Computer Networks最新文献

筛选
英文 中文
Latency minimization in IRS-UAV assisted WPT-MEC systems: An ID-AOPDDQN-based trajectory and phase shift optimization approach
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2025-03-22 DOI: 10.1016/j.comnet.2025.111215
Wenjie Zhou, Linbo Zhai, Zekun Lu, Kai Xue, Tian Zhang
{"title":"Latency minimization in IRS-UAV assisted WPT-MEC systems: An ID-AOPDDQN-based trajectory and phase shift optimization approach","authors":"Wenjie Zhou,&nbsp;Linbo Zhai,&nbsp;Zekun Lu,&nbsp;Kai Xue,&nbsp;Tian Zhang","doi":"10.1016/j.comnet.2025.111215","DOIUrl":"10.1016/j.comnet.2025.111215","url":null,"abstract":"<div><div>Intelligent Reflectors (IRS) assisted Wireless Power Transmission and Mobile Edge Computing (WPT-MEC) are considered as solutions for implementing sustainable Internet of Things (IoT) networks that can effectively improve network performance and reduce data transmission latency. There are still challenges such as flexible deployment of IRSs and multivariate joint optimization remain. In this paper, we study the task offloading problem of unmanned aerial vehicles (UAVs) carrying IRSs (IRS-UAV) assisted WPT-MEC, which exploits the flexibility of the UAV to dynamically improve the energy harvesting and task offloading channel transmission between ground equipment (GD) and access point (AP). In this system, we consider the association relationship between the hovering points (HPs) of the IRS-UAV and the GDs, the phase shift of the IRS-UAV, the flight trajectory, the beamforming vector, and the offloading decision and transmit power of the GDs to minimize latency performance under the constraint of energy consumption. To solve this multivariable non-convex problem, we propose an ID-AOPDDQN (ISODATA clustering, successive convex approximation and parametric Dueling deep <span><math><mi>Q</mi></math></span>-network) algorithm. At first, we cluster the HPs and the association relationship between GDs and HPs through an efficient load balancing algorithm (ISODATA), so as to cover all GDs to the maximum extent. Secondly, on the basis of clustering, we divide the target problem into two sub-problems. For the first sub-problem, Successive Convex Approximation (SCA) is used to transform it into a convex problem, and the phase shift and beamforming vectors of radio energy transmission are optimized alternately. For the second subproblem, we design the PDDQN (a combination of DDPG and Dueling DQN) algorithm to process the mixed space based on the first problem of the solution, where DDPG processes continuous motion (such as phase shift) and Dueling DQN processes discrete action (such as offloading decisions). Simulation results show that the ID-AOPDDQN algorithm significantly improves the performance of the system in latency.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"263 ","pages":"Article 111215"},"PeriodicalIF":4.4,"publicationDate":"2025-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143715571","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Accelerating traffic engineering optimization for segment routing: A recommendation perspective
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2025-03-22 DOI: 10.1016/j.comnet.2025.111224
Linghao Wang, Miao Wang, Chungang Lin, Yujun Zhang
{"title":"Accelerating traffic engineering optimization for segment routing: A recommendation perspective","authors":"Linghao Wang,&nbsp;Miao Wang,&nbsp;Chungang Lin,&nbsp;Yujun Zhang","doi":"10.1016/j.comnet.2025.111224","DOIUrl":"10.1016/j.comnet.2025.111224","url":null,"abstract":"<div><div>Traffic engineering (TE) is important for improving network performance. Recently, segment routing (SR) has gained increasing attention in the TE field. Many segment routing traffic engineering (SR-TE) methods compute optimal routing policies by solving linear programming (LP) problems, which suffer from high computation time. Therefore, various methods have been proposed for accelerating TE optimization. However, prior methods solve individual TE optimization problems from scratch, overlooking valuable information from existing historical solutions. We argue that these data can imply the distribution of optimal solutions for solving future TE problems. In this paper, we provide a new perspective on accelerating SR-TE optimization. First, we generated and analyzed historical solutions of a widely used LP model, and revealed two key findings from the data: Flows are predominantly routed through a small subset of intermediate nodes; similar decisions can be made for some flows. Then, inspired by the findings, we propose RS4SR, the first framework to our knowledge leveraging historical solutions for SR-TE acceleration. It can significantly reduce the size of LP model by performing candidate recommendation and flow clustering. Experiments on real-world topologies and various traffic matrices demonstrate that a simple implementation of RS4SR is sufficient to obtain near-optimal solutions within the time limit of two seconds on large-scale networks, utilizing a small number of historical solutions.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"264 ","pages":"Article 111224"},"PeriodicalIF":4.4,"publicationDate":"2025-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143738225","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Socially beneficial metaverse: Framework, technologies, applications, and challenges
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2025-03-22 DOI: 10.1016/j.comnet.2025.111198
Xiaolong Xu , Xuanhong Zhou , Muhammad Bilal , Sherali Zeadally , Jon Crowcroft , Lianyong Qi , Shengjun Xue
{"title":"Socially beneficial metaverse: Framework, technologies, applications, and challenges","authors":"Xiaolong Xu ,&nbsp;Xuanhong Zhou ,&nbsp;Muhammad Bilal ,&nbsp;Sherali Zeadally ,&nbsp;Jon Crowcroft ,&nbsp;Lianyong Qi ,&nbsp;Shengjun Xue","doi":"10.1016/j.comnet.2025.111198","DOIUrl":"10.1016/j.comnet.2025.111198","url":null,"abstract":"<div><div>In recent years, the maturation of emerging technologies such as Virtual Reality, Digital Twins and Blockchain has accelerated the realization of the metaverse. As a virtual world independent of the real world, the metaverse will provide users with a variety of virtual activities which bring great convenience to society. In addition, the metaverse can facilitate digital twins, which offers transformative possibilities for the industry. Thus, the metaverse has attracted the attention of the industry, and a huge amount of capital is about to be invested. However, the development of the metaverse is still in its infancy and little research has been undertaken so far. We describe the development of the metaverse. Next, we introduce the architecture of the socially beneficial metaverse (SB-Metaverse) and we focus on the technologies that support the operation of SB-Metaverse. In addition, we also present the applications of SB-Metaverse. Finally, we discuss several challenges faced by SB-Metaverse which must be addressed in the future.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"263 ","pages":"Article 111198"},"PeriodicalIF":4.4,"publicationDate":"2025-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143706251","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Industrial IoT intrusion attack detection based on composite attention-driven multi-layer pyramid features
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2025-03-22 DOI: 10.1016/j.comnet.2025.111207
Jiqiang Zhai, Xinyu Wang, Zhonghui Zhai, Tao Xu, Zuming Qi, Hailu Yang
{"title":"Industrial IoT intrusion attack detection based on composite attention-driven multi-layer pyramid features","authors":"Jiqiang Zhai,&nbsp;Xinyu Wang,&nbsp;Zhonghui Zhai,&nbsp;Tao Xu,&nbsp;Zuming Qi,&nbsp;Hailu Yang","doi":"10.1016/j.comnet.2025.111207","DOIUrl":"10.1016/j.comnet.2025.111207","url":null,"abstract":"<div><div>The Industrial Internet of Things (IIoT) extends and optimizes IoT technology for industrial environments, playing a crucial role in industrial production, equipment monitoring, and supply chain management. However, the increasing diversity of devices at the IIoT application layer exacerbates network complexity, rendering IIoT systems more susceptible to malicious attacks and severe security risks. To address these challenges, we focus on unresolved security issues in the IIoT application layer, including poor generalization ability across different domains in detection, insufficient granularity in local feature recognition, and suboptimal performance in identifying diverse attack patterns. In response, we propose a Composite Attention-Driven Multi-Layer Pyramid Feature-Based Intrusion Detection Model (BCSP), which leverages a composite attention pyramid structure with a multi-scale attention mechanism to enhance semantic feature representation across different scales. This design enables the model to prioritize contextual semantic information while effectively capturing real-time traffic attributes and session-related features. To validate its effectiveness, we conduct extensive experiments using well-established public cybersecurity datasets and real-world network environments, where BCSP achieves a test accuracy of over 98%. Experimental results indicate that BCSP consistently outperforms conventional machine learning and deep learning models, demonstrating its effectiveness in IIoT intrusion detection.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"263 ","pages":"Article 111207"},"PeriodicalIF":4.4,"publicationDate":"2025-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143687197","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Multi-Attack Identification and Mitigation mechanism based on multi-agent collaboration in Vehicular Named Data Networking
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2025-03-22 DOI: 10.1016/j.comnet.2025.111226
Na Fan , Yuxin Gao , Jialong Li , Zhiquan Liu , Wenjun Fan
{"title":"Multi-Attack Identification and Mitigation mechanism based on multi-agent collaboration in Vehicular Named Data Networking","authors":"Na Fan ,&nbsp;Yuxin Gao ,&nbsp;Jialong Li ,&nbsp;Zhiquan Liu ,&nbsp;Wenjun Fan","doi":"10.1016/j.comnet.2025.111226","DOIUrl":"10.1016/j.comnet.2025.111226","url":null,"abstract":"<div><div>This paper introduces a novel Multi-Attack Identification and Mitigation mechanism (MAIM) designed to enhance security within Vehicular Name Data Networking (VNDN), a derivative of Name Data Networking (NDN) optimized for the Internet of Vehicles (IoV). VNDN, while offering improved communication security for mobile networks, is vulnerable to interest flooding attacks. MAIM addresses this issue through a collaborative multi-agent system comprising detection algorithms, an identification model, and a mitigation model. The MAIM mechanism begins with vehicle nodes monitoring traffic and identifying potential threats, relaying this information to Road Side Units (RSUs), which utilize Random Forests to detect attacks. Detected threats are then communicated to the Base Station (BS), which employs Convolutional Neural Networks and Support Vector Machines to analyze and classify the attack type. The RSUs, informed by the BS, use Graph Convolution Networks to isolate malicious nodes, effectively mitigating the attack. Comparative simulation and real-world experiments demonstrate MAIM’s superior performance in attack recognition and mitigation, the average accuracy for attack detection is 97.5%, the average accuracy for attack identification reaches 85.2%, while the average interest satisfaction rate under attack suppression stands at 81%, highlighting its potential as a robust solution for securing VNDN environments.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"263 ","pages":"Article 111226"},"PeriodicalIF":4.4,"publicationDate":"2025-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143697847","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Efficient resource allocation in 5G massive MIMO-NOMA networks: Comparative analysis of SINR-aware power allocation and spatial correlation-based clustering
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2025-03-21 DOI: 10.1016/j.comnet.2025.111216
Samar Chebbi , Oussama Habachi , Jean-Pierre Cances , Vahid Meghdadi , Essaid Sabir
{"title":"Efficient resource allocation in 5G massive MIMO-NOMA networks: Comparative analysis of SINR-aware power allocation and spatial correlation-based clustering","authors":"Samar Chebbi ,&nbsp;Oussama Habachi ,&nbsp;Jean-Pierre Cances ,&nbsp;Vahid Meghdadi ,&nbsp;Essaid Sabir","doi":"10.1016/j.comnet.2025.111216","DOIUrl":"10.1016/j.comnet.2025.111216","url":null,"abstract":"<div><div>With the evolution of 5G networks, optimizing resource allocation has become a critical challenge to meet the ever-increasing demand for massive connectivity and high throughput. To this end, combining Non-Orthogonal Multiple Access (NOMA) and massive Multi-Input Multi-Output (MIMO) techniques offers significant advantages. In fact, this powerful synergy enhances spectral efficiency, supports massive device connectivity, and improves overall network performance. However, deploying MIMO-NOMA in densely populated networks introduces several technical challenges, including bandwidth utilization, interference management, fairness among users, and computational complexity. In this paper, we introduce a set of user grouping algorithms: user pairing, random clustering, Correlation Iterative Clustering Algorithm (CIA), K-means-based User Clustering (kUC), and Grey Wolf Optimizer-based clustering (GWO). These algorithms were compared through a comprehensive simulation setup, focusing on key metrics of network capacity, power efficiency, and computational overhead. Our findings reveal that the GWO-based clustering excels in dynamic scenarios, offering high adaptability and spectral efficiency, while the CIA is well suited for environments with spatially correlated users.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"263 ","pages":"Article 111216"},"PeriodicalIF":4.4,"publicationDate":"2025-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143687198","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Ensuring trustworthy and secure IoT: Fundamentals, threats, solutions, and future hotspots
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2025-03-21 DOI: 10.1016/j.comnet.2025.111218
Mingfeng Huang , Qing Peng , Xiaoyu Zhu , Tan Deng , Ronghui Cao , Wenzheng Liu
{"title":"Ensuring trustworthy and secure IoT: Fundamentals, threats, solutions, and future hotspots","authors":"Mingfeng Huang ,&nbsp;Qing Peng ,&nbsp;Xiaoyu Zhu ,&nbsp;Tan Deng ,&nbsp;Ronghui Cao ,&nbsp;Wenzheng Liu","doi":"10.1016/j.comnet.2025.111218","DOIUrl":"10.1016/j.comnet.2025.111218","url":null,"abstract":"<div><div>The Internet of Things (IoT) allows terminals to access the network freely, which leads to the complexity of authentication and heterogeneous access. Although traditional security mechanisms can effectively prevent external attacks, once a malicious attacker enters the network by forging identity or bypassing authentication, these mechanisms lose effectiveness. Consequently, internal IoT security, including critical attributes such as security, privacy, and trust, has emerged as a research hotspot. The trust mechanism can identify malicious nodes and predict their reliability in future data collection and transmission through numerical analysis of inherent attributes and historical behaviors. However, there is a scarcity of comprehensive reviews summarizing IoT security from a trust perspective. Therefore, this paper reviews representative works on IoT security and trust in recent years from aspects of threats, defenses, and challenges. First, we introduce the fundamentals of IoT system, analyze existing security threats from three levels: architecture, function and equipment, and summarize common malicious attacks as well as their manifestations, causes, and harms. Then, several representative security mechanisms are introduced, including authentication, access control, intrusion detection, secure routing, encryption and key management, and compare their technical principles and superiority. Next, trust mechanism is introduced to ensure internal security, and specialized malicious attacks against the trust model, typical approaches and existing problems are presented. Finally, we discuss the feasible ways to address IoT security issues and list research hotspots in the future.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"263 ","pages":"Article 111218"},"PeriodicalIF":4.4,"publicationDate":"2025-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143734871","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Joint task offloading and computing resource allocation with DQN for task-dependency in Multi-access Edge Computing
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2025-03-21 DOI: 10.1016/j.comnet.2025.111222
Linbo Zhai , Zekun Lu , Jiande Sun , Xiaole Li
{"title":"Joint task offloading and computing resource allocation with DQN for task-dependency in Multi-access Edge Computing","authors":"Linbo Zhai ,&nbsp;Zekun Lu ,&nbsp;Jiande Sun ,&nbsp;Xiaole Li","doi":"10.1016/j.comnet.2025.111222","DOIUrl":"10.1016/j.comnet.2025.111222","url":null,"abstract":"<div><div>The rapid development of mobile communication networks has given birth to various computation-intensive applications such as augmented/virtual reality. Multi-access Edge Computing (MEC), which offloads the computation tasks of Internet of Things (IoT) devices to edge servers near terminals, has been regarded as an effective approach to achieve efficient computing offloading and reduce the heavy computation burdens. However, edge servers typically only have limited resources, which are competed and shared by IoT devices. Most of the existing researches on resource allocation focus on independent tasks, which is difficult to meet the challenge in real applications consisting of multiple interdependent tasks. In this paper, we study joint task offloading and computing resource allocation in task-dependent MEC systems. To evaluate this problem, we formulate this problem to minimize the weighted sum of the long-term task execution delay and energy consumption of IoT devices, which takes the maximum tolerable delay of the task as an important constraint. Since the problem is NP-hard, we design a joint task offloading and computing resource allocation algorithm based on Deep Q-Network (DQN) for multi-user and multi-dependent tasks (JTOCRA-DQN). Different from the traditional DQN algorithm, we add a multi-user multi-dependent task joint task offloading and computing resource allocation algorithm preparation step before learning to reduce the action space. Extensive simulation experiments show that JTOCRA-DQN can reduce the total cost by nearly 30% compared with other methods. When the maximum tolerance time is 10 s, the total cost of JTOCRA-DQN is 72.8, which is 21.3% lower than that of RoFFR algorithm and 36.8% lower than that of DREAM algorithm. In terms of the balance between energy consumption and delay, when the energy threshold increases from 70% to 95%, the proportion of energy cost in the total cost reduces from 58% to 43%, and the proportion of delay cost increases from 42% to 57%, which reflects the dynamic trade-off between energy consumption and delay.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"263 ","pages":"Article 111222"},"PeriodicalIF":4.4,"publicationDate":"2025-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143687301","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
D3QN-based secure scheduling of microservice workflows in cloud environments
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2025-03-21 DOI: 10.1016/j.comnet.2025.111227
Saiqin Long , Jianfeng Yang , Chongxi Rao , Qingyong Deng , Kun Cao
{"title":"D3QN-based secure scheduling of microservice workflows in cloud environments","authors":"Saiqin Long ,&nbsp;Jianfeng Yang ,&nbsp;Chongxi Rao ,&nbsp;Qingyong Deng ,&nbsp;Kun Cao","doi":"10.1016/j.comnet.2025.111227","DOIUrl":"10.1016/j.comnet.2025.111227","url":null,"abstract":"<div><div>In recent years, microservice architecture has been widely applied in software design, including scientific workflow scheduling in the cloud, due to its loose coupling characteristics. With the development of container technology, its fast startup and low overhead make it the preferred deployment technology for microservices. However, a key issue with current microservice architecture is the risk of exposing private and sensitive data. Existing work has researched and explored new architectures for microservices, yet the trade-off between privacy and time has not fully considered still. To fill this gap, we first designed a security model that considers the security levels of users and cloud providers, as well as proposed a workflow scheduling algorithm that satisfies both budget constraints and task privacy requirements. We transform the secure scheduling problem into a Markov decision process (MDP) and propose the Dueling Double DQN-based microservice workflow scheduling Algorithm (D3MWS), which can not only minimize the completion time under budget constraints, but also meet the security requirements of workflow tasks. Finally, well-known workflow applications in cloud computing were selected for experiments. The experimental results showed that the proposed algorithm, while meeting the security requirements of microservices, reduced the average task completion time of each workflow by 10.91% compared to other algorithms under different task quantities.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"263 ","pages":"Article 111227"},"PeriodicalIF":4.4,"publicationDate":"2025-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143706245","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Process-oriented security assessment of network services
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2025-03-21 DOI: 10.1016/j.comnet.2025.111225
Kewei Wang , Changzhen Hu , Chun Shan
{"title":"Process-oriented security assessment of network services","authors":"Kewei Wang ,&nbsp;Changzhen Hu ,&nbsp;Chun Shan","doi":"10.1016/j.comnet.2025.111225","DOIUrl":"10.1016/j.comnet.2025.111225","url":null,"abstract":"<div><div>With the development of information technology, more and more business processes and critical missions are delivered and implemented in the form of network services. Such networked processes have become the prime targets of intrusions and the focal point of cyber attack and defense. In analyzing the risk faced by these tasks and operations, existing process-oriented network service security assessment solutions fail to be accurate as they are still centered around system assets in nature. To fill this gap, in this paper, we propose a new process-oriented security assessment method of network services. First, we construct the mathematical model of network processes, which can be described as curves on Riemannian manifolds. We show that the geometry of the manifolds can be characterized through the pullbacks of Riemannian metrics by Neural Networks. Then, from the viewpoint of data, behavior, and objective, we propose <em>consistency, reachability</em>, and <em>robustness</em>, respectively, as the essential attributes in process-oriented security assessment. We also illustrate the detailed quantification of these attributes and the model of assessment. The proposed method is verified using a publicly available OpenStack dataset, and in a simulated distributed system. Experiment results validate the effectiveness of our approach and its superiority over current solutions.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"264 ","pages":"Article 111225"},"PeriodicalIF":4.4,"publicationDate":"2025-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143738226","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信