Computer Networks最新文献

{"title":"Dynamic eMBB scheduling strategy for GBR and NGBR in Non Standalone 5G NR: A deep reinforcement learning approach","authors":"H. Eddine Benmadani ,&nbsp;M. Amine Ouamri ,&nbsp;M. Azni ,&nbsp;T. Essa Alharbi","doi":"10.1016/j.comnet.2025.111692","DOIUrl":"10.1016/j.comnet.2025.111692","url":null,"abstract":"<div><div>With the emergence of 5G networks and network slicing concept, efficient resource management is crucial to meet varied Quality of Service (QoS) requirements. Intra-slice scheduling plays a central role in optimizing the network performance while catering to the requirements of different traffic flows within a slice. In this paper, we propose a Deep Reinforcement Learning (DRL)-based scheduling scheme for eMBB applications. This appraoch aims to maximize system throughput, increase GBR throughput, minimize packet loss by minimizing Head of Line (HoL) delay, and ensure NGBR flow fairness. To evaluate our approach, we test and contrast the two DRL methods, i.e., Deep Q-Network (DQN) and Proximal Policy Optimization (PPO). Using both approaches to fine-tune our hybrid scheduling metric, we demonstrate the adaptability and reliability of our approach with different learning frameworks. We contrast our DRL-based scheduler performance to the Proportional Fair (PF) scheduler and two QoS-aware schedulers, QoS and EXP-PF. Simulation shows that our scheme significantly improves the system throughput and maintains the GBR and NGBR traffic performance in balance. Moreover, the comparison of DQN and PPO provides novel insights into wireless scheduling efficacy with a foundation for future adaptive scheduling solutions in 5G and beyond.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111692"},"PeriodicalIF":4.6,"publicationDate":"2025-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145061108","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Trust the Source: A latency-based machine learning approach to accurate IP geolocation in internet","authors":"Miguel A. Ortega-Velázquez ,&nbsp;Alejandro S. Martínez-Sala ,&nbsp;Pilar Manzanares-López ,&nbsp;Maria-Dolores Cano ,&nbsp;Antonio J. Jara","doi":"10.1016/j.comnet.2025.111721","DOIUrl":"10.1016/j.comnet.2025.111721","url":null,"abstract":"<div><div>IP geolocation is the process of determining the geographic location of an Internet-connected device based on its IP address. Ensuring the authenticity of data sources has become critical for robust cybersecurity and plays a vital role in safeguarding systems by enabling applications such as fraud prevention, cybercrime investigations, and location-based access controls. There are two main approaches to IP geolocation: passive methods, which rely on public or historical data but may be outdated or inaccurate; and active methods, which use real-time latency measurements or routing path topology to infer location. Inspired by wireless location systems and the fingerprinting technique, this work proposes an active IP geolocation system that leverages Machine Learning to estimate IP locations using Round-Trip Time (RTT) latency measurements taken from a distributed network of probing nodes, referred to as Monitors. A central Coordinator collects RTT data from Monitors pinging known landmarks to build RTT fingerprints. These are used to train ML models that infer the location of unknown target nodes. The testbed system, consisting of a Coordinator server and six Monitors distributed across Europe, operated over a 65-day measurement campaign. More than 2 million RTT samples were collected from approximately 1700 Landmarks (used to train/test the ML models) and 1200 targets (used to evaluate the system). The K-Nearest Neighbours (KNN) and Multi-Layer Perceptron (MLP) algorithms are considered and compared with the reference Constraint-Based Geolocation (CBG) approach. The evaluation finds that the proposed system is capable of geolocating a point with a mean error of 317.6 km, a 38 % reduction compared to the CBG baseline. On the other hand, the average delay to complete the geolocation process is less than 5 s. These results demonstrate a scalable and cost-effective solution for medium-grained accuracy and bounded-delay IP geolocation in cybersecurity contexts.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111721"},"PeriodicalIF":4.6,"publicationDate":"2025-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145106007","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A comprehensive survey of DDoS attack defense systems for different SDN architectures","authors":"Mitali Sinha","doi":"10.1016/j.comnet.2025.111711","DOIUrl":"10.1016/j.comnet.2025.111711","url":null,"abstract":"<div><div>Software-Defined Networking (SDN) is gaining popularity as the new generation networking platform across diverse domains such as 5G, IoT, and cloud computing. Its widespread acceptance is due to the innovative principle of decoupling the network’s control logic from its data-forwarding hardware. This decoupling allows network administrators to dynamically configure and manage network resources through software, providing unparalleled flexibility and agility. SDN has two types of architectures: pure SDN and hybrid SDN, each designed to meet specific requirements like pure SDN is often used in environments where there is a need for dynamic network management, such as data centers and cloud computing environments, hybrid SDN is commonly implemented in existing network infrastructures where organizations want to gradually adopt SDN without completely overhauling their network architecture. This study aims to present a comprehensive survey of Distributed Denial of Service (DDoS) attack defense systems for different types of SDN architectures. Specifically, this research (a) classifies DDoS defense systems based on the SDN architectures and conducts a comparative analysis of existing studies for each architecture, (b) develops a set of guidelines to enhance current DDoS defense solutions, and (c) identifies several future research directions for designing DDoS defense mechanisms against emerging DDoS attack types in the context of SDN. This work is distinct from previous studies as DDoS defense solutions are analyzed based on the specific architectures of SDN, an aspect not addressed in prior surveys.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111711"},"PeriodicalIF":4.6,"publicationDate":"2025-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145106438","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"TitNet: A time-series model based on multi-period nesting for encrypted traffic classification","authors":"Congcong Wang ,&nbsp;Xin Li ,&nbsp;Zhaoqiang Cui ,&nbsp;Lina Xu ,&nbsp;Jiangang Hou ,&nbsp;Jie Sun ,&nbsp;Hongji Xu ,&nbsp;Zhi Liu","doi":"10.1016/j.comnet.2025.111702","DOIUrl":"10.1016/j.comnet.2025.111702","url":null,"abstract":"<div><div>Encrypted traffic classification is essential for network management tasks such as quality-of-service controls, identifying malicious traffic, and enhancing cybersecurity. However, the scarcity of plaintext information and the significant reduction of payload characteristics in encrypted traffic present challenges to effective classification. To tackle these issues, we propose a novel time series model called TitNet, which models network traffic at the session level as a multivariate time series and effectively integrates periodic and spatial features inherent in time series data. Our TitNet contains a dynamic frequency selection strategy(DFSS) that facilitates the conversion of time series data into two-dimensional tensor representations, which is pivotal for accurately discerning the intricate patterns embedded in encrypted traffic. This approach enables TitNet to iteratively transform time series into 2D tensors, effectively exploiting the multi-period nesting characteristics of the data to improve classification performance. Experimental results on the ISCXTor2016 dataset (43 Tor/NonTor categories) robustly indicate that our TitNet excels in the detection, classification, and identification of applications within encrypted traffic, achieving 96.21 % accuracy while handling extreme class imbalance. Nonetheless, TitNet introduces additional computational overhead and relies on fixed session truncation, which may limit scalability and long-range modeling. Future work will explore lightweight variants and improved sequence aggregation strategies to address these challenges.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111702"},"PeriodicalIF":4.6,"publicationDate":"2025-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145158526","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Autoencoder-based decentralized federated learning for efficient communication","authors":"Abdul Wahab Mamond,&nbsp;Majid Kundroo,&nbsp;Taehong Kim","doi":"10.1016/j.comnet.2025.111676","DOIUrl":"10.1016/j.comnet.2025.111676","url":null,"abstract":"<div><div>Decentralized federated learning (DFL) has emerged as a solution for traditional federated learning’s limitations, such as network bottlenecks and single-point failure, by enabling direct communication between nodes and eliminating the reliance on a central server. However, DFL still encounters challenges like increased communication costs as the number of participating nodes increases, amplifying the need for efficient compression techniques. Moreover, the increasing complexity of models, including vision, language, and generative models (e.g., GPT), further underscores this necessity due to their large parameter sizes. To address the communication cost-related issues in DFL, this study introduces Autoencoder-based Decentralized Federated Learning (AEDFL), which leverages autoencoders to compress model updates before transmission, allowing them to be reconstructed at the receiving end with high fidelity and minimal loss of accuracy. We conduct comprehensive experiments using two models, SqueezeNet and DenseNet, on three benchmark datasets: CIFAR-10 (under both IID and non-IID settings), FashionMNIST, and CIFAR-100. The results demonstrate that AEDFL achieves up to 122x compression with negligible accuracy degradation, showcasing its effectiveness in balancing communication efficiency and model performance across varying model sizes and dataset complexities.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111676"},"PeriodicalIF":4.6,"publicationDate":"2025-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145106008","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Adaptive memory replay for network intrusion detection: Tackling data drift and catastrophic forgetting","authors":"Nasreen Fathima A H ,&nbsp;Ansam Khraisat ,&nbsp;Syed Ibrahim S P ,&nbsp;Gang Li","doi":"10.1016/j.comnet.2025.111712","DOIUrl":"10.1016/j.comnet.2025.111712","url":null,"abstract":"<div><div>Network intrusion detection aims to identify anomalous activities in network traffic, while continual learning (CL) methods strive to preserve past knowledge and adapt to evolving threats. Memory replay-based CL approaches have been widely used and proven effective at mitigating catastrophic forgetting. However, previous research has primarily focused on addressing class imbalance and has largely relied on augmented and random memory replay strategies, which introduce significant computational overhead and limit practicality in real-time applications. To overcome these challenges, we propose Task-Aware Memory Replay (TAMR), a novel framework that prioritizes past experiences based on their relevance to the current task. By dynamically adjusting the importance of replayed samples, TAMR balances the integration of new attack patterns with the retention of critical historical knowledge, ensuring resilience against evolving threats and variations in normal traffic. Unlike traditional methods that employ random selection or augmented replays, TAMR selectively replays high-impact experiences, thereby optimizing memory usage and improving adaptability. Our experiments demonstrate that TAMR achieves real-time adaptability across five distinct NIDS datasets, ultimately delivering superior performance and computational efficiency in detecting even unknown attacks in dynamic network environments. In general, we highlight the potential of memory-based replay strategies for continual learning in detecting unknown attacks using a task-aware approach.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111712"},"PeriodicalIF":4.6,"publicationDate":"2025-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145109815","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A blockchain-based federated learning framework against poisoning attacks in the internet of vehicles","authors":"Irshad Ullah,&nbsp;Xiaoheng Deng,&nbsp;Xinjun Pei,&nbsp;Husnain Mushtaq,&nbsp;Muhammad Uzair,&nbsp;Shazib Qayyum","doi":"10.1016/j.comnet.2025.111705","DOIUrl":"10.1016/j.comnet.2025.111705","url":null,"abstract":"<div><div>Federated Learning (FL) offers a decentralized solution for training machine learning models across distributed devices, making it well-suited for the Internet of Vehicles (IoV), where large volumes of sensitive data are generated. Despite this, FL systems are susceptible to poisoning attacks, which can compromise model integrity and performance. To address these challenges, this paper proposes SPBFL-IoV, a secure and privacy-preserving blockchain-based federated learning framework for IoV environments. The framework is specifically designed to defend against poisoning attacks, such as label-flipping and model manipulation. The proposed framework integrates blockchain technology to securely record model updates in a tamper-proof and auditable ledger, ensuring their integrity and verifiability. In addition, Homomorphic Encryption (HE) is employed to protect the confidentiality of data and model parameters during communication. Furthermore, to preserve the robustness, accuracy, and integrity of the global model in the presence of malicious participants, we employ advanced Filtering and Clipping mechanisms to identify and mitigate malicious updates. Experimental results demonstrate the effectiveness of SPBFL-IoV in terms of Overall Accuracy (All-Acc), Source-class Accuracy (Src-Acc), and Attack Success Rate (ASR), achieving an All-Acc of 98.10 % and Src-Acc of 96.00 % on the MNIST dataset, and an All-Acc of 76.15 % and Src-Acc of 60.10 % on the CIFAR-10 dataset. Furthermore, it maintains a low ASR of 0.39 % on MNIST and 9.23 % on CIFAR-10. Compared to existing methods, these results demonstrate the framework’s superior capability in countering poisoning attacks. Overall, the framework maintains high performance as measured by All-Acc and Src-Acc, and resilience against adversarial behavior, as reflected in its low ASR, making it a trustworthy solution for secure and collaborative learning within the IoV.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111705"},"PeriodicalIF":4.6,"publicationDate":"2025-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145106010","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"TOPLDM: Towards dynamic low overhead traffic obfuscation based on packet length distribution modification","authors":"Zhichao Hu ,&nbsp;Likun Liu ,&nbsp;Jiaxing Gong ,&nbsp;Yao Zhang ,&nbsp;Minghao Guo ,&nbsp;Mengmeng Ge ,&nbsp;Qing Guo ,&nbsp;Lina Ma ,&nbsp;Xiangzhan Yu","doi":"10.1016/j.comnet.2025.111707","DOIUrl":"10.1016/j.comnet.2025.111707","url":null,"abstract":"<div><div>The emergence of encrypted traffic fingerprinting has made it possible to monitor and analyze users’ online activities even under encrypted protocols like SSL/TLS, posing a serious threat to the personal privacy and data security. While researchers have proposed various traffic obfuscation methods to defend against encrypted traffic fingerprinting, there are still issues such as the high resource overhead, the weak robustness, the difficulty in dynamically adjusting obfuscation strategies and the inability to deploy in real network environments. To address these problems, this paper proposes an efficient and effective traffic obfuscation method based on packet length distribution modification. It designs a distribution-based packet length mapping method to dynamically adjust the mapping rules of packet lengths by selecting different target distributions. The packets are then modified by segmentation and stacking. By modifying the distribution of packet lengths, this method indirectly affects temporal features, effectively resisting encrypted traffic fingerprinting methods. Experimental results show that the approach outperforms existing traffic obfuscation methods in terms of obfuscation effectiveness, with 7 % success rate improved in real traffic obfuscation. Additionally, through comparative experiments with classic methods such as BuFLO, Cs-BuFLO, WTF-PAD, FRONT, Wfd-GAN, WGAN, and FGSM-AS, the advantages of this method in terms of time and bandwidth resource consumption are verified, and showing satisfactory robustness towards retrain.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111707"},"PeriodicalIF":4.6,"publicationDate":"2025-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145106003","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Novel packet management strategy for minimizing AoI in vehicle-to-everything communications","authors":"Saber F. Mohammed ,&nbsp;Pan Zhiwen ,&nbsp;Zeyad A.H. Qasem","doi":"10.1016/j.comnet.2025.111706","DOIUrl":"10.1016/j.comnet.2025.111706","url":null,"abstract":"<div><div>Real-time information freshness is critical for ensuring timely status updates in applications such as vehicle-to-everything (V2X) communications and autonomous driving. The age of information (AoI) metric is valuable for evaluating the freshness of delivered packets. However, maintaining low AoI is challenging due to limited bandwidth, computational delays, and stringent freshness requirements. To address these challenges, this paper proposes a novel packet management strategy, called age-priority last-generated first-served (AP-LGFS) for a multi-road user system operating over a cellular network. AP-LGFS dynamically prioritizes newly arrived packets and selectively preempts ongoing transmissions when incoming packets exhibit a lower expected AoI, ensuring the timely delivery of critical updates. Then, the proposed AP-LGFS is combined with queuing model to analyze both AoI and peak AoI (PAoI) in road user-to-vehicle communication links. Additionally, it investigates the impact of road user packet arrival rates on information freshness. We use a stochastic process to compare our strategy with other scheduling strategies within the solution space. Comparative simulations demonstrate that AP-LGFS outperforms other scheduling strategies in minimizing AoI and PAoI, thereby enhancing information freshness, and supporting reliable V2X communication systems.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111706"},"PeriodicalIF":4.6,"publicationDate":"2025-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145106009","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Efficient and secure multiparty summation without semi-honest third-party","authors":"Zhuo Liu ,&nbsp;Fulin Li ,&nbsp;Mu Han ,&nbsp;Shixin Zhu","doi":"10.1016/j.comnet.2025.111690","DOIUrl":"10.1016/j.comnet.2025.111690","url":null,"abstract":"<div><div>In modern distributed computing systems, ensuring the security and privacy of data across numerous distributed devices is paramount. We propose an efficient and verifiable multiparty summation protocol using public-key cryptography. Each participant can securely share encrypted data with attached validity proofs, enabling anyone to independently verify and compute the final result. This decentralized protocol eliminates the need for a semi-honest third party, enhancing resilience against active attacks from malicious participants and observers. Additionally, it removes the requirement for secret channels, making it ideal for public networks. This design significantly reduces overhead while ensuring robust security. Experimental results demonstrate the efficiency and scalability of our protocol, highlighting its potential for practical applications in privacy-preserving computations across medical, military, and commercial domains.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111690"},"PeriodicalIF":4.6,"publicationDate":"2025-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145049710","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}