Computer Networks最新文献

{"title":"AAR-Log: A robust log anomaly detection method resisting adversarial attacks","authors":"Jiahao Wu ,&nbsp;Sanfeng Zhang ,&nbsp;Hongxian Liu ,&nbsp;Wang Yang","doi":"10.1016/j.comnet.2025.111471","DOIUrl":"10.1016/j.comnet.2025.111471","url":null,"abstract":"<div><div>In recent years, adversarial evasion attacks against log-based anomaly detection systems have been proven to pose severe threats. Existing detection models lack targeted defense mechanisms against such attacks, enabling malicious actors to conceal anomalous activities. This not only prevents timely detection of system failures or intrusions, but also significantly elevates security risks and potential losses. To address this challenge, this paper proposes AAR-log, a novel adversarial-resilient log anomaly detection framework. The key innovations of AAR-log include: (1) integrating various types of features including log components, log levels, and log templates to construct a more comprehensive representation of log sequences; (2) employing ensemble learning to enhance model diversity and mitigate the vulnerability of single-model approaches; and (3) incorporating adversarial training to constrain the adversarial sample space, thereby significantly improving the framework’s robustness under adversarial conditions. Extensive experiments on benchmark log datasets demonstrate that AAR-log exhibits superior adversarial robustness. Its ensemble learning mechanism and adversarial training strategy effectively enhance resistance against evasion attacks, achieving higher TPR and F1 scores compared to baseline models. Notably, AAR-log also maintains strong generalization performance in non-adversarial environment. In the HDFS dataset, AAR-log improves TPR by 2.8%–9.5% and F1-score by 4.6%–14.3% over baseline models. In the BGL dataset, it achieves even greater gains, increasing TPR by 17.1%–26.7% and F1-score by 3.9%–28.4%. These results validate the effectiveness and robustness of AAR-log in log-based anomaly detection.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111471"},"PeriodicalIF":4.4,"publicationDate":"2025-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144471151","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Resource allocation for UAV-assisted anti-jamming semantic D2D networks: A graph reinforcement learning approach","authors":"Wancheng Xie ,&nbsp;Helin Yang ,&nbsp;Zehui Xiong","doi":"10.1016/j.comnet.2025.111463","DOIUrl":"10.1016/j.comnet.2025.111463","url":null,"abstract":"<div><div>Semantic communication (SemCom) breaks the limitations of traditional communication methods in semantic understanding and processing, and provides more efficient and intelligent information exchange for wireless networks. In this paper, we investigate an unmanned-aerial-vehicle (UAV)-assisted anti-jamming device-to-device (D2D) network with SemCom, aiming to maximize the quality of experience (QoE) of mobile users (MUs) in the presence of malicious jammers. The UAV serves as a relay to improve the space-extensibility of D2D networks. The formulated problem is challenging to be solved due to its non-convex and stochastic nature. Therefore, we model the problem as a Markov decision process and address it by designing a proximal policy optimization (PPO)-based deep reinforcement learning (DRL) framework to tackle the high-dimensional hybrid action space. To address the irregular and dynamic network topologies in D2D networks, we introduce heterogeneous graph neural networks (GNNs) into the DRL agent to enhance its feature extraction capability over the wireless links. Extensive numerical results demonstrate that the proposed GPPO approach outperforms the multi-layer-perception-based PPO scheme, and effectively maximizes the QoE of MUs under various scenarios.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111463"},"PeriodicalIF":4.4,"publicationDate":"2025-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144365732","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Asynchronous federated learning based zero trust architecture for the next generation industrial control systems","authors":"Fei Lv ,&nbsp;Hangyu Wang ,&nbsp;Zhiwen Pan ,&nbsp;Rongkang Sun ,&nbsp;Shuaizong Si ,&nbsp;Weidong Zhang ,&nbsp;Shichao Lv ,&nbsp;Limin Sun","doi":"10.1016/j.comnet.2025.111459","DOIUrl":"10.1016/j.comnet.2025.111459","url":null,"abstract":"<div><div>The zero-trust architecture (ZTA) is an emerging technology for ensuring the security of next-generation industrial control systems (ICSs). However, ICSs are complex and characterised by diverse equipment, cyber-physical integration, dynamic network topologies and stringent real-time demands, which present significant challenges to ZTA implementation. Moreover, as enterprises increasingly share data to identify advanced business patterns, the risk of data breaches escalates during the digitalisation and intelligent transformation process. To address these issues, this article proposes a ZTA for next-generation ICSs based on asynchronous federated deep learning (FDL). Both physical and cyber information is considered in trust evaluations, except for subject and object attributes. This can significantly enhance the accuracy of zero-trust decision-making. Furthermore, a novel grouping-based asynchronous federated learning algorithm is proposed to reduce the aggregation delay experienced by different devices, grouping those with similar computing capabilities and business urgency requirements. Additionally, optimising model aggregation enhances the model’s adaptability to swift changes in ICSs environments. Through rigorous validation in a real gas pipeline system in our laboratory, we demonstrated the effectiveness of our proposed ZTA, showing that it is superior to alternative methodologies.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111459"},"PeriodicalIF":4.4,"publicationDate":"2025-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144510820","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"RTQS: Real-time flow fairness queue scheduling policy on router devices","authors":"Hong Zhang ,&nbsp;Zhenge Xu ,&nbsp;Feixue Han ,&nbsp;Fuliang Li ,&nbsp;Qing Li","doi":"10.1016/j.comnet.2025.111443","DOIUrl":"10.1016/j.comnet.2025.111443","url":null,"abstract":"<div><div>Real-time flows have become an important part of modern networks, and routers are facing increasingly complex network environments. The Active Queue Management (AQM) on routers, which devote to balance the delay requirements of real-time flows and the bandwidth fairness of network traffic, has become a challenging research topic. Existing schemes mainly focus on achieving precise bandwidth allocation through flow isolation or maintain consistently short queues to control the delay of flows. However, they fail to achieve an ideal trade-off among the bandwidth fairness, the delay requirements of real-time flows, and link utilization. This problem is even more pronounced in heterogeneous networks. In this paper, we propose Real-Time flow Fairness Queue Schedule (RTQS), a novel active queue management approach, which enhances the bandwidth fairness in router-side while effectively guarantees the delay requirements of real-time flows. RTQS performs differentiated scheduling for different types of traffic by assigning packets into proper queues whose buffer size is dynamically maintained. This effectively ensures the real-time flows’ timeliness. Moreover, RTQS achieves a scalable in-network bandwidth fairness enhancement solution by using only several queues, to ensure that different congestion control algorithms can properly co-exist, even in heterogeneous networks. We develop a prototype implementation for NS-3 simulator, which is a widely used network simulator, as an open-source solution. Our experimental results illustrate that RTQS significantly improves the bandwidth fairness among flows. Compared to other advanced AQM methods, RTQS improves the Jain’s Fairness Index (JFI) by a factor ranging from 3.45% to 102.04% and reduces the queuing delay of real-time flows by 71%, mitigating the impact of delay inflation.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111443"},"PeriodicalIF":4.4,"publicationDate":"2025-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144480671","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Explainable federated class incremental learning for Encrypted Network Traffic classification","authors":"Raffaele Carillo,&nbsp;Francesco Cerasuolo,&nbsp;Giampaolo Bovenzi,&nbsp;Domenico Ciuonzo,&nbsp;Antonio Pescapè","doi":"10.1016/j.comnet.2025.111448","DOIUrl":"10.1016/j.comnet.2025.111448","url":null,"abstract":"<div><div>Network traffic has experienced substantial growth in recent years, requiring the implementation of more advanced techniques for effective management. In this context, Traffic Classification (TC) helps in successfully handling the network by identifying what is flowing through it. Nowadays, <em>data-driven</em> approaches—viz., Machine Learning (ML) and Deep Learning (DL)—are widely employed to address this task. However, these approaches struggle to keep pace with the ever-changing nature of traffic due to the introduction of new or updated services/apps and exhibit a decision-making process not interpretable. Furthermore, network traffic can vary significantly by geographic area, requiring a decentralized privacy-preserving approach to update classifiers collaboratively. In this work, we propose a Federated Class Incremental Learning (FCIL) framework that integrates Class Incremental Learning (CIL) and Federated Learning (FL) for network TC while incorporating a comprehensive eXplainable Artificial Intelligence (XAI) methodology, tackling the challenges of updating traffic classifiers, managing the geographic diversity of traffic along with data privacy, and interpreting the decision-making process, respectively. To assess our proposal, we leverage two publicly available encrypted network traffic datasets. Our findings uncover that, in small networks, fewer synchronizations facilitate retaining old knowledge, while larger networks reveal an approach-dependent pattern, yet still exhibiting good retention performance. Moreover, in both small and larger networks, <em>frequent updates enhance the assimilation of new information</em>. Notably, <span><math><msup><mrow><mstyle><mi>B</mi><mi>i</mi><mi>C</mi></mstyle></mrow><mrow><mo>+</mo></mrow></msup></math></span> is the most effective approach in small networks (i.e., 2 clients) while <span><math><mstyle><mi>i</mi><mi>C</mi><mi>a</mi><mi>R</mi><mi>L</mi><mtext>+</mtext></mstyle></math></span> performs best in larger networks (i.e., 10 clients), obtaining 82% and 79% F1 on <span><math><mstyle><mi>C</mi><mi>E</mi><mi>S</mi><mi>N</mi><mi>E</mi><mi>T</mi></mstyle></math></span>-<span><math><mstyle><mi>T</mi><mi>L</mi><mi>S</mi><mi>2</mi><mi>2</mi></mstyle></math></span>, respectively. Leveraging XAI techniques, we analyze the effect of incorporating a per-client bias correction layer. By integrating sample-based and attribution-based explanations, we provide detailed insights into the decision-making process of FCIL approaches.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111448"},"PeriodicalIF":4.4,"publicationDate":"2025-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144335702","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Optimizing cost through UAV deployment and task assignment in hybrid UAV-assisted MEC systems","authors":"Haolin Liu ,&nbsp;Shi Yin ,&nbsp;Tingrui Pei ,&nbsp;Zhiquan Liu ,&nbsp;Qingyong Deng ,&nbsp;Yanping Cheng","doi":"10.1016/j.comnet.2025.111400","DOIUrl":"10.1016/j.comnet.2025.111400","url":null,"abstract":"<div><div>Unmanned Aerial Vehicle (UAV) technology has become a significant component in Mobile Edge Computing (MEC) systems. By integrating MEC servers with UAVs, efficient computing and communication services can be delivered in emergency environments, such as post-disaster emergency rescues and in remote mountainous regions. However, the integration of MEC servers with UAVs inevitably increases Capital Expenditures (CapEx). Furthermore, the UAV, burdened with the MEC server, must hover to provide computing and communication services, leading to heightened energy consumption. To address the challenges of optimizing UAV deployment costs and energy consumption, we propose a UAV-assisted MEC framework employing both traditional Transmission UAVs (T-UAVs) and MEC-enabled Computing UAVs (C-UAVs). By jointly optimizing UAV deployment, task assignment, and computing resource allocation, we formulate a problem aimed at minimizing the system’s Total Cost (TC), encompassing both CapEx and the Operational Expenditures (OpEx) associated with UAV energy consumption. To tackle this problem, we introduce a Bi-Level Alternative Optimization (BLAO) algorithm to derive the solution, with the upper-level addressing UAV deployment and the lower-level focusing on task assignment and computing resource allocation. Simulation results demonstrate that our algorithm consistently outperforms existing benchmark solutions across diverse scenarios.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111400"},"PeriodicalIF":4.4,"publicationDate":"2025-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144329899","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A stochastic learning algorithm for multi-agent game in mobile network: A Cross-Silo federated learning perspective","authors":"Hongze Liu ,&nbsp;Junzhe Liu ,&nbsp;Zhaojiacheng Zhou ,&nbsp;Shijing Yuan ,&nbsp;Jiong Lou ,&nbsp;Chentao Wu ,&nbsp;Jie Li","doi":"10.1016/j.comnet.2025.111458","DOIUrl":"10.1016/j.comnet.2025.111458","url":null,"abstract":"<div><div>Collaboration in mobile network involves multiple servers and smart devices, introducing the challenging of coordination. The inherent challenges arise from incomplete environmental information due to dynamic networks and privacy concerns, making collaboration for all participants a complex task. In this work, we introduce a Multi-agent step Refinement Stochastic Learning Algorithm (MARSL) empowered by neighbor search, achieving superior outcomes with low complexity compared to baseline algorithms. To demonstrate the performance of the proposed algorithm, we provide comprehensive theoretical analysis on the superior properties. We then formulate two Non-IID cross-silo Federated Learning scenarios as typical non-convex cases in mobile network collaboration. By conducting multiple experiments, we illustrate the algorithm’s superior performance in both final utility and computation complexity. This contribution addresses the cooperation challenge in Cross-silo FL, providing an effective solution for scenarios with incomplete environmental information.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111458"},"PeriodicalIF":4.4,"publicationDate":"2025-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144490883","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Topology-aware handover parameterization for radio link failures reduction in dynamic ON/OFF small-cell networks","authors":"Syed Maaz Shahid ,&nbsp;SungKyung Kim ,&nbsp;Sungoh Kwon","doi":"10.1016/j.comnet.2025.111462","DOIUrl":"10.1016/j.comnet.2025.111462","url":null,"abstract":"<div><div>In this work, we propose a topology-aware mobility robustness optimization algorithm to reduce radio link failures (RLFs) in dynamic ON/OFF small-cell networks. Heterogeneous traffic patterns enable network operators to implement a cell ON/OFF strategy for energy reduction in beyond fifth-generation networks, as base stations are the most energy-consuming devices in the cellular network. The cell ON/OFF strategy dynamically changes the network topology (cell coverage) over time, often leading to improper handover parameter settings in the new network topology. The proposed algorithm compares the current and previous network topologies and, based on their similarity, initializes handover parameters for the new topology using previously stored settings. The concept of angle of incidence is utilized to determine the geometric and directional relationships between cells, enabling the algorithm to identify symmetrical sub-topologies. Geometric features, including the angle of incidence and Euclidean distances, that represent cell topology are used to compare the similarity of network topologies. Through simulations, we demonstrate that the proposed algorithm significantly reduces R LFs when the network topology changes due to cell ON/OFF, compared to other algorithms.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111462"},"PeriodicalIF":4.4,"publicationDate":"2025-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144490884","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Multi-objective optimization model and algorithm for network slicing with demand exceeding resources","authors":"Wei Guo,&nbsp;Xiaoli Wang,&nbsp;Yuping Wang","doi":"10.1016/j.comnet.2025.111460","DOIUrl":"10.1016/j.comnet.2025.111460","url":null,"abstract":"<div><div>Network slicing allocation is a new kind of task and resource scheduling technique for 5G and 6G networks and provides the high quality service by allocating the limited infrastructure network resources to massive heterogeneous user requests (various network slices). Currently, most existing studies only consider the situation that infrastructure network resources can meet the demands of all users. However, with the quick increase of network users, the infrastructure network resources usually cannot satisfy the demands of all users. To tackle this problem, this paper designs a two-objective optimization model to maximize the service provider revenue and the user experience. To solve the model effectively, a new evolutionary algorithm based on NSGA-II framework is proposed, in which the tailor-made encoding scheme, decoding scheme and evolutionary operators are designed, respectively. The simulation results indicate that the proposed algorithm can provide diverse resource allocation solutions and is superior in scenarios where the user resource demands exceed the total available resources in the infrastructure network.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111460"},"PeriodicalIF":4.4,"publicationDate":"2025-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144471152","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"IPO-ZTA: An Intelligent Policy Orchestration Zero Trust Architecture for B5G and 6G","authors":"Yulong Fu ,&nbsp;Yuanqi Xie ,&nbsp;Wei Yi ,&nbsp;Bikal Poudel ,&nbsp;Jin Cao ,&nbsp;Hui Li","doi":"10.1016/j.comnet.2025.111450","DOIUrl":"10.1016/j.comnet.2025.111450","url":null,"abstract":"<div><div>As 5G and 6G networks become more complex and diverse, traditional security models based on trust boundaries face significant challenges. Zero Trust Architecture (ZTA), with its core principle of “never trust, always verify”, offers a potential solution for securing these dynamic networks. However, due to the vast and complex nature of B5G and 6G, how to achieve the “zero trust” concept in a high dynamic and service oriented systems are still lack of discussion, which limits the developing of ZTA in B5G and 6G, and the network’s ability to respond effectively to emerging threats are also inappropriate. In this article, we proposed an Intelligent Policy Orchestration Zero Trust Architecture (IPO-ZTA), which combines 6G Integrated Sensing and Communication (ISAC) capabilities with AI/ML techniques to predict security requirements and dynamically adjust fine grained security policies to fill this gap. The proposed framework introduces two AI-driven components: one that predicts security demands based on real-time network data and another that adjusts security policies based on these predictions. Additionally, we present a modular 3GPP security capability library that enhances the accuracy and flexibility of policy execution. Our research shows that IPO-ZTA improves the adaptability and efficiency of security policies in real-time while fully aligning with the core Zero Trust principles defined by 3GPP for the next generation networks.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111450"},"PeriodicalIF":4.4,"publicationDate":"2025-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144314466","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}