Next, we introduce a subgraph-based GNN that inductively learns from the noisy and sparse data to produce accurate QoS predictions. Extensive experiments on real-world datasets demonstrate the effectiveness of our approach. DPIS-GNN achieves up to a 17.55% reduction in Mean Absolute Error (MAE) and a 9.77% decrease in Root Mean Square Error (RMSE), outperforming state-of-the-art baselines. Our model exhibits superior robustness in sparse and cold-start scenarios, offering both strong privacy protection and high predictive performance.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"278 ","pages":"Article 112085"},"PeriodicalIF":4.6,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146175121","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

An improved dynamic anonymous authentication and key agreement scheme for resource constrained IoT devices 一种改进的资源受限物联网设备动态匿名认证和密钥协议方案

IF 4.6 2区计算机科学

Computer Networks Pub Date : 2026-04-01 Epub Date: 2026-02-09 DOI: 10.1016/j.comnet.2026.112093

Junfeng Tian , Rongyi Fei

{"title":"An improved dynamic anonymous authentication and key agreement scheme for resource constrained IoT devices","authors":"Junfeng Tian , Rongyi Fei","doi":"10.1016/j.comnet.2026.112093","DOIUrl":"10.1016/j.comnet.2026.112093","url":null,"abstract":"<div><div>Physical Unclonable Functions (PUFs) are widely employed in IoT authentication and key agreement (AKA) to address the challenges of secure key storage. However, PUF-based AKA schemes remain vulnerable to strong physical adversaries. In addition, although existing schemes attempt to reuse challenge–response pairs (CRPs) through various hiding or encryption techniques to mitigate the limitations of weak PUFs, they generally fail to consider the extreme scenario in which a weak PUF supports only a single CRP, and they also cannot guarantee the complete anonymity of IoT devices. To address these limitations, we propose an improved dynamic anonymous authentication scheme tailored for resource-constrained IoT devices suitable for weak PUFs, which mainly employs cryptographic techniques such as Hash, PUF, ECC, AES and Pedersen commitment. By leveraging Pedersen commitments and a single CRP, the scheme enables zero-knowledge proof of the response, ensuring the secure reuse of response <em>R</em>, thereby overcoming the limitations of weak PUFs. Moreover, the challenge <em>C</em> is symmetrically encrypted with a key derived from elliptic curve Diffie–Hellman (ECDH), effectively defending against adversaries with full physical access. To enhance user anonymity and unlinkability, both the Pedersen commitment and the device pseudonym are dynamically updated after each authentication session. Security is formally verified using BAN logic, the Real-or-Random (ROR) model, the ProVerif tool and the Scyther tool. The comparison results demonstrate that our scheme achieves the best performance in terms of computational overhead, storage overhead, energy consumption, and latency, with acceptable communication overhead. The simulation results via OMNeT++ demonstrate the feasibility and scalability of the proposed scheme.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"278 ","pages":"Article 112093"},"PeriodicalIF":4.6,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146175120","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

OnlineADS: An online active learning approach to intrusion detection for WSNs 在线主动学习：一种用于wsn入侵检测的在线主动学习方法

IF 4.6 2区计算机科学

Computer Networks Pub Date : 2026-04-01 Epub Date: 2026-02-10 DOI: 10.1016/j.comnet.2026.112102

Hiba Tabbaa, Mourad Jabrane, Imad Hafidi

{"title":"OnlineADS: An online active learning approach to intrusion detection for WSNs","authors":"Hiba Tabbaa, Mourad Jabrane, Imad Hafidi","doi":"10.1016/j.comnet.2026.112102","DOIUrl":"10.1016/j.comnet.2026.112102","url":null,"abstract":"<div><div>The Internet of Things (IoT) has found applications in many areas classified as critical, including healthcare, environmental monitoring, smart cities, autonomous vehicles, and energy management, with wireless sensor networks (WSNs) widely used as the underlying infrastructure for these deployments. WSNs, however, remain highly exposed to rapid, novel cyberattacks. The dynamic, non-stationary nature of WSN data streams requires learning methods capable of real-time analysis and adaptability to new and unpredictable attack types. Although integrating Artificial Intelligence (AI) with intrusion detection holds great promise, existing solutions are challenged by the need for large volumes of labeled data, periodic offline retraining, and the necessity for real-time detection requirements. To overcome these constraints, we introduce <em>OnlineADS</em>, which, to the best of our knowledge, is the first framework for online active attack detection in WSNs. OnlineADS proposes a probability-calibrated extension of Online DeepSVDD with budgeted active learning (AL) and drift-aware adaptation. We evaluate OnlineADS in streaming settings using a prequential (test-then-train) protocol on WSN-DS, NSL-KDD, and UNSW-NB15 datasets, reporting Avg. AUC and runtime as the primary metrics. Extensive streaming experiments show that OnlineADS consistently outperforms no-AL online baselines under limited labeling budgets, reducing annotation cost while maintaining real-time detection performance suitable for gateway deployment in resource-constrained WSNs. Among the tested querying strategies, StreamProbabilisticAL achieves the highest Avg. AUC on WSN-DS, NSL-KDD, and UNSW-NB15 (87.24%, 84.04%, and 76.32%, respectively) under the evaluated budgets.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"278 ","pages":"Article 112102"},"PeriodicalIF":4.6,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146175008","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Dynamic reliable SFC orchestration for SDN-NFV enabled networks SDN-NFV支持网络的动态可靠SFC编排

IF 4.6 2区计算机科学

Computer Networks Pub Date : 2026-04-01 Epub Date: 2026-02-09 DOI: 10.1016/j.comnet.2026.112086

Hui Su , Jie Jia , Jian Chen , Yi Xue , Xingwei Wang

{"title":"Dynamic reliable SFC orchestration for SDN-NFV enabled networks","authors":"Hui Su , Jie Jia , Jian Chen , Yi Xue , Xingwei Wang","doi":"10.1016/j.comnet.2026.112086","DOIUrl":"10.1016/j.comnet.2026.112086","url":null,"abstract":"<div><div>With the rise of Software Defined Networking (SDN) and Network Function Virtualization (NFV), network traffic can be processed sequentially by Virtual Network Functions (VNFs) that run as software on general-purpose servers, creating a Service Function Chain (SFC). However, the dynamic and software-based nature of VNFs presents challenges related to reliability and energy efficiency. In this work, we first formulate a long-term SFC orchestration problem focused on minimizing average energy consumption while satisfying reliability requirements for services. To address this problem, we propose a partial backup strategy that effectively balances reliability and energy overhead under uncertain VNF performance. Additionally, we design a Multi-Agent Reinforcement Learning approach based on Graph Convolutional Deep Q-Networks (MA-GCDQN). This method effectively captures the non-Euclidean topology of physical networks and enhances scalability. Building on the optimized orchestration strategy, we also implement a prototype SFC orchestration platform that aligns with the Management and Orchestration (MANO) architecture. The platform supports physical network virtualization, user-defined service deployment, flow-level traffic processing, and facilitates algorithm training and validation. Finally, we conduct extensive simulations with dynamic service requests across multiple time slots. The results demonstrate the effectiveness of our proposed strategy in reducing long-term energy consumption while maintaining high service reliability, thereby confirming the platform’s capability to support automated and intelligent SFC deployment.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"278 ","pages":"Article 112086"},"PeriodicalIF":4.6,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146175006","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Non-functional certification of edge-computing satellite systems 边缘计算卫星系统的非功能认证

IF 4.6 2区计算机科学

Computer Networks Pub Date : 2026-04-01 Epub Date: 2026-01-31 DOI: 10.1016/j.comnet.2026.112036

Filippo Berto , Marco Anisetti , Qiyang Zhang , Shangguang Wang , Claudio A. Ardagna

{"title":"Non-functional certification of edge-computing satellite systems","authors":"Filippo Berto , Marco Anisetti , Qiyang Zhang , Shangguang Wang , Claudio A. Ardagna","doi":"10.1016/j.comnet.2026.112036","DOIUrl":"10.1016/j.comnet.2026.112036","url":null,"abstract":"<div><div>Satellite telecommunication networks are playing an increasingly pivotal role in modern communication infrastructures, owing to their expansive coverage, high reliability, and growing capabilities in computing, storage, and bandwidth. In response to evolving market demands, mobile network operators are progressively integrating satellite systems with edge-cloud computing platforms to deliver advanced networking functionalities within a unified architecture. This integration places strong demands on the non-functional assessment (e.g., reliability, availability, and resource efficiency) of satellite-based edge nodes, introducing unprecedented challenges due to their unique operational constraints. In this paper, we propose a lightweight certification framework tailored for satellite computing systems, designed to assess and validate the non-functional posture of satellite edge networks. Our approach explicitly addresses the distinctive characteristics of satellite environments, including intermittent connectivity and constrained resource availability. We validate the proposed scheme through a realistic testbed implementation, modeling a 5G-enabled satellite edge node based on the Tiansuan satellite constellation, an experimental platform jointly developed by Beijing University of Posts and Telecommunications, Spacety, and Peking University.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"278 ","pages":"Article 112036"},"PeriodicalIF":4.6,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146175009","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Opportunities and Challenges of Service Mesh in Multi-access Edge Computing 服务网格在多址边缘计算中的机遇与挑战

IF 4.6 2区计算机科学

Computer Networks Pub Date : 2026-03-09 DOI: 10.1016/j.comnet.2026.112208

Ewelina Kamyszek-Mały , Jordi Mongay Batalla , Jan Kelner , Constandinos X. Mavromoustakis

{"title":"Opportunities and Challenges of Service Mesh in Multi-access Edge Computing","authors":"Ewelina Kamyszek-Mały , Jordi Mongay Batalla , Jan Kelner , Constandinos X. Mavromoustakis","doi":"10.1016/j.comnet.2026.112208","DOIUrl":"10.1016/j.comnet.2026.112208","url":null,"abstract":"<div><div>Multi-access Edge Computing (MEC) is an emerging technology that brings computing capabilities close to the edge of a radio access network (RAN) to enable real-time applications. However, coordinating states across a large number of geographically distributed edge nodes while maintaining low-latency access to services is a significant challenge. Service mesh may solve that problem. A service mesh is a dedicated infrastructure layer built as a series of interconnected network proxies. It moves service communication complexities out of the application code, providing a way to control and observe how different services interact in a complex distributed system. Benefits of service meshes include controlling request routing, visibility into inter-service communication, increased resiliency, and enhanced security capabilities. This article provides a technology overview of currently available service mesh models and how their integration can reduce operational complexity and improve the performance of edge environments. Finally, we outline the identified challenges of integrating service mesh solutions within MEC, focusing on areas such as the placement of service mesh control planes, traffic management, security, and coordination with 5G and future 6G core network functions.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"280 ","pages":"Article 112208"},"PeriodicalIF":4.6,"publicationDate":"2026-03-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"147450974","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Optimizing TTL Cache Hierarchies under Random Delays: Direct Methods and Learning on Graph Transformations 随机延迟下优化TTL缓存层次：图变换的直接方法和学习

IF 4.6 2区计算机科学

Computer Networks Pub Date : 2026-03-06 DOI: 10.1016/j.comnet.2026.112180

Karim S. Elsayed , Fabien Geyer , Amr Rizk

{"title":"Optimizing TTL Cache Hierarchies under Random Delays: Direct Methods and Learning on Graph Transformations","authors":"Karim S. Elsayed , Fabien Geyer , Amr Rizk","doi":"10.1016/j.comnet.2026.112180","DOIUrl":"10.1016/j.comnet.2026.112180","url":null,"abstract":"<div><div>We optimize hierarchies of Time-to-Live (TTL) caches under network delays. A TTL cache assigns individual eviction timers to cached objects that are usually refreshed upon a hit where upon a miss the object requires a random time to be fetched from a parent cache. Due to their object decoupling property, TTL caches are of particular interest since the optimization of a per-object utility enables service differentiation. However, state-of-the-art exact TTL cache utility-based optimization does not extend beyond single TTL caches, especially under network delays.</div><div>In this paper, we leverage the object decoupling effect to formulate the nonlinear utility maximization problem for TTL cache hierarchies in terms of the exact object hit probability under random network delays. We iteratively solve the utility maximization problem to find the optimal per-object TTLs. In addition, we propose a variant TTL policy, which we denote as exTTL to counteract the effect on the optimal utility of the storage mismatch between the actual realization of a TTL cache and its ideal infinite storage assumption. Further, we show that the exact model suffers from tractability issues for large hierarchies and propose a machine learning approach to estimate the optimal TTL values for large systems. Finally, we provide numerical and data center trace-based evaluations for both methods, showing the significant offloading improvement due to TTL optimization considering the network delays.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"280 ","pages":"Article 112180"},"PeriodicalIF":4.6,"publicationDate":"2026-03-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"147451060","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Enhancing network security: A novel intrusion detection system utilizing dual-optimization techniques for feature selection and classification 增强网络安全：一种利用特征选择和分类双优化技术的新型入侵检测系统

IF 4.6 2区计算机科学

Computer Networks Pub Date : 2026-03-01 Epub Date: 2026-01-13 DOI: 10.1016/j.comnet.2026.112021

D. Vinod , M Prasad

{"title":"Enhancing network security: A novel intrusion detection system utilizing dual-optimization techniques for feature selection and classification","authors":"D. Vinod , M Prasad","doi":"10.1016/j.comnet.2026.112021","DOIUrl":"10.1016/j.comnet.2026.112021","url":null,"abstract":"<div><div>The growing complexity and interconnectivity of modern networks have increased the importance of Intrusion Detection System (IDS) for safeguarding data integrity and privacy. This work presents advanced IDS that deliver improved performance in detecting and mitigating cyber-attacks. The system incorporates an Enhanced Elman Spike Neural Network (EESNN) and a novel hybrid feature selection algorithm which combines Archimedes Optimization Algorithm (AOA) with Fennec Fox Optimization Algorithm (FFOA) for feature selection. Initially, the input data undergoes pre-processing to ensure quality and optimal formatting, critical for achieving high detection accuracy. AOA contributes its strength in global optimization by exploring the search space effectively, while FFOA enhances local search precision, creating a balanced framework for selecting impactful features. The classification task is performed by EESNN, which enhances the traditional Elman Neural Network (ENN) by incorporating spike-based neural dynamics for processing temporal data. EESNN features a context layer to retain memory of previous states, enabling it to effectively capture complex temporal patterns and classify attack types with precision. The proposed IDS demonstrate 96.38% accuracy, 96.84% precision, 96.57% recall, specificity 96.15% and remarkable F1-score of 96.70% indicating superiority over other similar classifiers.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"277 ","pages":"Article 112021"},"PeriodicalIF":4.6,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146025382","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A survey of learning-based intrusion detection systems for in-vehicle networks 基于学习的车载网络入侵检测系统研究

IF 4.6 2区计算机科学

Computer Networks Pub Date : 2026-03-01 Epub Date: 2026-01-23 DOI: 10.1016/j.comnet.2026.112031

Muzun Althunayyan , Amir Javed , Omer Rana

{"title":"A survey of learning-based intrusion detection systems for in-vehicle networks","authors":"Muzun Althunayyan , Amir Javed , Omer Rana","doi":"10.1016/j.comnet.2026.112031","DOIUrl":"10.1016/j.comnet.2026.112031","url":null,"abstract":"<div><div>Connected and Autonomous Vehicles (CAVs) have advanced modern transportation by improving the efficiency, safety, and convenience of mobility through automation and connectivity, yet they remain vulnerable to cybersecurity threats, particularly through the insecure Controller Area Network (CAN) bus. Cyberattacks can have devastating consequences in connected vehicles, including the loss of control over critical systems, necessitating robust security solutions. In-vehicle Intrusion Detection Systems (IDSs) offer a promising approach by detecting malicious activities in real time. This survey provides a comprehensive review of state-of-the-art research on learning-based in-vehicle IDSs, focusing on Machine Learning (ML), Deep Learning (DL), and Federated Learning (FL) approaches. Based on the reviewed studies, we critically examine existing IDS approaches, categorising them by the types of attacks they detect-known, unknown, and combined known-unknown attacks-while identifying their limitations. We also review the evaluation metrics used in research, emphasising the need to consider multiple criteria to meet the requirements of safety-critical systems. Additionally, we analyse FL-based IDSs and highlight their limitations. By doing so, this survey helps identify effective security measures, address existing limitations, and guide future research toward more resilient and adaptive protection mechanisms, ensuring the safety and reliability of CAVs.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"277 ","pages":"Article 112031"},"PeriodicalIF":4.6,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146090321","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Poseidon: Intelligent proactive defense against DDoS attacks in edge clouds 波塞冬：边缘云DDoS攻击智能主动防御

IF 4.6 2区计算机科学

Computer Networks Pub Date : 2026-03-01 Epub Date: 2026-01-21 DOI: 10.1016/j.comnet.2026.112025

Shen Dong , Guozhen Cheng , Wenyan Liu

{"title":"Poseidon: Intelligent proactive defense against DDoS attacks in edge clouds","authors":"Shen Dong , Guozhen Cheng , Wenyan Liu","doi":"10.1016/j.comnet.2026.112025","DOIUrl":"10.1016/j.comnet.2026.112025","url":null,"abstract":"<div><div>With the rise of edge computing (EC), data and computation are increasingly shifted from centralized clouds to edge nodes, improving real-time performance and privacy. However, the resource constraints of edge nodes make them vulnerable to Distributed Denial-of-Service (DDoS) attacks. Traditional passive defense mechanisms struggle to counter diverse attacks due to their delayed response and lack of flexibility. While proactive defense strategies possess dynamism and adaptability, existing solutions often rely solely on either Moving Target Defense (MTD) or deception defense. The former fails to curb attacks at their source, while the latter lacks dynamic adaptability. Moreover, they often address only one type of attack and impose high resource and latency costs. To overcome these challenges, we propose Poseidon, a deep reinforcement learning-based hybrid proactive defense framework. Poseidon integrates the dynamism of MTD with the deceptive nature of deception defense, enabling differentiated responses to both High-rate Distributed Denial-of-Service (HDDoS) and Low-rate Distributed Denial-of-Service (LDDoS) attacks. By leveraging the lightweight characteristics of containers, it achieves resource-efficient protection. The interaction between attacks and defenses is modeled as a Markov Decision Process (MDP), and the Deep Q-Network (DQN) algorithm is employed to dynamically balance defense effectiveness and resource overhead. Experimental results demonstrate that Poseidon significantly outperforms existing MTD schemes across multiple DDoS attack scenarios, achieving up to a 28% improvement in average reward, a 30% enhancement in security, and a 15% increase in service quality. Furthermore, Poseidon effectively ensures service availability while minimizing quality degradation, showcasing considerable practical value.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"277 ","pages":"Article 112025"},"PeriodicalIF":4.6,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146090320","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0