Hao Lu , Jianzhi Shi , Yang Song , Xingwei Wang , Bo Yi , Pengbo Li , Yudi Cheng , Min Huang , Sajal K. Das
{"title":"PMMJC: A preference-based multi-stage matching-mechanism for JointCloud environments","authors":"Hao Lu , Jianzhi Shi , Yang Song , Xingwei Wang , Bo Yi , Pengbo Li , Yudi Cheng , Min Huang , Sajal K. Das","doi":"10.1016/j.jnca.2025.104221","DOIUrl":"10.1016/j.jnca.2025.104221","url":null,"abstract":"<div><div>With the rise of data-intensive applications, the demand for cloud services has increased significantly, driving the emergence of JointCloud, a novel cloud 2.0 architecture. JointCloud facilitates collaboration among Cloud Service Providers (CSPs) to meet global computational demands. However, as consumer needs become increasingly diversified, the challenge of service matching has grown more complex, particularly in balancing user preferences with CSP resource attributes, such as reputation and data relevance. To address this challenge, this paper proposes a preference-based multi-stage matching mechanism (PMMJC). This mechanism integrates user preferences, CSP reputation, data relevance, risk factors, and Quality of Service (QoS) metrics, employing multi-dimensional optimization methods for service matching. First, a rule-based filtering method is used to quickly eliminate CSPs that do not meet basic resource requirements, narrowing the search space. Next, Uniform Manifold Approximation and Projection (UMAP) dimensionality reduction and the Maximal Information Coefficient estimator (MICe) are combined to assess data relevance and optimize computational efficiency. Then, a coverage decision-making method is applied to derive the Pareto optimal solution set, ensuring balanced performance across multiple dimensions for candidate CSPs. Finally, weighted methods and entropy-weighted fuzzy comprehensive evaluation are used to dynamically adapt to user preferences and generate personalized matching results. Experimental results demonstrate that compared to benchmark methods such as AHP-IOWA and Fuzzy-ETDBA, PMMJC excels in matching efficiency, data relevance accuracy, multi-objective balance, and user satisfaction, significantly enhancing service matching quality in the JointCloud environment.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104221"},"PeriodicalIF":7.7,"publicationDate":"2025-06-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144263218","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Yingya Guo, Zebo Huang, Mingjie Ding, Bin Lin, Huan Luo
{"title":"PROM: A persistent routing optimization method based on supervised learning","authors":"Yingya Guo, Zebo Huang, Mingjie Ding, Bin Lin, Huan Luo","doi":"10.1016/j.jnca.2025.104223","DOIUrl":"10.1016/j.jnca.2025.104223","url":null,"abstract":"<div><div>Traditional Traffic Engineering (TE) typically improves network performance by formulating and solving routing optimization problems based on measured or predicted Traffic Matrices (TMs). However, since network traffic is dynamic, routing strategies optimized for the current measured TMs may not be suitable for future traffic patterns. To adapt to dynamic traffic, one possible solution is to perform more frequent routing updates, but this may lead to service disruptions. Another approach is the two-step method of prediction followed by optimization, which could lead to degraded performance of routing strategies due to inaccuracies in traffic prediction. Additionally, existing approaches focus solely on either distributed or centralized networks, lacking flexibility to adapt to different network architectures. To address these challenges, we propose PROM, a Machine Learning (ML)-based routing optimization model that directly predicts an effective routing strategy in an end-to-end manner based on historical traffic. This routing strategy is applicable across multiple future TMs, thereby reducing the need for frequent routing updates. Furthermore, PROM can be easily extended from a centralized implementation to a distributed one, adapting to different network architectures. To enhance model performance, we have also designed a custom loss function for routing optimization scenarios to avoid overfitting. Extensive simulation results demonstrate that PROM can predict high-quality routing strategies in future unknown traffic scenarios and is adaptable to both centralized and distributed network architectures.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104223"},"PeriodicalIF":7.7,"publicationDate":"2025-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144290510","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Renpin Yao , Yang Cao , Yunhe Cui , Yi Chen , Chun Guo , Guowei Shen
{"title":"CPSketch: A ‘couple’ sketch-based heavy flow detection method","authors":"Renpin Yao , Yang Cao , Yunhe Cui , Yi Chen , Chun Guo , Guowei Shen","doi":"10.1016/j.jnca.2025.104245","DOIUrl":"10.1016/j.jnca.2025.104245","url":null,"abstract":"<div><div>One of the core challenges in network measurement for large-scale networks is the accurate and efficient identification of heavy flows. This task has grown increasingly complex due to limited memory resources and the dynamic nature of network traffic patterns. Most current heavy flow detection methods fail to fully consider the mutual collisions between large flows and their sparse distribution, which are caused by the combined effects of hash collisions and the heavy-tailed distribution of network traffic, resulting in an inefficient use of limited memory resources. Additionally, existing approaches uniformly treat all flows. As a result, when the network contains many small flows, heavy flows are frequently and erroneously replaced. To address these issues, we propose CPSketch, a novel method that combines sketch with ‘couple’ buckets to enhance heavy flow detection accuracy. CPSketch optimizes memory utilization by leveraging cold buckets to store more heavy flows. Specifically, it accurately estimates flow sizes by monitoring the number of matched packets for candidate flows in real-time. For small flows, CPSketch rapidly identifies and evicts them based on flow ratios. For other flows, CPSketch calculates replacement probabilities using multidimensional statistical information. To protect heavy flows that have been incorrectly evicted, CPSketch employs a global hash function to provide additional storage opportunities and dynamically constructs couple buckets for these heavy flows. Moreover, CPSketch extends the selection range for minimum flows by leveraging couple buckets in the flow replacement policy, effectively mitigating the impact of hash limitations and improving memory efficiency. Experimental results from trace-driven simulations and Open vSwitch (OVS) tests demonstrate that CPSketch outperforms existing methods in accuracy, even under constrained memory and high traffic loads. It achieves improvements of up to 14.74 % in F1-score while reducing the Average Relative Error (ARE) by 41.72 % and the Average Absolute Error (AAE) by 42.18 %.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104245"},"PeriodicalIF":7.7,"publicationDate":"2025-06-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144307264","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A runtime admission control for industrial IoT over bluetooth low energy mesh networks","authors":"Luca Leonardi, Lucia Lo Bello, Gaetano Patti","doi":"10.1016/j.jnca.2025.104232","DOIUrl":"10.1016/j.jnca.2025.104232","url":null,"abstract":"<div><div>Bluetooth Low Energy (BLE) is widely used in several industrial IoT applications to save on costs and power consumption. In this context, to widen the coverage area while meeting the constraints of real-time messages, some applications require multi-hop communications with bounded delays. A few approaches in the literature support real-time traffic on BLE mesh networks, but they use offline configurations, which offer a limited flexibility when new connections are dynamically added based on the application requirements. This paper, instead, proposes a Runtime Connection Admission Control for BLE (RAC-BLE) that allows the BLE devices to accept at runtime new connection requests, provided that the relevant transmissions do not overlap with communications from other BLE devices. This way, RAC-BLE by design provides bounded delays on single-hop transmissions, thus enabling BLE-based real-time mesh networks. The paper provides a detailed description of the RAC-BLE approach, an analytical calculation of the worst case end-to-end delays and experimental performance evaluations. The results show that RAC-BLE significantly reduces the maximum end-to-end delays compared with those obtained by another approach in the literature. For instance, a delay reduction of 70% and 92% is measured in the case of one hop and five hops, respectively.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104232"},"PeriodicalIF":7.7,"publicationDate":"2025-06-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144241156","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Real-time tracking railway intruders using multiple-agent cooperated large language models with edge stream processing engine","authors":"Wei Huang, Xiaoyun Deng","doi":"10.1016/j.jnca.2025.104231","DOIUrl":"10.1016/j.jnca.2025.104231","url":null,"abstract":"<div><div>Tracking intruders is crucial for ensuring safe railway operations globally, particularly in high-speed railway systems. Traditional methods either rely on post-processing on cloud platforms or suffer from limited analytical capabilities on edge devices. Although large language models (LLMs) have shown great potential to support general intelligence, challenges remain for edge devices in accurately and timely tracking of intruders along railway lines. This study proposes a novel method that combines a multi-agent cooperative framework (MetaGPT) with an edge stream processing engine (GeoEkuiper). Unlike most methods, this study adopts an agent-cooperative spatial data analysis approach employing a debate-and-vote strategy. Specifically, GeoEkuiper is responsible for processing high-speed and large volume of geospatial data streams regarding location history and object characteristics, while the modified MetaGPT framework facilitates information sharing and decision-making between agents that use LLMs. By enabling each edge device to engage in a debate about the presence of detected targets within their monitoring areas, the system utilizes a simple voting agent to determine which devices are most likely to observe the target. Considering the resource limitations of edge devices, we fine-tuned small yet powerful LLMs to direct GeoEkuiper to iteratively compute spatial affinity relationships using Structured Query Language (SQL) statements, which facilitate human-edge interaction. Based on tests conducted on resource-constrained edge devices such as Raspberry Pi devices interconnected in an unstable networking environment, we found that this approach significantly enhances the accuracy and responsiveness of intruder tracking in real-time scenarios, providing a robust solution for railway security applications.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104231"},"PeriodicalIF":7.7,"publicationDate":"2025-06-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144223256","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
David Martínez , Aniol Molero , Eusebi Calle , Dolors Canals Ametller , Albert Jové
{"title":"Large-scale web tracking and cookie compliance: Evaluating one million websites under GDPR with AI categorization","authors":"David Martínez , Aniol Molero , Eusebi Calle , Dolors Canals Ametller , Albert Jové","doi":"10.1016/j.jnca.2025.104222","DOIUrl":"10.1016/j.jnca.2025.104222","url":null,"abstract":"<div><div>With the increasing prevalence of web-tracking technologies, including tracking cookies, pixel tracking, and browser fingerprinting techniques, there is a pressing need to analyze their impact on user privacy. Despite the growing interest in the scholarly literature, large-scale, fully automatic evaluations of website compliance with privacy regulations remain scarce. In this paper, we present new algorithms, methods, and an AI categorization model designed for massive, fully automatic analyses of web-tracking and cookie compliance and usage with and without valid user consent. Utilizing the recently published Website Evidence Collector (WEC) software from the European Data Protection Supervisor (EDPS), these algorithms are applied to assess over one million websites from Tranco’s top list under European GDPR regulation. A novel 22-category multilabel AI model for website categorization provides content-based context to compliance results, achieving 96.56% accuracy and an F1 score of 0.963. Results reveal that nearly half of the websites utilize tracking cookies, while over half employ pixel tracking without user consent, thus highlighting significant differences between websites’ content categories. Additionally, our analysis demonstrates how web-tracking power is concentrated among just a few companies, with the top 10 tracking firms being responsible for most compliance violations related to obtaining valid user consent. This paper serves as a foundation for ongoing large-scale web-tracking analyses, essential for understanding trends over time and evaluating the effectiveness of privacy regulations.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104222"},"PeriodicalIF":7.7,"publicationDate":"2025-06-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144254903","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"SAKA: Scalable authentication and key agreement scheme with configurable key evolution in edge-fog-multicloud computing environments","authors":"Guiliang Chen, Jie Huang, Jiazhou Zeng, Yu Zhou","doi":"10.1016/j.jnca.2025.104220","DOIUrl":"10.1016/j.jnca.2025.104220","url":null,"abstract":"<div><div>Fog computing can efficiently address problems in centralized cloud computing in multi-cloud environments, such as network congestion, data loss, high latency, and excessive energy consumption. However, it poses additional challenges to authentication and key agreement schemes, especially regarding scalability, overhead, and security. To address these challenges, this paper proposes a scalable authentication and key agreement (SAKA) scheme with configurable key evolution tailored for fog computing in multi-cloud environments. The proposed SAKA scheme integrates a configurable key evolution mechanism with a sound synchronization feature and introduces timing constraints to address concurrency-induced key synchronization issues in multi-cloud environments. This approach allows for tailoring the adjustable key renewal period to specific application needs, thus balancing security and overhead. In addition, the SAKA scheme uses the elliptic curve Diffie–Hellman key exchange method with a pre-shared key to establish session keys between fog gateways and cloud applications. This approach eliminates the need for resource-intensive certificates and ensures perfect forward secrecy. Further, implementing the broadcast mechanism in the proposed SAKA scheme reduces computational and communication overhead in multi-cloud environments, thus enhancing scalability. The results of a comprehensive security analysis conducted using both formal and informal methods prove that the proposed SAKA scheme is secure. Finally, a comparison with existing schemes demonstrates that the SAKA scheme excels in security authentication for fog gateways in multi-cloud environments. The proposed SAKA scheme reduces computational overhead by 50% for single-entity authentication and by up to 67% for multi-entity scenarios.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104220"},"PeriodicalIF":7.7,"publicationDate":"2025-06-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144254902","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Hongjian Li , Wei Rao , Baojian Hu , Yu Tian , Jie Shen
{"title":"Energy-aware elastic scaling algorithm for microservices in Kubernetes clouds","authors":"Hongjian Li , Wei Rao , Baojian Hu , Yu Tian , Jie Shen","doi":"10.1016/j.jnca.2025.104218","DOIUrl":"10.1016/j.jnca.2025.104218","url":null,"abstract":"<div><div>Current elastic scaling algorithms are limited to the perspective of containers, and applications running within containers are treated as monolithic applications when designing scheduling algorithms. In addition, the default scaling mechanisms in Kubernetes fail to effectively distinguish and manage resource consumption of idle containers, leading to resource waste and degraded system performance. Therefore, this paper proposes an energy efficiency model based on Service Level Agreement (SLA) and an energy-aware elastic scaling algorithm based on SLA to reduce the energy consumption of microservices deployed in Kubernetes. The proposed algorithm optimizes the feedback control method in container provisioning by releasing excess container resources, and periodically runs the feedforward control algorithm and the feedback control algorithm to effectively deal with the dynamic changes of the workload. The experimental results show that the energy consumption of Kubernetes clusters in a cloud environment can be reduced by 15.34% compared with the default elastic scaling algorithms in Kubernetes and the latest algorithms.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104218"},"PeriodicalIF":7.7,"publicationDate":"2025-06-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144223255","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Aoshuang Ye , Shilin Zhang , Benxiao Tang , Jianpeng Ke , Yiru Zhao , Tao Peng
{"title":"DeFinder: Error-sensitive testing of deep neural networks via vulnerability interpretation","authors":"Aoshuang Ye , Shilin Zhang , Benxiao Tang , Jianpeng Ke , Yiru Zhao , Tao Peng","doi":"10.1016/j.jnca.2025.104212","DOIUrl":"10.1016/j.jnca.2025.104212","url":null,"abstract":"<div><div>DNN testing evaluates the vulnerability of neural networks through <em>adversarial test cases</em>. The developers implement minor perturbations to the seed inputs to generate test cases, which are guided by meticulously designed testing criteria. Nevertheless, current coverage-guided testing methods rely on covering model states rather than analyzing the influence of seed inputs on inducing erroneous behaviors. In this paper, we propose a novel DNN testing method called DeFinder, which generates error-sensitive tests by implementing an explainable framework for neural networks to establish correlations between model vulnerability and seed inputs. By systematically analyzing vulnerable regions within seed inputs, DeFinder significantly improves the test suite’s ability to maximize test coverage and expose errors. To validate the effectiveness of DeFinder, we conduct comprehensive experiments with nine deep neural network models from two popular computer vision datasets. We compare the proposed method with several state-of-the-art DNN testing tools. The experimental results demonstrate that DeFinder improves the error-triggering ratio by up to 58% and increases test coverage by up to 4.3%. For reproducibility, the artifact for this work is available at public repository: <span><span>https://github.com/Konatazz/DeFinder</span><svg><path></path></svg></span>.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"241 ","pages":"Article 104212"},"PeriodicalIF":7.7,"publicationDate":"2025-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144147749","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Mixer-transformer: Adaptive anomaly detection with multivariate time series","authors":"Xing Fang , Yuanfang Chen , Zakirul Alam Bhuiyan , Xiajun He , Guangxu Bian , Noel Crespi , Xiaoyuan Jing","doi":"10.1016/j.jnca.2025.104216","DOIUrl":"10.1016/j.jnca.2025.104216","url":null,"abstract":"<div><div>Anomaly detection is crucial for maintaining the stability and security of systems. However, anomaly detection systems often generate numerous false positives or irrelevant alerts, which obscure genuine security threats. To both reduce false positives in time series detection and accurately identify the source of anomalies, leveraging artificial intelligence techniques has emerged as a promising solution. These techniques can analyze strong temporal correlations and dynamic variations across different data frames. Existing detection methods face two primary challenges leading to false positives or negatives: (i) detecting anomalies in multivariate time series requires accounting for both temporal dependencies and complex interactions between variables; and (ii) traditional fixed-threshold approaches often struggle to adapt to dynamic environments. To address these issues, this paper proposes an anomaly detection method based on the Mixer-Transformer architecture. By combining the Mixer model with the Anomaly Transformer, the proposed method effectively captures global dependencies by alternately modeling interactions along both the channel and time dimensions, thereby enhancing its ability to extract complex spatiotemporal features. Additionally, an adaptive threshold update mechanism is employed to dynamically adjust the anomaly detection criteria in response to data fluctuations. The F1 scores on three real-world datasets — SMAP, MSL, and PSM — are 97.49%, 95.18%, and 98.20%, respectively. These results demonstrate that the proposed method outperforms existing technologies in reducing false positives and enhancing the detection accuracy of multivariate time series anomaly detection.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"241 ","pages":"Article 104216"},"PeriodicalIF":7.7,"publicationDate":"2025-05-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144147750","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}