Journal of Network and Computer Applications最新文献

{"title":"A survey on security applications with SmartNICs: Taxonomy, implementations, challenges, and future trends","authors":"Sergio Elizalde ,&nbsp;Ali AlSabeh ,&nbsp;Ali Mazloum ,&nbsp;Samia Choueiri ,&nbsp;Elie Kfoury ,&nbsp;Jose Gomez ,&nbsp;Jorge Crichigno","doi":"10.1016/j.jnca.2025.104257","DOIUrl":"10.1016/j.jnca.2025.104257","url":null,"abstract":"<div><div>Over the last decade, network applications have grown exponentially, demanding high-speed interconnects. Unfortunately, chip manufacturers are approaching the upper limits of silicon-based computing with slow improvements in computational performance and energy efficiency. This trend has forced the industry to shift paradigms, moving from monolithic architectures to heterogeneous, domain-specific designs. Moreover, the ever-evolving threats compromise digital services and demand more scalable and flexible solutions to ensure service continuity in production networks. Smart Network Interface Cards (SmartNICs) are a product of this new paradigm, integrating domain-specific engines and general-purpose cores to offload various network infrastructure tasks, including those related to security. This paper provides a comprehensive overview of SmartNICs, with a particular focus on their role in strengthening network defenses. It introduces SmartNIC technology and presents a taxonomy of security applications offloaded to SmartNICs, categorized into Intrusion Detection and Prevention Systems (IDS/IPS), defenses against volumetric attacks, and data confidentiality mechanisms. Additionally, the paper explores vulnerabilities associated with adopting SmartNICs in the cloud, examining the threat model and reviewing proposed remediations in the literature. Finally, it discusses challenges and future trends in SmartNIC security applications, highlighting current initiatives and open research areas.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104257"},"PeriodicalIF":7.7,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144566067","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Effective ensemble learning phishing detection system using hybrid feature selection","authors":"Aaron Connolly ,&nbsp;Hany F. Atlam","doi":"10.1016/j.jnca.2025.104251","DOIUrl":"10.1016/j.jnca.2025.104251","url":null,"abstract":"<div><div>Phishing emails pose a significant threat to individuals and os, with traditional detection methods struggling to keep pace with the evolving sophistication of these attacks. Conventional Machine Learning (ML) approaches exhibit several limitations in achieving satisfactory accuracy levels when challenged with the evolving sophistication of phishing techniques. To effectively mitigate this challenge, the implementation of an advanced detection system incorporating innovative and sophisticated ML algorithms is crucial. Therefore, this paper proposed a novel stacking ensemble learning approach that leverages hybrid feature selection. The proposed model enhances the effectiveness of phishing detection by combining predictions from multiple ML algorithms, each utilising different subsets of features extracted from various parts of the email, including the header, body, and URLs. This comprehensive feature set ensures that the model captures a wide range of characteristics that differentiate phishing emails from legitimate ones. Extensive experiments were conducted to evaluate the effectiveness of the proposed model. The experimental results demonstrate that the proposed model achieves an impressive accuracy of 99.53% and an F1-measure of 0.9955, surpassing the highest accuracy of 99.10% obtained by any individual ML algorithm and outperforming the most effective phishing detection systems documented in recent literature. This significant improvement in accuracy highlights the efficacy of ensemble learning in this domain. Furthermore, the increase in accuracy is achieved with only a minimal 1.6 ms increase in detection time, making the model practical for real-world applications. This paper contributes significantly to the field of phishing detection by demonstrating the effectiveness of ensemble learning techniques in combination with hybrid feature selection. The proposed model offers a practical and effective solution to the problem of phishing, with the potential to significantly reduce the number of malicious emails reaching users’ inboxes.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104251"},"PeriodicalIF":7.7,"publicationDate":"2025-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144522689","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Exploring transferable adversarial attacks for Deep Learning-based Network Intrusion Detection","authors":"Zhongshu Mao ,&nbsp;Yiqin Lu ,&nbsp;Zhe Cheng ,&nbsp;Kaiqiong Chen","doi":"10.1016/j.jnca.2025.104255","DOIUrl":"10.1016/j.jnca.2025.104255","url":null,"abstract":"<div><div>Network Intrusion Detection Systems (NIDSs) increasingly use Deep Learning (DL) techniques due to their superior performance. However, some studies have shown that attackers can bypass DL-based NIDSs by generating Adversarial Attack Traffic (AAT). To better understand the vulnerabilities of DL-based NIDS, more and more adversarial attacks have been proposed. We observed three problems while studying these attacks: (1) Some attacks need to query the target model to construct AAT or surrogate models, which is not stealthy enough; (2) The generated AAT is impractical due to the lack of constraints when modifying features; and (3) The attack methods are limited in their extensibility. We propose a framework called SPTS to address these problems. SPTS runs in the black-box scenario without access to the target model. To generate the practical AAT, SPTS incorporates feature hierarchization and rectification. The correlations and constraints between features are established by mathematics. In addition, we implement a variety of adversarial attack algorithms within the SPTS framework, illustrating its excellent scalability. The AAT is mapped to practical packets to evaluate its transferability. Furthermore, we discover that enhancing the diversity of gradients can further improve the transferability of AAT. We propose a DGM algorithm based on SPTS, which randomly transforms the inputs to produce more robust gradients. Empirical evaluations on the standard dataset demonstrate the effectiveness and superiority of our SPTS and DGM. Defense methods to mitigate SPTS and DGM are also provided, and their advantages and disadvantages are described based on experimental results. Code is available at <span><span>https://github.com/maozhongshu1995/TransAdvAttForNIDS</span><svg><path></path></svg></span>.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104255"},"PeriodicalIF":7.7,"publicationDate":"2025-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144535540","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Deep learning based XIoT malware analysis: A comprehensive survey, taxonomy, and research challenges","authors":"Rami Darwish,&nbsp;Mahmoud Abdelsalam,&nbsp;Sajad Khorsandroo","doi":"10.1016/j.jnca.2025.104258","DOIUrl":"10.1016/j.jnca.2025.104258","url":null,"abstract":"<div><div>The Internet of Things (IoT) and its broader ecosystem, known as the Extended Internet of Things (XIoT), encompass various domains, including Industrial IoT (IIoT), Internet of Medical Things (IoMT), Internet of Vehicles (IoV), and Internet of Battlefield Things (IoBT). This interconnected ecosystem enhances automation and intelligence across industries while also increasing exposure to sophisticated malware threats. Traditional malware detection methods, such as signature-based and heuristic-based techniques, often fail to address evolving threats due to their limited ability to detect complex and dynamic behaviors. In response, deep learning has emerged as a transformative solution offering advanced capabilities for recognizing complex and dynamic malware behaviors. This paper presents a comprehensive survey of deep learning-based malware detection techniques across XIoT domains and introduces a novel cross-domain taxonomy that organizes existing work according to XIoT domains, operating systems, extracted features, and deep learning models. We critically examine state-of-the-art methods, analyzing their strengths, technical limitations, model complexity, and deployment feasibility. Furthermore, we identify significant research gaps and propose future directions to address key challenges, including dataset scarcity, computational overhead, and the lack of standardized cross-domain evaluation. This survey aims to serve as a foundational resource for advancing cybersecurity solutions within the rapidly expanding XIoT landscape.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104258"},"PeriodicalIF":7.7,"publicationDate":"2025-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144515193","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Active RIS-assisted task partitioning and offloading for industrial edge computing","authors":"Mian Guo ,&nbsp;Yuehong Chen ,&nbsp;Zhiping Peng ,&nbsp;Qirui Li ,&nbsp;Keqin Li","doi":"10.1016/j.jnca.2025.104215","DOIUrl":"10.1016/j.jnca.2025.104215","url":null,"abstract":"<div><div>In Industry 5.0, smart devices in intelligent factories will generate numerous computation-intensive tasks that require low latency. Due to the limited computation resources of local devices, it is required to partition and offload tasks to edge servers via wireless networks for end-edge collaborative computing. However, intelligent factories are usually located in low-rise buildings. The direct offloading paths between smart devices and edge servers are vulnerable to being obstructed by high-rise buildings and trees, leading to intolerable long task offloading delays and even failure in offloading. To tackle this problem, we develop an active reconfigurable intelligent surface (RIS)-assisted end-edge collaborative task partitioning and offloading model, which assists task offloading by reflecting communication signals through the active RIS. We propose to maximize the system utility by jointly optimizing the task partitioning and offloading decisions, reconfiguring the phase shift and amplification factor of the active RIS, and communication and computation resource allocation, aiming at energy-efficiently providing delay guarantee to industrial computation tasks. We formulate, decompose, and theoretically analyze the problem. The upper and lower bounds of offloading decisions, transmission powers, and computation resources constrained to delay bounds have been analyzed. Based on the analytical results, a two-stage heuristic algorithm, RISADA, has been proposed to address the problem. The results demonstrate the efficiency of our proposal for the delay guarantee while reducing energy consumption.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104215"},"PeriodicalIF":7.7,"publicationDate":"2025-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144480897","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Energy and density-based stable election routing protocol for wireless IoT network","authors":"Donghyun Lee ,&nbsp;Yongin Jeon ,&nbsp;Yunseong Lee ,&nbsp;Nhu-Ngoc Dao ,&nbsp;Woongsoo Na ,&nbsp;Sungrae Cho","doi":"10.1016/j.jnca.2025.104237","DOIUrl":"10.1016/j.jnca.2025.104237","url":null,"abstract":"<div><div>In battery-based wireless sensor networks (WSN), routing protocols are crucial for enhancing energy efficiency and prolonging network lifetime. These protocols should maximize the discharge times of cluster heads (CH) and sensors for data collection. To maximize the WSN lifetime, the number of clusters, the distance between the base station and the CH, and the remaining battery of sensors should be carefully considered. This study proposes energy and density-based stable election protocol (SEP) for cooperative communication in WSNs to address these challenges. The key contributions of this work are threefold: (1) a novel CH election technique that incorporates both the remaining battery capacity of each sensor and network density; (2) a dynamic mechanism to determining the maximum number of clusters to prevent excessive cluster creation; and (3) an optimized routing approach that enhances energy efficiency. Simulation results conclusively demonstrate that the proposed protocol significantly improves network performance, achieving substantial reductions in total energy consumption and a considerable extension of network lifetime compared to existing protocols. This research advances the state-of-the-art in WSN routing by providing a density-aware and energy-efficient solution that holds significant potential for prolonging the operational lifespan and enhancing the reliability of WSN-based IoT deployments in diverse and challenging environments.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104237"},"PeriodicalIF":7.7,"publicationDate":"2025-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144341201","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"LightCGS-Net: A novel lightweight road extraction method for remote sensing images combining global semantics and spatial details","authors":"Yifei Duan ,&nbsp;Dan Yang ,&nbsp;Xiaochen Qu ,&nbsp;Le Zhang ,&nbsp;Junsuo Qu ,&nbsp;Lu Chao ,&nbsp;Peilu Gan","doi":"10.1016/j.jnca.2025.104247","DOIUrl":"10.1016/j.jnca.2025.104247","url":null,"abstract":"<div><div>Road extraction remains a critical area of study within the realm of remote sensing image. The simultaneous extraction of accurate global semantic and spatial detail features from such images poses a significant challenge in contemporary research. This paper introduced a novel road extraction methodology, termed LightCGS-Net, which integrated a spatial detail branch derived from a lightweight CNN and a global semantic branch based on an enhanced Swin Transformer within the encoder. The spatial detail branch enhances the accuracy of tiny road extractions, while the global semantic branch preserves comprehensive contextual information. To address the noise interference caused by the extensive redundant data produced by the dual-branch fusion, Gaussian filtering was employed. The Lightweight Parallel Channel and Space Attention Mechanism (PCSAM) in the skip connection addresses road discontinuities caused by tree and building obstructions. The Feature Fusion Mechanism (FFM) module, using dilated convolution, captures edge features and provides precise structural road information, with distinct loss functions for primary and edge roads. Testing on the DeepGlobe, Massachusetts, and SpaceNet 03-05 datasets showed that our network performed well compared to traditional road extraction networks, surpassing them in evaluation scores and segmentation effectiveness, despite having more parameters and computational time. LightCGS-Net stands out in road networks using Transformer technology due to its lower parameter (43.78M) and flops (196.09G). It performs well in IoU metrics and maintains competitiveness in Recall, F1-score, and Accuracy. It shows superior generalization and exceeds traditional semantic segmentation methods in overall effectiveness.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104247"},"PeriodicalIF":7.7,"publicationDate":"2025-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144341204","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A secure and quality of service-aware solution for the end-to-end protection of IoT applications","authors":"Stefano Berlato ,&nbsp;Umberto Morelli ,&nbsp;Roberto Carbone ,&nbsp;Silvio Ranise","doi":"10.1016/j.jnca.2025.104246","DOIUrl":"10.1016/j.jnca.2025.104246","url":null,"abstract":"<div><div>Internet of Things (IoT) applications increasingly rely on lightweight publish–subscribe protocols (e.g., MQTT) to exchange a considerable amount of sensitive data. However, such data are often threatened by external attackers, malicious insiders, and <em>honest but curious</em> Edge and Cloud providers. Typical security mechanisms — such as Transport Layer Security (TLS) or centralized data authorization management — may expose messages to intermediate nodes and fail to enforce Access Control (AC) policies without relying on (sometimes missing) fully trusted agents. Furthermore, when security mechanisms are in place, they should consider the trust assumptions (e.g., on the presence of certain attackers) and meet the performance goals (e.g., low latency, high scalability) relevant to the underlying scenario. In this paper, we propose a security mechanism based Cryptographic Access Control (CAC) that integrates decentralized AC enforcement with end-to-end protection (in terms of data confidentiality and integrity) for IoT applications employing publish–subscribe protocols. By building on previous work, we also formalize an optimization problem to strike the best possible balance between security and quality of service by fine-tuning the deployment of our security mechanism accordingly. We showcase the benefits of the optimization problem in three different scenarios for IoT applications: Remote Patient Monitoring, Cooperative Maneuvering, and Smart Lock. Finally, our open-source proof-of-concept named CryptoAC demonstrates the feasibility of our security mechanism: a thorough performance evaluation reveals that CryptoAC achieves higher scalability than TLS under multi-publisher workloads and a practical level of overhead for key management and policy updates.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104246"},"PeriodicalIF":7.7,"publicationDate":"2025-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144335611","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"SwiftShard: Efficient account allocation in blockchain sharding system","authors":"Cheng Qu ,&nbsp;Shuo Wang ,&nbsp;Haowen Zhang ,&nbsp;YuanYi Ma ,&nbsp;Hang Xiong ,&nbsp;Jing Li","doi":"10.1016/j.jnca.2025.104248","DOIUrl":"10.1016/j.jnca.2025.104248","url":null,"abstract":"<div><div>Sharding technology emerges as a scalable solution for expanding blockchain systems, preserving decentralization and security. Despite its promise, challenges such as costly cross-shard transactions and uneven shard load distribution persist. Prior research aiming to mitigate these issues with dynamic transaction allocation has seen limited success due to substantial overhead and dilution of decentralization and security. Our proposed strategy seeks to diminish cross-shard transactions and balance loads effectively at a lower cost, without sacrificing security or decentralization principles. Utilizing an efficient account allocation algorithm and a dual address mechanism for account management, our findings demonstrate that our framework reduces overhead with competitive performance compared to existing methods.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104248"},"PeriodicalIF":7.7,"publicationDate":"2025-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144335613","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Intelligent routing optimization for SDN based on PPO and GNN","authors":"Jiawei Wu ,&nbsp;Zelin Zhu","doi":"10.1016/j.jnca.2025.104249","DOIUrl":"10.1016/j.jnca.2025.104249","url":null,"abstract":"<div><div>With the continuous increase of network scale, a variety of emerging applications (e.g., video streaming) continue to emerge, which puts forward differentiated requirements for quality of service (QoS), such as extremely low latency, high bandwidth, low packet loss rate, etc. To this effect, an intelligent routing method is needed to meet various traffic QoS requirements. However, existing routing optimization QoS schemes either lack guaranteed QoS performance or cannot generalize to invisible network topologies. To address the problem, this article innovatively proposes the QoS intelligent routing method PPO-R, which combines PPO and GNN-based routing optimization for SDN. The algorithm generates multiple disjoint candidate paths by designing a redundant tree algorithm, infers the near optimal traffic splitting ratios on the pre-selected path, and reasonably allocates traffic to different paths based on the obtained traffic splitting ratios. Compared to the baseline scheme DQS, in the medium network topology Germany-50, the QoS performance of PPO-R is about 10.6% higher than that of DQS. The experimental results show that the PPO-R algorithm can achieve better QoS routing optimization results, consume less computing resources, and significantly improve the robustness and generalization of QoS routing.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104249"},"PeriodicalIF":7.7,"publicationDate":"2025-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144335612","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}