Computer Networks最新文献

{"title":"IPv6 active address detection model based on diffusion model","authors":"Wei Yang,&nbsp;Qianyi Wang,&nbsp;Yu Yao","doi":"10.1016/j.comnet.2025.111047","DOIUrl":"10.1016/j.comnet.2025.111047","url":null,"abstract":"<div><div>Cyberspace mapping is of great significance to the research of network security. The current work of cyberspace mapping is mainly based on IPv4 address. Due to the exhaustion of IPv4 address allocation, the world has begun to vigorously promote the deployment of IPv6 address. However, due to the wide range of IPv6 address space, the traditional exhaustive search detection method cannot be applied to IPv6 address detection. In order to find active IPv6 addresses, researchers have proposed to build a target address generation model to generate high-quality candidate target detection address set, so as to provide support for IPv6 address space exploration work.</div><div>Nowadays, many researchers have proposed IPv6 target address generation models. However, the existing target address generation model still has the problems of low hit rate and single address generation pattern. In order to generate more active and diverse candidate target detection address set, We propose an IPv6 active address detection model based on the diffusion model. First, the collected seed addresses will be divided according to the interface identifier type, and then the divided address set will complete the transformation from discrete data to continuous data. After that, the transformed data will be input into the diffusion model for IPv6 address generation. Finally, alias checking will be performed on the generated addresses to reduce the waste of detection resources. The experimental results show that the IPv6 address generation model based on diffusion model has a higher hit rate than other existing address generation algorithms.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"261 ","pages":"Article 111047"},"PeriodicalIF":4.4,"publicationDate":"2025-02-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143444521","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A survey on distributed approaches for security enhancement in vehicular ad-hoc networks","authors":"Abinash Borah,&nbsp;Anirudh Paranjothi,&nbsp;Johnson P. Thomas","doi":"10.1016/j.comnet.2025.111140","DOIUrl":"10.1016/j.comnet.2025.111140","url":null,"abstract":"<div><div>Vehicular Ad-hoc NETworks (VANETs) providing connectivity between vehicles and between vehicles and the infrastructure are a key component of the intelligent transportation systems framework. The security of VANETs against possible malicious activities of the participating nodes is critical, considering their potential impacts on public safety. The structure of VANETs inspires the exploration of distributed solutions for various issues in VANETs including security. In addition to distributed data processing and evaluation, distributed machine learning, federated learning, blockchain, fog computing, and distributed software-defined networking are being explored for different security aspects of VANETs. Nonetheless, the characteristics of VANETs and their security attacks offer varied challenges in adopting distributed approaches for the security of VANETs. In this paper, we investigate these challenges, review the state-of-the-art distributed approaches for security enhancement in VANETs, present a taxonomy, and identify their limitations. We also recommend a set of future research directions based on the identified limitations.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"261 ","pages":"Article 111140"},"PeriodicalIF":4.4,"publicationDate":"2025-02-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143463715","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Dynamic resource allocation for URLLC and eMBB in MEC-NFV 5G networks","authors":"Caio Souza ,&nbsp;Marcos Falcão ,&nbsp;Andson Balieiro ,&nbsp;Elton Alves ,&nbsp;Tarik Taleb","doi":"10.1016/j.comnet.2025.111127","DOIUrl":"10.1016/j.comnet.2025.111127","url":null,"abstract":"<div><div>Supporting the coexistence between enhanced Mobile Broadband (eMBB) and Ultra-Reliable Low Latency Communications (URLLC) is a major challenge in modern communication systems due to their diverse requirements. Multi-access Edge Computing (MEC), Network Function Virtualization (NFV), and Network Slicing (NS) emerge as complementary paradigms to address this challenge, providing fine-grained, on-demand resources closer to the User Equipment (UE) and enabling shared utilization of physical infrastructure. This paper addresses the combination of MEC, NFV, NS, and dynamic virtual resource allocation for overcoming the problem of resource dimensioning at the network edge supporting eMBB and URLLC services. We have proposed a Continuous-Time Markov Chain (CTMC) model to evaluate how requests are managed by the virtualization resources of a single MEC node, primarily focusing on fulfilling the requirements of both eMBB and URLLC services. It characterizes the dynamic virtual resource allocation process and incorporates three key performance metrics, relevant for both URLLC and eMBB services (e.g., availability and response time) as well as for service providers (e.g., power consumption). The model also integrates practical factors such as failures during service processing, service prioritization, and setup (repair) times, enabling insights into how the MEC-NFV-based 5G network handles different service categories by applying service prioritization and dynamic resource allocation. Our key findings reveal that container setup and failure rates play a crucial role in both availability and response times, higher setup rates improve availability and shorten response times. Additionally, the number of containers significantly enhances both metrics, whereas buffer sizes primarily influence response times. Furthermore, higher eMBB arrival rates reduce availability and increase response times, while URLLC availability remains unaffected.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"260 ","pages":"Article 111127"},"PeriodicalIF":4.4,"publicationDate":"2025-02-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143445254","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Differential private federated learning with per-sample adaptive clipping and layer-wise gradient perturbation","authors":"Jiangyong Yuan,&nbsp;Yong Chen","doi":"10.1016/j.comnet.2025.111139","DOIUrl":"10.1016/j.comnet.2025.111139","url":null,"abstract":"<div><div>In Federated Learning (FL), Differential Privacy Stochastic Gradient Descent (DPSGD) is typically applied on the client side to ensure sample-level privacy during local model training. Before updating the local model, this method clips gradients to a predefined value, limiting each sample's contribution. Therefore, carefully adjusting the gradient clipping threshold is crucial for achieving high accuracy of local models under DP constraints. However, there is no predetermined optimal clipping norm setting for different tasks and learning environments, necessitating further investigation to optimize it. Meanwhile, the tradeoff between privacy and accuracy remains a critical challenge. In this paper, we propose a differentially private federated learning framework, DP-PSAC-FL, that utilizes a per-sample adaptive clipping technique, employing an adaptive clipping threshold method instead of a fixed clipping threshold. This framework guarantees sample-level differential privacy, enhances global performance, and eliminates the need for hyperparameter adjustment of the clipping threshold. To further reduce the accuracy degradation caused by noise, we design a layer-wise gradient perturbation strategy. This approach selectively applies noise perturbation to random gradient layers, while keeping the remaining layers unaffected, thereby minimizing the impact of noise on overall performance and maintaining a better balance between privacy and accuracy. Extensive experiments on five real-life datasets demonstrate that our framework effectively balances privacy, model accuracy, and time efficiency.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"261 ","pages":"Article 111139"},"PeriodicalIF":4.4,"publicationDate":"2025-02-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143474650","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Bilateral collaborative computing offloading via LEO satellites for remote network applications","authors":"Shuang Xu,&nbsp;Xutong Li,&nbsp;Jiayu Zhang,&nbsp;Feng Li,&nbsp;Yuanyuan Liang,&nbsp;Shufeng Hao","doi":"10.1016/j.comnet.2025.111124","DOIUrl":"10.1016/j.comnet.2025.111124","url":null,"abstract":"<div><div>In remote areas, due to weak network infrastructure, limited device resources, and diverse application requirements, smart terminals face the challenge of reducing energy consumption while maintaining low latency and high reliability data processing. To address these issues, we integrate the advantages of Low Earth Orbit (LEO) satellites communications and edge computing, and propose a bilateral collaborative offloading mechanism assisted by LEO satellites. In ecological monitoring missions, data are collected by GATs. The results are demanded and used by ground environmental monitoring centers located in different locations. We make use of the features that satellite networks have full coverage and multiple ground base stations (GBS) are close to the environmental center to provide stable network support and achieve bilateral collaborative computing offloading. These ground base stations, working in collaboration with Low Earth Orbit (LEO) satellites, can solve the problem of limited computing resources when satellites handle large-scale tasks, while avoiding some problems caused by cloud computing. Results show that this mechanism obviously optimizes the task execution delay and terminal energy.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"261 ","pages":"Article 111124"},"PeriodicalIF":4.4,"publicationDate":"2025-02-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143474648","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Pheromone-based graph embedding algorithm for Ethereum phishing detection","authors":"Siyi Xiao ,&nbsp;Lejun Zhang ,&nbsp;Zhihong Tian ,&nbsp;Shen Su ,&nbsp;Jing Qiu ,&nbsp;Ran Guo","doi":"10.1016/j.comnet.2025.111123","DOIUrl":"10.1016/j.comnet.2025.111123","url":null,"abstract":"<div><div>Phishing scams pose significant risks to Ethereum, the second-largest blockchain-based cryptocurrency platform. Traditional methods for identifying phishing activities, such as machine learning and network representation learning, struggle to capture the temporal and repetitive transaction patterns inherent in Ethereum’s transaction network. To address these limitations, we propose a Pheromone-based Graph Embedding Algorithm (PGEA), which leverages pheromone mechanisms and a taboo list inspired by ant colony behavior to enhance subgraph sampling. This approach improves the identification of phishing activities by ensuring subgraph homogeneity and isomorphism during the sampling process. In our methodology, Ethereum transaction data is collected from known phishing addresses to construct a transaction network graph. The PGEA guides subgraph sampling, producing sequences that are transformed into node embeddings using word2vec. These embeddings are then classified using a Support Vector Machine (SVM) to distinguish between legitimate and malicious nodes. Experimental results demonstrate the superiority of our model over existing methods. PGEA achieves an accuracy of 87.18%, precision of 91.01%, recall of 84.82%, and F1 score of 86.91%, outperforming baseline approaches such as Deepwalk, Node2vec, and Graph2vec. These results highlight the efficacy of PGEA in detecting phishing addresses, contributing to a more secure Ethereum ecosystem.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"260 ","pages":"Article 111123"},"PeriodicalIF":4.4,"publicationDate":"2025-02-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143429404","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Smart contract anomaly detection: The Contrastive Learning Paradigm","authors":"Oumaima Fadi ,&nbsp;Adil Bahaj ,&nbsp;Karim Zkik ,&nbsp;Abdellatif El Ghazi ,&nbsp;Mounir Ghogho ,&nbsp;Mohammed Boulmalf","doi":"10.1016/j.comnet.2025.111121","DOIUrl":"10.1016/j.comnet.2025.111121","url":null,"abstract":"<div><div>Smart contracts are digital agreements automating the execution of transactions in a decentralized manner. Although they offer many advantages, smart contracts are prone to multiple security vulnerabilities that might cause severe financial losses. Traditional anomaly detection methods, including Machine Learning and Deep Learning, struggle to capture the complexity of smart contract features. Recent advancements have utilized graph neural networks (GNNs) by transforming smart contracts into graphs. However, these approaches face robustness challenges due to small data sizes and model overparameterization. To address these issues, this paper proposes <strong>ACAD</strong> (<strong>A</strong>daptive <strong>C</strong>ontrastive Learning for Smart Contract <strong>A</strong>ttack <strong>D</strong>etection), a novel framework employing a two-phase training process for smart contract classification. After converting smart contract codes to representative graphs, the task-agnostic features are learned using graph contrastive learning with adaptive augmentations. Next, these features are utilized for smart contract vulnerability classification in a downstream task. Unlike previous works, which rely on a single-phase GNN-based approach, ACAD leverages contrastive learning to improve robustness and generalization. This approach effectively overcomes data scarcity while capturing richer and more distinctive representations. Extensive experiments demonstrate that ACAD outperforms baseline models, achieving 95.7% accuracy and 92.44% precision in reentrancy attack detection, which represents an improvement of 5.78% in accuracy and 6.19% in precision compared to the best-performing baseline model.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"260 ","pages":"Article 111121"},"PeriodicalIF":4.4,"publicationDate":"2025-02-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143429408","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Latent diffusion model-based data poisoning attack against QoS-aware cloud API recommender system","authors":"Zhen Chen ,&nbsp;Jianqiang Yu ,&nbsp;Shuang Fan ,&nbsp;Jing Zhao ,&nbsp;Dianlong You","doi":"10.1016/j.comnet.2025.111120","DOIUrl":"10.1016/j.comnet.2025.111120","url":null,"abstract":"<div><div>In the cloud era, cloud API, as one of the best carriers for data output, capability replication, and service delivery, has become one of the core elements of service-oriented software development and operation. However, with the significant challenge posed by a rapidly increasing number of cloud APIs, quality of service (QoS)-aware cloud API recommender system plays a crucial role in guiding users to select the most suitable APIs. Nevertheless, due to the profit-driven nature of cloud APIs and the openness of network environments, QoS-aware cloud API recommender systems are particularly susceptible to data poisoning attacks. These attacks manipulate recommendation outcomes to align with the attacker’s objectives, causing severe disruption to the cloud API ecosystem. Existing data poisoning methods for QoS-aware cloud API recommender systems have evolved from traditional heuristic-based approaches to generative adversarial network based methods. Although this evolution has improved attack performance, it remains challenging to strike an effective balance between attack effectiveness and invisibility. To address this issue, this paper proposes a data poisoning attack method based latent diffusion model. Firstly, real user-cloud API interaction data is compressed into latent feature space by multiple autoencoders to mitigate the limitation of data sparsity on model training. The diffusion model is then utilized to learn the distribution of real user interaction data with cloud APIs within this latent space. Furthermore, an attack loss is designed for model training in order to generate high-quality fake user data that is difficult to detect and aggressive in nature. Experimental results on the real-world dataset WS-DREAM demonstrate that the latent diffusion model-based data poisoning attack method outperforms baseline methods in terms of attack effectiveness, invisibility, and generalizability. This paper aims to raise awareness of cloud API recommendation security from an attack to defend perspective, providing a foundation for defenders to develop effective defense strategies and advancing the development of trustworthy QoS-aware cloud API recommender systems. The source code of the LDM implementation is publicly available at: <span><span>https://github.com/yjq012/LDM</span><svg><path></path></svg></span>.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"260 ","pages":"Article 111120"},"PeriodicalIF":4.4,"publicationDate":"2025-02-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143421141","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Security-aware RPL: Designing a novel objective function for risk-based routing with rank evaluation","authors":"Ferhat Arat ,&nbsp;Sedat Akleylek","doi":"10.1016/j.comnet.2025.111122","DOIUrl":"10.1016/j.comnet.2025.111122","url":null,"abstract":"<div><div>Routing Protocol for Low-Power and Lossy Networks (RPL) is a widely used routing protocol in the Internet of Things (IoT) environments due to its suitability for resource-constrained devices and lossy network conditions. However, the inherent vulnerabilities in RPL pose significant security risks to IoT deployments. To address these challenges, we propose a security-aware routing approach that modifies objective functions (OFs) in terms of risk and vulnerability aspects. Among these vulnerabilities, rank attacks are particularly critical, as they exploit RPL’s core mechanism for route optimization by manipulating rank values to disrupt network performance. Detecting such attacks is crucial, as they can lead to suboptimal routing, increased energy consumption, and network instability, severely impacting IoT operations. To the best of our knowledge, it is the first approach to making the RPL algorithm security-aware by conducting a risk- and vulnerability-focused routing. In our approach, a step-by-step vulnerability-oriented security model is applied. First, we establish the IoT topology using communication range metrics to connect devices. We identify and analyze potential security vulnerabilities in RPL using established databases such as the National Vulnerability Database (NVD) and the Common Vulnerability Scoring System (CVSS). Based on these analyses, a set of OFs is defined to guide RPL routing decisions. The OF formulation incorporates factors such as CVSS values, vulnerability severity, and network topology. Risk levels are measured at device, path, and network-levels, leveraging these OFs. The proposed security-aware routing procedure dynamically adapts routing behavior based on the defined OFs, integrating risk assessment mechanisms into the routing process. This enables the protocol to prioritize routes with lower security risks while avoiding those vulnerable to potential attacks. Additionally, rank attacks are detected by identifying malicious nodes that manipulate rank values. To evaluate the proposed method, comparisons are made with existing procedures regarding running time and asymptotic complexity. The results demonstrate better performance in parent selection and rank attack detection, highlighting the effectiveness of our approach in enhancing the security of RPL-based IoT networks.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"260 ","pages":"Article 111122"},"PeriodicalIF":4.4,"publicationDate":"2025-02-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143429407","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"+Tour: Recommending personalized itineraries for smart tourism","authors":"João Paulo Esper ,&nbsp;Luciano de S. Fraga ,&nbsp;Aline C. Viana ,&nbsp;Kleber Vieira Cardoso ,&nbsp;Sand Luz Correa","doi":"10.1016/j.comnet.2025.111118","DOIUrl":"10.1016/j.comnet.2025.111118","url":null,"abstract":"<div><div>Next-generation touristic services will rely on the advanced mobile networks’ high bandwidth and low latency and the Multi-access Edge Computing (MEC) paradigm to provide fully immersive mobile experiences. As an integral part of travel planning systems, recommendation algorithms devise personalized tour itineraries for individual users considering the popularity of a city’s Points of Interest (POIs) as well as the tourist preferences and constraints. However, in the context of next-generation touristic services, recommendation algorithms should also consider the applications (e.g., social network, mobile video streaming, mobile augmented reality) the tourist will consume in the POIs and the quality in which the MEC infrastructure will deliver such applications. In this paper, we address the joint problem of recommending personalized tour itineraries for tourists and efficiently allocating MEC resources for advanced touristic applications. We formulate an optimization problem that maximizes the itinerary of individual tourists while optimizing the resource allocation at the network edge. We then propose an exact algorithm that quickly solves the problem optimally, considering instances of realistic size. Using a real-world location-based photo-sharing database, we conduct and present an exploratory analysis to understand preferences and users’ visiting patterns. Using this understanding, we propose a methodology to identify user interest in applications. Finally, we evaluate our algorithm using this dataset. Results show that our algorithm outperforms a modified version of a state-of-the-art solution for personalized tour itinerary recommendation, demonstrating gains up to 11<span><math><mtext>%</mtext></math></span> for resource allocation efficiency and 40<span><math><mtext>%</mtext></math></span> for user experience. In addition, our algorithm performs similarly to the modified state-of-the-art solution regarding traditional itinerary recommendation metrics.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"260 ","pages":"Article 111118"},"PeriodicalIF":4.4,"publicationDate":"2025-02-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143421138","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}