Computer NetworksPub Date : 2025-07-15DOI: 10.1016/j.comnet.2025.111530
J. Fesl , M. Naas
{"title":"A comprehensive machine learning-based approach for virtual private network traffic detection, classification and hiding","authors":"J. Fesl , M. Naas","doi":"10.1016/j.comnet.2025.111530","DOIUrl":"10.1016/j.comnet.2025.111530","url":null,"abstract":"<div><div>Virtual private networks (VPNs) are often used today for remote access to corporate networks or to access information resources limited to specific IP ranges or specific geolocations. Reliable detection and classification of normal or encrypted VPN traffic is a non-trivial task that has not yet been reliably solved. In our research, we created a large dataset containing samples of network traffic of different VPN protocols. We used the dataset to build nine machine learning (ML) models and compared their efficiency. Our best ML models can detect VPN network traffic with very high accuracy, subsequently classify the type of VPN protocol, and evaluate the content of traffic transported via the encrypted VPN protocols. To validate the robustness of our models, we invented and applied various VPN traffic detection obfuscation methods whose usage may interfere with network traffic identification and classification. Such methods can also be used to design and implement more secure next-generation VPN protocols that will be potentially not detectable by methods based on ML models.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"270 ","pages":"Article 111530"},"PeriodicalIF":4.4,"publicationDate":"2025-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144662929","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-07-15DOI: 10.1016/j.comnet.2025.111521
Ke Wang, Yongjun Li, Xiang Wang, Yuanhao Liu, Kai Zhang, Fenglei Zhang, Zhiqiang Ma, Zhe Zhao
{"title":"A VNF sharing method based on node selection probability using reinforcement learning in air-ground network","authors":"Ke Wang, Yongjun Li, Xiang Wang, Yuanhao Liu, Kai Zhang, Fenglei Zhang, Zhiqiang Ma, Zhe Zhao","doi":"10.1016/j.comnet.2025.111521","DOIUrl":"10.1016/j.comnet.2025.111521","url":null,"abstract":"<div><div>By decoupling the software function on hardware devices, Network Function Virtualization(NFV) provides a new service architecture named Service Function Chain(SFC), which combines multiple Virtual Network Functions(VNFs) in a specific order. In order to reduce network resources consumption and improve the resource utilization, VNF sharing provides an effective solution for this requirement. However, traditional sharing methods lack a dynamic processing mechanism to select the deployment and shared node location according to the network state dynamically. Moreover, how to further optimize the utilization of network resources is challenging. This paper proposed a VNF sharing evaluation mechanism to evaluate and decide whether to share a VNF, then a node priority calculation mechanism was designed and mapped on node selection probability, which can select appropriate VNF to deploy or share VNF according to network state and resource requirements of SFC, finally, a reinforcement learning approach was utilized to update the selection probability of nodes and complete the VNF sharing process in air-ground network. The experimental results indicate that compared with other five benchmark algorithms, the proposed algorithm can reduce the transmission delay effectively, at the same time, it can improve node and link load resource utilization and acceptance rate of SFC after the VNF sharing.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"270 ","pages":"Article 111521"},"PeriodicalIF":4.4,"publicationDate":"2025-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144686300","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-07-14DOI: 10.1016/j.comnet.2025.111556
Tong Wang , Xiyao Liu , Zhixiang Wang , Panfeng Huang
{"title":"Network-based integrated path planning for UAVs monitoring of dispersed targets","authors":"Tong Wang , Xiyao Liu , Zhixiang Wang , Panfeng Huang","doi":"10.1016/j.comnet.2025.111556","DOIUrl":"10.1016/j.comnet.2025.111556","url":null,"abstract":"<div><div>This paper explores a novel problem involving multiple UAVs navigating along a topological network characterized by interconnected edges to monitor dispersed targets. Given the uncertainty of the environment and the UAV’s response to sudden events, the problem is decomposed into three subproblems of fastest coverage, dynamic coverage, and persistent coverage. A set of combinatorial optimization models is established to describe the three subproblems under temporal and spatial logical constraints, and an integrated planning method is established to solve them. In the algorithm, we design new strategies for target value calculation, state estimation, and multi-agent cooperation to adapt to the specificities of the new problem. Simulation results indicate that the proposed integrated planning method can effectively handle three coverage subproblems and has higher efficiency than existing methods.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"270 ","pages":"Article 111556"},"PeriodicalIF":4.4,"publicationDate":"2025-07-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144654150","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-07-14DOI: 10.1016/j.comnet.2025.111522
Emma Chiaramello , Carla Fabiana Chiasserini , Francesco Malandrino , Alessandro Nordio , Marta Parazzini , Alvaro Valcarce
{"title":"Human-centric decision-making in cell-less 6G networks","authors":"Emma Chiaramello , Carla Fabiana Chiasserini , Francesco Malandrino , Alessandro Nordio , Marta Parazzini , Alvaro Valcarce","doi":"10.1016/j.comnet.2025.111522","DOIUrl":"10.1016/j.comnet.2025.111522","url":null,"abstract":"<div><div>In next-generation networks, <em>cells</em> will be replaced by a collection of points-of-access (PoAs), with overlapping coverage areas and/or different technologies. Along with a promise for greater performance and flexibility, this creates further pressure on network management algorithms, which must make joint decisions on (i) PoA-to-user association and (ii) PoA management. We solve this challenging problem through an efficient and effective solution concept called Cluster-then-Match (CtM). While state-of-the-art approaches tend to focus on performance-related metrics, e.g., network throughput, CtM makes <em>human-centric</em> decisions, where pure network performance is balanced against energy consumption and electromagnetic field exposure. Importantly, such human-centric metrics concern all humans in the network area — including those who are not network users. Through our performance evaluation, which leverages detailed models for EMF exposure estimation and standard-specified signal propagation models, we show that CtM outperforms state-of-the-art network management schemes that solely focus on network performance, including those utilizing machine learning, reducing energy consumption by over 80% in indoor scenarios, and over 36% in outdoor ones.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"270 ","pages":"Article 111522"},"PeriodicalIF":4.4,"publicationDate":"2025-07-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144632194","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-07-13DOI: 10.1016/j.comnet.2025.111518
Guangfu Wu , Su Xu , Daojing He , Sammy Chan
{"title":"Blockchain-based efficient and secure cloud cross-domain data sharing with dynamic revocation by multiple authorities","authors":"Guangfu Wu , Su Xu , Daojing He , Sammy Chan","doi":"10.1016/j.comnet.2025.111518","DOIUrl":"10.1016/j.comnet.2025.111518","url":null,"abstract":"<div><div>In complex cloud environments with expanding data volumes, coordinating the efficiency and security of data sharing is crucial to meet the practical needs of cross-domain sharing among users with distributed attributes from multiple domains. For example, in the context of smart city development, residential energy data can support academic research or optimize resource distribution to improve urban management. In such cross-domain sharing, secure data transmission and multi-party authorization are vital to ensure data security and compliance. This paper employs blockchain and Multi-Authority Attribute-Based Encryption (MA-ABE) to construct a high-security encryption system. It supports dynamic revocation under partial policy-hiding, verifiable lightweight operations, and resistance to offline dictionary attacks as well as multiple collusion attacks within the system. Smart contracts are used to enhance distributed attribute diversity and system robustness, while blockchain ensures transparency and security in key generation and dynamic revocation. Security, theoretical, and experimental analysis validate relatively low communication and computation costs of our scheme, with its high security, and significant performance advantages over current methods.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"270 ","pages":"Article 111518"},"PeriodicalIF":4.4,"publicationDate":"2025-07-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144654149","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-07-12DOI: 10.1016/j.comnet.2025.111513
Yujie Li , Yiwei Liu , Peiyue Li , Yifan Jia , Yanbin Wang
{"title":"Continuous multi-task pre-training for malicious URL detection and webpage classification","authors":"Yujie Li , Yiwei Liu , Peiyue Li , Yifan Jia , Yanbin Wang","doi":"10.1016/j.comnet.2025.111513","DOIUrl":"10.1016/j.comnet.2025.111513","url":null,"abstract":"<div><div>Malicious URL detection and webpage classification are critical tasks in cybersecurity and information management. In recent years, extensive research has explored using BERT or similar language models to replace traditional machine learning methods for detecting malicious URLs and classifying webpages. While previous studies show promising results, they often apply existing language models to these tasks without accounting for the inherent differences in domain data (e.g., URLs being loosely structured and semantically sparse compared to text), leaving room for performance improvement. Furthermore, current approaches focus on single tasks and have not been tested in multi-task scenarios.</div><div>To address these challenges, we propose <span>urlBERT</span>, a pre-trained URL encoder leveraging Transformer to encode foundational knowledge from billions of unlabeled URLs. To achieve it, we propose to use 5 unsupervised pretraining tasks to capture multi-level information of URL lexical, syntax, and semantics, and generate contrastive and adversarial representations. Furthermore, to avoid inter-pre-training competition and interference, we proposed a grouped sequential learning method to ensure effective training across multi-tasks. Finally, we leverage a two-stage fine-tuning approach to improve the training stability and efficiency of the task model. To assess the multitasking potential of <span>urlBERT</span>, we fine-tune the task model in both single-task and multi-task modes. The former creates a classification model for a single task, while the latter builds a classification model capable of handling multiple tasks. We evaluate URLBERT on three downstream tasks: phishing URL detection, advertising URL detection, and webpage classification. The results demonstrate that <span>urlBERT</span> outperforms standard pre-trained models, and its multi-task mode is capable of addressing the real-world demands of multitasking. The code is available at <span><span>https://github.com/Davidup1/URLBERT</span><svg><path></path></svg></span>.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"270 ","pages":"Article 111513"},"PeriodicalIF":4.4,"publicationDate":"2025-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144654151","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-07-12DOI: 10.1016/j.comnet.2025.111514
Xinwei Zhang , Chengzhe Lai , Guanjie Li , Dong Zheng
{"title":"Two-phase authentication for secure vehicular digital twin communications","authors":"Xinwei Zhang , Chengzhe Lai , Guanjie Li , Dong Zheng","doi":"10.1016/j.comnet.2025.111514","DOIUrl":"10.1016/j.comnet.2025.111514","url":null,"abstract":"<div><div>With the continuous development and advancement of autonomous vehicle, vehicular digital twin (VDT) has emerged as a new paradigm that facilitates real-time vehicle data analysis and enhances communication efficiency. To mitigate potential security issues in communication between vehicles and digital twins, ensuring the safety of physical vehicle operation, this paper proposes a two-phase authentication for secure VDT communication. The proposed scheme guarantees both the protection of user and vehicle identities and the security of data transmission. In the first phase, authentication is performed based on the vehicle owner’s ID, password, and biometric identifiers to verify vehicle ownership. The second phase involves the issuance of agent authorizations and signatures by the trusted authority (TA) and the generation of proxy private keys by the vehicle and its twin. Mutual authentication through the exchange of information and signatures ensures the legitimacy of both parties’ identities. The correctness of the proposed protocol is verified through BAN logic and formal security validation using the AVISPA. Finally, the performance and security evaluations demonstrate that the proposed scheme achieves strong anonymity and effectively balances computational and communication overhead. It successfully resists replay and forgery attacks, ensuring robust security. Compared to representative existing schemes, our protocol reduces computation cost in the user authentication phase by up to 36.4% and communication overhead by 67.3%. In the vehicle authentication phase, it achieves over 82% reduction in computation and 39.8%reduction in communication overhead, while preserving comprehensive security guarantees.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"270 ","pages":"Article 111514"},"PeriodicalIF":4.4,"publicationDate":"2025-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144632193","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-07-12DOI: 10.1016/j.comnet.2025.111516
Liang Guo , Chen-Khong Tham , Jie Jia , Jian Chen , Xingwei Wang
{"title":"Generative diffusion model-based QMIX for joint task offloading and resource allocation in VEC systems","authors":"Liang Guo , Chen-Khong Tham , Jie Jia , Jian Chen , Xingwei Wang","doi":"10.1016/j.comnet.2025.111516","DOIUrl":"10.1016/j.comnet.2025.111516","url":null,"abstract":"<div><div>To cope with the high computing demand and latency requirements of emerging vehicular applications, vehicular edge computing (VEC) has been regarded as a promising computing paradigm that improves vehicular performance by introducing edge computation offloading for resource-constrained vehicles. Compared to the conventional delay metric, information freshness is more crucial for applications, such as automatic driving, auto navigation, etc., which can effectively avoid potential accidents caused by outdated data. Therefore, we apply the age of information (AoI) to measure the freshness of all vehicles’ tasks. Then, a long-term average AoI minimization problem is formulated by jointly optimizing the edge-cloud cooperation task offloading and resource allocation under time-varying environments. To solve this problem, we propose an optimization-oriented multi-agent deep reinforcement learning (MADRL) framework. Specifically, we propose a generative diffusion model (GDM)-based value function decomposition MADRL algorithm, named GDM-QMIX, to learn power allocation and offloading policies for multiple vehicle agents. Meanwhile, the closed-form solution of the wired transmission rate and computing resources allocation is derived based on Karush-Kuhn–Tucker (KKT) conditions to evaluate the quality of actions of GDM-QMIX, thereby avoiding a huge action space and achieving joint optimization. Simulation results demonstrate the effectiveness of the proposed algorithm in solving the dynamic task offloading and resource allocation problem and the superiority of the proposed algorithm over the benchmark schemes in terms of the average AoI.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"270 ","pages":"Article 111516"},"PeriodicalIF":4.4,"publicationDate":"2025-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144680516","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-07-12DOI: 10.1016/j.comnet.2025.111515
Yongping He , Zihang Feng , Tijin Yan , Yufeng Zhan , Yuanqing Xia
{"title":"Meta-CAD: Few-shot anomaly detection for online social networks with meta-learning","authors":"Yongping He , Zihang Feng , Tijin Yan , Yufeng Zhan , Yuanqing Xia","doi":"10.1016/j.comnet.2025.111515","DOIUrl":"10.1016/j.comnet.2025.111515","url":null,"abstract":"<div><div>Online social networks are now an integral component of our daily life, yet they pose several security risks, notably including fraudulent activities. Promptly detecting anomalous behaviors within these networks is crucial for effective platform management. Existing unsupervised anomaly detection methods in social networks struggle to effectively distinguish anomalies from noise, leading to a high false alarm rate. It is also data-hungry like semi-supervised methods, making it challenging to cope with data scarcity in practice. To tackle these difficulties, we propose Meta-CAD, a <u>C</u>ontrastive learning-based <u>A</u>nomaly <u>D</u>etection method in <u>Meta</u>-learning framework. It leverages a meta-learning framework to learn common and essential information from multiple auxiliary graphs, enabling efficient knowledge transfer and excelling in scenarios with limited data. Additionally, we design an anomaly-sensitive loss function inspired by contrastive learning, which allows the model to concentrate more on the characteristics of anomalous data by constructing positive and negative sample pairs, thereby enhancing the performance of anomaly detection. The experimental results show that Meta-CAD demonstrates superior performance, with its anomaly detection capabilities surpassing existing methods by up to 10%.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"270 ","pages":"Article 111515"},"PeriodicalIF":4.4,"publicationDate":"2025-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144654137","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2025-07-11DOI: 10.1016/j.comnet.2025.111511
Saihua Cai, Gang Wang, Jinfu Chen, Shengran Wang, Kun Wang
{"title":"APT-ATT: An efficient APT attribution model based on heterogeneous threat intelligence representation and CTGAN","authors":"Saihua Cai, Gang Wang, Jinfu Chen, Shengran Wang, Kun Wang","doi":"10.1016/j.comnet.2025.111511","DOIUrl":"10.1016/j.comnet.2025.111511","url":null,"abstract":"<div><div>With the rapid development of computer network, network security issues become increasingly severe. Due to the nature of highly organized, covert and persistent, <u>a</u>dvanced <u>p</u>ersistent <u>t</u>hreat (APT) has become a major security challenge. Accurately attributing APT attacks is crucial to effectively counter this threat, which not only quickly identifies the source of threats, but also provides the critical support for developing targeted defense strategies and reducing potential losses. However, existing APT attribution models still have significant shortcomings in terms of low efficiency in embedding heterogeneous threat intelligence, class imbalance and insufficient model stability. This paper proposes a novel lightweight <u>APT</u> <u>att</u>ribution model called APT-ATT to effectively improve the accuracy and stability of APT attribution by combining the heterogeneous threat intelligence representation and <u>c</u>onditional <u>t</u>abular <u>g</u>eneration <u>a</u>dversarial <u>n</u>etwork (CTGAN). Firstly, in response to the embedding requirements of heterogeneous long threat intelligence, a feature representation method combining N-Gram and TF-IDF is designed to quickly extract the local semantic features and use the chi-square statistics for feature selection. Secondly, the CTGAN is introduced to generate the realistic feature vectors to effectively alleviate the class imbalance problem. Finally, an ensemble learning framework is constructed based on the stacking strategy, with KNN, RF and XGBoost as the base learners and optimized logistic regression as the meta learner to further improve the attribution performance and model stability. Experiments on two cyber threat intelligence datasets show that the proposed APT-ATT method achieves an accuracy of 94.91%, along with excellent real-time performance and stronger stability.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"270 ","pages":"Article 111511"},"PeriodicalIF":4.4,"publicationDate":"2025-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144606051","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}