Computer Networks最新文献

{"title":"A Survey on anomaly detection in IoT: Techniques, challenges, and opportunities with the integration of 6G","authors":"Zeeshan Ali Haider ,&nbsp;Asim Zeb ,&nbsp;Taj Rahman ,&nbsp;Sushil Kumar Singh ,&nbsp;Rizwan Akram ,&nbsp;Ali Arishi ,&nbsp;Inam Ullah","doi":"10.1016/j.comnet.2025.111484","DOIUrl":"10.1016/j.comnet.2025.111484","url":null,"abstract":"<div><div>The combination of Artificial Intelligence (AI) and data science in the Internet of Things (IoT) has enhanced the concept of anomaly detection. It improves system reliability, efficiency, and security in industrial automation, healthcare, smart cities, and cybersecurity sectors. This survey aims to provide an overview of the current developments, issues, and prospects of this growing area of study. This survey also highlights the importance of AI algorithms, particularly Machine Learning (ML) and Deep Learning (DL), in enhancing the capabilities of detection, analysis, and enabling measures in anticipation of future events. In addition, it identifies the major issues considered crucial to the DL application’s general framework, such as the data quality problem, model interpretability, and real-time and scalability issues. It provides potential solutions through federated learning, edge computing, and blockchain technologies. This paper explores how various features of 6G, including ultra-low latency, massive connectivity, and energy-efficient communication frameworks, can significantly enhance the capabilities of IoT anomaly detection systems. Although 5G brings impressive data rates and connectivity, 6G is anticipated to introduce a paradigm shift in real-time analytics, distributed intelligence, and scalability, which is vital for efficient IoT anomaly detection. The emphasis of this paper is on the use case of IoT anomaly detection, given the unique capabilities of 6G that were not fully explored in previous communication technologies, such as 4G and 5G, particularly in terms of handling computational complexity. By addressing many of the previously listed challenges, the ultra-low latency, massive connectivity, and energy-efficient communication frameworks that 6G will support will revolutionize anomaly detection and support processes, resulting in more robust and adaptive IoT ecosystems.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"270 ","pages":"Article 111484"},"PeriodicalIF":4.4,"publicationDate":"2025-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144549690","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A value-driven system design framework for sustainable 6G networks","authors":"Giancarlo Sciddurlo,&nbsp;Federica de Trizio,&nbsp;Giuseppe Piro,&nbsp;Gennaro Boggia","doi":"10.1016/j.comnet.2025.111477","DOIUrl":"10.1016/j.comnet.2025.111477","url":null,"abstract":"<div><div>The global challenges of the 21st century, including climate change, the digital divide, social inequalities, and poverty, pose significant obstacles to sustainable development, as highlighted by the United Nations agenda. Its 17 Sustainable Development Goals (SDGs) outline a vision for addressing these issues, necessitating innovative solutions powered by infrastructures such as 6G, a key driver of high-performance networking and societal progress. Achieving this dual objective requires a value-driven approach that extends beyond traditional communication network functionalities. In this context, Key Value Indicators (KVIs) emerge as essential metrics that capture intangible yet critical societal values, complementing traditional Key Performance Indicators (KPIs). However, the integration of ethical principles and social values into networking remains largely unexplored in the scientific literature and research communities. Building on these premises, this work introduces a system design framework that formalizes and evaluates KVIs alongside KPIs, leveraging Intent-Based Networking (IBN) to embed ethical and social dimensions into network services. To enable responsible resource-service provisioning, a bi-objective optimization problem is formulated, balancing network performance and societal value. The problem is solved using an exact <span><math><mi>ɛ</mi></math></span>-constraint method, ensuring optimal trade-offs between KPIs and KVIs. The results validate the effectiveness of the proposed service orchestration framework, demonstrating an improvement of up to 70% in the ethical and social value provided by the network compared to baseline solutions. This highlights the framework’s capability to integrate social and ethical considerations into the service allocation process while preserving competitive network performance.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111477"},"PeriodicalIF":4.4,"publicationDate":"2025-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144510877","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Constant playout rates: Resource allocation for improved user experience with live video streaming in 5G","authors":"Fidan Mehmeti ,&nbsp;Serkut Ayvaşık ,&nbsp;Furkan Kaynar ,&nbsp;Thomas F. La Porta ,&nbsp;Wolfgang Kellerer","doi":"10.1016/j.comnet.2025.111481","DOIUrl":"10.1016/j.comnet.2025.111481","url":null,"abstract":"<div><div>Providing a high-quality real-time video streaming experience to mobile users is one of the biggest challenges in cellular networks. This is due to the need of these services for high rates with low variability, i.e., stable throughput, which is not easily accomplished given the competition among (an ever-increasing number of) users for limited network resources and the high variability of their channel conditions. A way to improve the user experience is by exploiting users’ buffers and the ability to provide a constant data rate to everyone, as one of the initially envisioned features of 5G networks. However, it was already shown that the latter is not very efficient, neither in terms of the achievable data rates nor in terms of the amount of resources left unused. In this paper, we provide a theoretical-analysis framework for resource allocation in 5G networks that leads to an improved user experience when watching live video while providing a constant video resolution at almost all times. We do this by solving four problems, in which the objectives are to provide the highest achievable video resolution to all single-class and multi-class users, and to maximize the number of users that experience a given video resolution. The analysis is validated by simulations that are run on publicly-available traces. We also compare the performance of our approach against other techniques for different Quality of Experience metrics. Results show that performance can be improved by at least 15% with our approach compared to state of the art.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111481"},"PeriodicalIF":4.4,"publicationDate":"2025-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144510821","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"FedLLMGuard: A federated large language model for anomaly detection in 5G networks","authors":"Hadiseh Rezaei ,&nbsp;Rahim Taheri ,&nbsp;Mohammad Shojafar","doi":"10.1016/j.comnet.2025.111473","DOIUrl":"10.1016/j.comnet.2025.111473","url":null,"abstract":"<div><div>The rise of 5G networks has introduced new security challenges, particularly in detecting and mitigating dynamic traffic anomalies, adversarial threats, and large-scale cyberattacks. Traditional Machine learning-based Intrusion Detection Systems (IDS) suffer from high latency, poor adaptability, and privacy risks due to centralized data aggregation. To address these issues, we propose <em>FedLLMGuard</em> as a novel framework integrating Federated Learning (FL) with Large Language Models (LLM) for real-time privacy-preserving and adaptive anomaly detection in 5G networks. Our method uses FL for decentralized learning while utilizing LLM for contextual traffic analysis and interoperability. Moreover, our framework introduces the CorruptNet adversarial attack, a novel poisoning strategy targeting FL-based anomaly detection, ensuring robustness evaluation under adversarial conditions. We evaluate our model against three methods – Random Forest, LSTM, and PSO Autoencoder LSTM – using three benchmark datasets: TII-SSRC-23, CICDDoS2019, and NF-UNSW-NB15. Experimental results demonstrate that FedLLMGuard outperformed all models, whether subjected to the CorruptNet adversarial attack or not. Under the CorruptNet attack, it achieves an accuracy of 98.64%, a false positive rate of only 2.16%, and ultra-low detection latency (0.0113s). These results underscore FedLLMGuard’s capacity to detect threats rapidly, mitigate attacks effectively, and sustain high accuracy while ensuring data privacy, making it a scalable and resource-efficient security solution for 5G networks.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111473"},"PeriodicalIF":4.4,"publicationDate":"2025-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144480672","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Federated Learning of Explainable AI(FedXAI) for deep learning-based intrusion detection in IoT networks","authors":"Rajesh Kalakoti ,&nbsp;Sven Nõmm ,&nbsp;Hayretdin Bahsi","doi":"10.1016/j.comnet.2025.111479","DOIUrl":"10.1016/j.comnet.2025.111479","url":null,"abstract":"<div><div>The rapid growth of Internet of Things(IoT) devices has increased their vulnerability to botnet attacks, posing serious network security challenges. While deep learning models within federated learning (FL) can detect such threats while preserving privacy, their black-box nature limits interpretability, crucial for trust in security systems. Integrating explainable AI (XAI) into FL is significantly challenging, as many XAI methods require access to client data to interpret the behaviour of the global model on the server side. In this study, we propose a Federated Learning of Explainable AI (FedXAI) framework for binary and multiclass classification (botnet type and attack type) to perform intrusion detection in IoT devices. We incorporate one of the widely known XAI methods, SHAP (SHapley Additive exPlanations), into the detection framework. Specifically, we propose a privacy-preserving method in which the server securely aggregates SHAP value-based explanations from local models on the client side to approximate explanations for the global model on the server, without accessing any client data. Our evaluation demonstrates that the securely aggregated client-side explanations closely approximate the global model explanations generated when the server has access to client data. Our FL framework utilises a long-short-term memory (LSTM) network in a horizontal FL setup with the FedAvg (federated averaging) aggregation algorithm, achieving high detection performance for botnet detection in all binary and multiclass classification tasks. Additionally, we evaluated post-hoc explanations for local models client-side using LIME (Local Interpretable Model-Agnostic Explanations), Integrated Gradients(IG), and SHAP, with SHAP performing better based on metrics like Faithfulness, Complexity, Monotonicity, and Robustness. This study demonstrates that it is possible to achieve a high-performing FL model that addresses both explainability and privacy in the same framework for intrusion detection in IoT networks.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"270 ","pages":"Article 111479"},"PeriodicalIF":4.4,"publicationDate":"2025-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144579842","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Dynamic task offloading and online scheduling for Edge-enabled IoT with a hierarchical framework","authors":"Bo Shen,&nbsp;Qi Gu,&nbsp;Gang Yang","doi":"10.1016/j.comnet.2025.111486","DOIUrl":"10.1016/j.comnet.2025.111486","url":null,"abstract":"<div><div>Multi-access edge computing is an effective computing paradigm that supports computation-intensive applications for Internet of Things (IoT) equipment. Due to the shortage of environmental knowledge, it is difficult for each device to decide the optimal offloading decision in a distributed way. The dynamic nature of task generation and the diversity of requirements also present a significant challenge to the resource management of edge servers. The problem is additionally complex, as the two decisions are coupled to determine the utility of IoT devices. To overcome these challenges, the paper addresses the online computation offloading and dynamic task scheduling issue in multi-access IoT. We establish a two-layer adaptive approach called DENOTE to address the problem. Benefiting from evolutionary game and deep reinforcement learning, we propose a service provider selection game based on replicator dynamics to make offloading decisions at the device side. We also present a proximal policy optimization based approach to schedule the heterogeneous tasks at the edge side. Extensive experiments are carried out to assess the proposed approach in terms of the convergence speed of DENOTE and long-term cost of devices. The findings indicate the approach has superior convergence and outperforms baselines with less information.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111486"},"PeriodicalIF":4.4,"publicationDate":"2025-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144480673","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Traffic through two lenses: A dual-branch vision transformer for IoT traffic classification","authors":"Wen Yang,&nbsp;Chenxi Tang,&nbsp;Chaowei Tang,&nbsp;Jingwen Lu,&nbsp;Jing Si,&nbsp;Zhuo Zeng,&nbsp;Wenyu Ma","doi":"10.1016/j.comnet.2025.111469","DOIUrl":"10.1016/j.comnet.2025.111469","url":null,"abstract":"<div><div>Internet of Things (IoT) traffic classification identifies different communication activities by analyzing network traffic to ensure efficient and reliable Quality of Service (QoS) for businesses. However, with the dramatic increase in IoT devices, traffic from smart homes, industrial sensor networks, and other diverse traffic exhibits a high degree of diversity and complexity. This not only brings great challenges to network resource management, but also poses a serious threat to cyberspace security. To address this challenge, we propose Bimodal TrafficNet, a network traffic classification model based on Vision Transformer (ViT), to improve the classification accuracy and generalization ability of the model by fusing two modal information, traffic images and statistical features. The model contains two core branches: a traffic image branch (I-Branch) and a statistical feature branch (F-Branch). The former focuses on capturing the detailed features of network traffic, whereas the latter focuses on the global behavior of traffic and strengthens the synergistic effect between the two branches using a Bimodal Cross-Attention module (BCA module). In addition, the I-Branch introduces a Pixel-Level Interactive Attention module (PLIA module) to further optimize the representation of network traffic image features. The experimental results show that Bimodal TrafficNet performs best on four public datasets: Edge-IIoTset, CICIoT2022, ISCXVPN2016, and USTC-TFC2016, compared to existing methods.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111469"},"PeriodicalIF":4.4,"publicationDate":"2025-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144480670","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Transformers model for DDoS attack detection: A survey","authors":"Euclides Peres Farias Junior ,&nbsp;Anderson Bergamini de Neira ,&nbsp;Ligia Fracielle Borges ,&nbsp;Michele Nogueira","doi":"10.1016/j.comnet.2025.111433","DOIUrl":"10.1016/j.comnet.2025.111433","url":null,"abstract":"<div><div>Distributed Denial of Service (DDoS) attack detection through Transformer models is one of the innovative Deep Learning applications. DDoS attacks are hard to handle and there is no definitive solution. Therefore, detecting DDoS attacks based on the Transformer architecture are being widely explored because of its versatility and customization. Transformer architectures analyze network traffic and identify malicious patterns, given different advantages from these architectures, such as the processing capacity in long sequences, the attention mechanism (a.k.a., self-attention) aimed at capturing complex patterns in the identification of malicious traffic, real-time detection through parallelism, the generalization to new types of attacks and, finally, the complete integration with other artificial intelligence techniques. Therefore, this survey is an extensive literature review providing an overview of the Transformer Architecture through different applied models, strategies for data preprocessing, and applications in various types of data, including real-time, address different machine learning techniques and deep learning. Thus, it analyzed 45 papers that focus on detecting DDoS attacks. The F1-Score of the DDoS attack detection identified in the papers varies between 47.40% and 100.00%. This survey contributes to the understanding of relevant aspects in different models applied in transformer architecture and thus emphasizes open issues and research directions.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"270 ","pages":"Article 111433"},"PeriodicalIF":4.4,"publicationDate":"2025-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144517250","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An integration perspective of security, privacy, and resource efficiency in IoT-Fog networks: A comprehensive survey","authors":"Saeed Javanmardi ,&nbsp;Alfredo Nascita ,&nbsp;Antonio Pescapè ,&nbsp;Giovanni Merlino ,&nbsp;Marco Scarpa","doi":"10.1016/j.comnet.2025.111470","DOIUrl":"10.1016/j.comnet.2025.111470","url":null,"abstract":"<div><div>The IoT-Fog paradigm improves delay and network usage because the Fog devices are close to the users. But this closeness causes numerous security and privacy threats. In the research articles, a typical approach is to consider security and resource efficiency separately and assume the other aspect (security or resource efficiency) is working properly. While this perspective is legitimate and routine, in the last few years, researchers have attempted to propose some works that consider them simultaneously. It means that they try to implement their proposed approaches while considering the situation of other aspects. They even propose different approaches for security, privacy, and resource efficiency and test them using metrics specific to each aspect. The integration perspective optimizes resource utilization and minimizes security breaches. To our knowledge, this article is the first survey to examine articles from an integration perspective. This article aims to discuss future research efforts in developing integrated IoT-Fog solutions. It studies the perspective of an aggregated view and discusses the necessities that motivate researchers to integrate them in IoT-Fog networks. The paper examines the IoT-Fog architecture and its associated issues, providing examples of promising applications and usage. The paper groups the studies focusing on security, privacy, and resource efficiency into architectural frameworks, routing protocols, and resource management systems. It explains why these areas are important and why combining them is needed. Finally, the paper suggests some future research topics in this field.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"270 ","pages":"Article 111470"},"PeriodicalIF":4.4,"publicationDate":"2025-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144517251","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"PQBFL: A Post-Quantum Blockchain-based protocol for Federated Learning","authors":"Hadi Gharavi,&nbsp;Jorge Granjal,&nbsp;Edmundo Monteiro","doi":"10.1016/j.comnet.2025.111472","DOIUrl":"10.1016/j.comnet.2025.111472","url":null,"abstract":"<div><div>One of Federated Learning’s (FL) goals is to collaboratively train a global model using local models from remote participants to ensure security and privacy. However, the FL process is susceptible to various security challenges, including interception and tampering models, information leakage through shared gradients, and privacy breaches that expose participant identities or data, particularly in sensitive domains such as medical environments. Furthermore, the advent of quantum computing poses a critical threat to existing cryptographic protocols through the Shor and Grover algorithms, causing security concerns in the communication of FL systems. To address these challenges, we propose a Post-Quantum Blockchain-based protocol for Federated Learning (PQBFL) that utilizes Post-Quantum Cryptographic (PQC) algorithms and blockchain to enhance model security and participant identity privacy in FL systems. It employs a hybrid communication strategy that combines off-chain and on-chain channels to optimize cost efficiency, improve security, and preserve participant privacy while ensuring accountability for reputation-based authentication in FL systems. The PQBFL specifically addresses the security requirement for the iterative nature of FL, which is a less notable point in the literature. Hence, it leverages ratcheting mechanisms to provide forward secrecy and post-compromise security during all the rounds of the learning process. Experiments demonstrate that the computational cost is <span><math><mrow><mi>O</mi><mrow><mo>(</mo><msup><mrow><mi>n</mi></mrow><mrow><mn>2</mn></mrow></msup><mo>)</mo></mrow></mrow></math></span> for all rounds and the communication complexity is <span><math><mrow><mi>O</mi><mrow><mo>(</mo><mi>n</mi><mo>+</mo><mi>m</mi><mo>)</mo></mrow></mrow></math></span> in hybrid communication settings. Compared to existing methods, the proposed scheme achieves superior performance in terms of data size and gas consumption on the blockchain. These results highlight that PQBFL provides a secure, efficient, and feasible protocol for federated learning environments in the era of quantum computing.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111472"},"PeriodicalIF":4.4,"publicationDate":"2025-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144365733","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}