Journal of Network and Computer Applications最新文献_第2页

Self-adaptive cyber defense for sustainable IoT: A DRL-based IDS optimizing security and energy efficiency

IF 7.7 2区计算机科学

Journal of Network and Computer Applications Pub Date : 2025-03-25 DOI: 10.1016/j.jnca.2025.104176

Saeid Jamshidi , Ashkan Amirnia , Amin Nikanjam , Kawser Wazed Nafi , Foutse Khomh , Samira Keivanpour

{"title":"Self-adaptive cyber defense for sustainable IoT: A DRL-based IDS optimizing security and energy efficiency","authors":"Saeid Jamshidi , Ashkan Amirnia , Amin Nikanjam , Kawser Wazed Nafi , Foutse Khomh , Samira Keivanpour","doi":"10.1016/j.jnca.2025.104176","DOIUrl":"10.1016/j.jnca.2025.104176","url":null,"abstract":"<div><div>The Internet of Things (IoT) has revolutionized industries by creating a vast, interconnected ecosystem. Still, the rapid deployment of IoT devices has introduced severe security risks, including DDoS, DoS GoldenEye, DoS Hulk attacks, and Port scanning. Traditional Machine Learning (ML)-based Intrusion Detection Systems (IDS) often operate passively, detecting threats without taking action, and are rarely evaluated under real-time attacks. This limits our understanding of their performance within the resource constraints typical of IoT systems—an essential factor for stable, resilient systems. This paper proposes a Security Edge with Deep Reinforcement Learning (SecuEdge-DRL) specifically designed for the IoT edge, aiming to enhance security while maintaining energy efficiency, contributing to sustainable IoT operations. Our IDS integrates DRL with the MAPE-K (Monitor, Analyze, Plan, Execute, Knowledge) control loop, enabling real-time detection and adaptive response without relying on predefined data models. DRL allows continuous learning, while MAPE-K provides structured self-adaptation, ensuring the system remains effective against evolving threats. We also implemented four targeted security policies tailored to a specific attack type to enhance the IDS’s threat mitigation capabilities. Experimental findings indicate that the proposed SecuEdge-DRL achieves an average detection accuracy of 92% across diverse real-world cyber threats (e.g., DoS Hulk, DoS GoldenEyes, DDoS, and Port scanning). Statistical analysis further validates that these security policies enhance IoT systems’ defense without compromising performance, establishing our approach as a resilient, resource-efficient security solution for the IoT ecosystem.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"239 ","pages":"Article 104176"},"PeriodicalIF":7.7,"publicationDate":"2025-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143738940","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

ASL: An Accurate and Stable Localization algorithm for multi-hop irregular networks

IF 7.7 2区计算机科学

Journal of Network and Computer Applications Pub Date : 2025-03-24 DOI: 10.1016/j.jnca.2025.104172

Xingsheng Xia , Jiajia Yan , Chenhuang Wu , Chao Meng , Xiaoyong Yan

{"title":"ASL: An Accurate and Stable Localization algorithm for multi-hop irregular networks","authors":"Xingsheng Xia , Jiajia Yan , Chenhuang Wu , Chao Meng , Xiaoyong Yan","doi":"10.1016/j.jnca.2025.104172","DOIUrl":"10.1016/j.jnca.2025.104172","url":null,"abstract":"<div><div>Accurate geographical information about nodes is essential in wireless multi-hop networks. Most existing localization algorithms focus on locating nodes in regular network environments, posing challenges for irregular multi-hop networks. To mitigate the impact of irregularities on localization, we propose an <u>A</u>ccurate and <u>S</u>table <u>L</u>ocalization algorithm (ASL). ASL first infers a hop threshold based on the distribution characteristics of anchors, eliminating erroneous distances and avoiding them in the localization process. Next, under the constraint of the hop threshold, each normal node constructs its sub-region, including it, based on the estimated distance to the anchors. These sub-regions can avoid the occurrence of unreliable localization results and assist in decreasing communication overhead. Finally, the SMA (<u>S</u>lime <u>M</u>ould <u>A</u>lgorithm) with the Halton sequence is introduced to search for the optimally estimated locations of normal nodes, which tends to accelerate convergence and improve localization accuracy. Extensive simulations demonstrate that our proposed ASL outperforms state-of-the-art algorithms regarding accuracy and stability when facing network irregularities. Specifically, our proposed ASL achieves a median improvement in localization accuracy ranging from 16.96% to 83.66%.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"239 ","pages":"Article 104172"},"PeriodicalIF":7.7,"publicationDate":"2025-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143758986","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Secure data migration from fair contract signing and efficient data integrity auditing in cloud storage

IF 7.7 2区计算机科学

Journal of Network and Computer Applications Pub Date : 2025-03-24 DOI: 10.1016/j.jnca.2025.104173

Changsong Yang , Yueling Liu , Yong Ding , Hai Liang

{"title":"Secure data migration from fair contract signing and efficient data integrity auditing in cloud storage","authors":"Changsong Yang , Yueling Liu , Yong Ding , Hai Liang","doi":"10.1016/j.jnca.2025.104173","DOIUrl":"10.1016/j.jnca.2025.104173","url":null,"abstract":"<div><div>With the rapid development of cloud storage, a growing number of data owners prefer to outsource their large-scale data to the remote cloud data centers, thus effectively avoiding the heavy burden of storing the massive data by themselves in local. Due to the promising market prospect, plenty of companies invest cloud storage and offer data storage services, which equipped with different access speed, using price, security, storage capacity, etc. For enjoying more suitable services, data owners might dynamically change cloud service providers and migrate the outsourced data blocks from a cloud data center to another one. However, the data integrity cannot be guaranteed during the migration process. In this paper, we study the challenge of secure outsourced data migration supporting fair contract signing and efficient data integrity auditing. Subsequently, we propose an efficient and practical solution to address this problem. Specifically, we adopt public blockchain to design a fair three-party contract signing protocol for outsourced data migration, which can effectively prevent data owners and cloud data centers from slandering each other maliciously. Meanwhile, we combine public blockchain and multicopy Merkle hash tree (M2HT) to design a secure data migration protocol with efficient data integrity auditing, which can guarantee the data integrity during the migration process. Next, we provide the formal security analysis, which demonstrates that our scheme can satisfy all of the expected security requirements without trusted third party. Finally, we also develop a prototype implementation and provide the performance evaluation, which can show the high-efficiency and practicality of our scheme.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"239 ","pages":"Article 104173"},"PeriodicalIF":7.7,"publicationDate":"2025-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143725853","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Kinitos: Dynamic network-aware scheduling and descheduling in Kubernetes clusters with mobile nodes

IF 7.7 2区计算机科学

Journal of Network and Computer Applications Pub Date : 2025-03-20 DOI: 10.1016/j.jnca.2025.104157

Tsvetan Tsokov, Hristo Kostadinov

{"title":"Kinitos: Dynamic network-aware scheduling and descheduling in Kubernetes clusters with mobile nodes","authors":"Tsvetan Tsokov, Hristo Kostadinov","doi":"10.1016/j.jnca.2025.104157","DOIUrl":"10.1016/j.jnca.2025.104157","url":null,"abstract":"<div><div>The current Cloud/Edge/Fog platforms, available in practice, do not support dynamic management of computational and network resources in clusters with moveable and constraint nodes, like in applications such as: connected vehicles, Internet of Things (IoT), spacecraft computing, etc. This leads to increased total response time and low QoS for the long-living applications composed of many inter-dependent microservices with stringent and configurable network latency and bandwidth requirements. This problem is further complicated by the mobile end-users. The paper presents a novel framework for network-aware dynamic scheduling and descheduling (migration) of containers on mobile clusters based on Kubernetes (K8s), named Kinitos. It is composed of plugins in the K8s scheduler, descheduler and Application Group and Network Topology controllers, providing a mechanism for configuration of application microservice dependencies with specific computational (CPU, memory, storage) and network (latency, bandwidth) requirements. In clusters with dynamic, moveable and constraint nodes, it migrates application containers on optimal nodes to satisfy network and computational requirements continuously at runtime. The performed experiments with real world node movement patterns on K8s ARM64 testbed cluster show an improvement in the total end-to-end network latency of a long-living edge-native application by up to 60% compared to the K8s default scheduler and up to 50% compared to the latest K8s network-aware scheduler plugin, with only 0.55 s (32.5%) increase in the average pod deployment time. Its implementation can be used not only for theoretical research, but in practice.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"238 ","pages":"Article 104157"},"PeriodicalIF":7.7,"publicationDate":"2025-03-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143698104","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A MLOps architecture for near real-time distributed Stream Learning operation deployment

IF 7.7 2区计算机科学

Journal of Network and Computer Applications Pub Date : 2025-03-17 DOI: 10.1016/j.jnca.2025.104169

Miguel G. Rodrigues, Eduardo K. Viegas, Altair O. Santin, Fabricio Enembreck

{"title":"A MLOps architecture for near real-time distributed Stream Learning operation deployment","authors":"Miguel G. Rodrigues, Eduardo K. Viegas, Altair O. Santin, Fabricio Enembreck","doi":"10.1016/j.jnca.2025.104169","DOIUrl":"10.1016/j.jnca.2025.104169","url":null,"abstract":"<div><div>Traditional architectures for implementing Machine Learning Operations (MLOps) usually struggle to cope with the demands of Stream Learning (SL) environments, where deployed models must be incrementally updated at scale and in near real-time to handle a constantly evolving data stream. This paper proposes a new distributed architecture adapted for deploying and updating SL models under the MLOps framework, implemented twofold. First, we structure the core components as microservices deployed on a container orchestration environment, ensuring low computational overhead and high scalability. Second, we propose a periodic model versioning strategy that facilitates seamless updates of SL models without degrading system accuracy. By leveraging the inherent characteristics of SL algorithms, we trigger the model versioning task only when their decision boundaries undergo significant adjustments. This allows our architecture to support scalable inference while handling incremental SL updates, enabling high throughput and model accuracy in production settings. Experiments conducted on a proposal’s prototype implemented as a distributed microservice architecture on Kubernetes attested to our scheme’s feasibility. Our architecture can scale inference throughput as needed, delivering updated SL models in less than 2.5 s, supporting up to 8 inference endpoints while maintaining accuracy similar to traditional single-endpoint setups.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"238 ","pages":"Article 104169"},"PeriodicalIF":7.7,"publicationDate":"2025-03-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143642734","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Comprehensive phishing detection: A multi-channel approach with variants TCN fusion leveraging URL and HTML features

IF 7.7 2区计算机科学

Journal of Network and Computer Applications Pub Date : 2025-03-17 DOI: 10.1016/j.jnca.2025.104170

Ali Aljofey , Saifullahi Aminu Bello , Jian Lu , Chen Xu

{"title":"Comprehensive phishing detection: A multi-channel approach with variants TCN fusion leveraging URL and HTML features","authors":"Ali Aljofey , Saifullahi Aminu Bello , Jian Lu , Chen Xu","doi":"10.1016/j.jnca.2025.104170","DOIUrl":"10.1016/j.jnca.2025.104170","url":null,"abstract":"<div><div>Phishing represents a major threat to the financial and privacy security of Internet users, and often serves as a precursor to cyberattacks. While many deep learning-based methods focus on analyzing URLs to detect phishing due to their simplicity and efficiency, they face challenges. Hidden phishing websites may employ tactics like concealing URL addresses, deceiving deep learning models, and attackers frequently change URLs, which presents obstacles to effective detection. In this study, we introduce a robust multi-channel temporal convolutional network (TCN) approach designed for precise phishing website detection, emphasizing the extraction of features from both URL and HTML components. Our hybrid methodology combines URL character embedding and various handcrafted features, using a two-channel input structure. These inputs undergo embedding and SpatialDropout1D before integration into diverse TCN layers, capturing features effectively. Outputs from TCN layers in both channels are concatenated, globally max-pooled, and late fused for binary webpage classification. Our approach demonstrates notable contributions, including novel features, meticulous architecture, and heightened accuracy. Experimentally, our approach achieves 99.81% accuracy on our dataset and 98.16% and 98.96% on two benchmark datasets, respectively. It outperforms state-of-the-art methods on real phishing webpages, demonstrating superior performance with reduced reliance on labeled data.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"238 ","pages":"Article 104170"},"PeriodicalIF":7.7,"publicationDate":"2025-03-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143654552","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

CBRFL: A framework for Committee-based Byzantine-Resilient Federated Learning

IF 7.7 2区计算机科学

Journal of Network and Computer Applications Pub Date : 2025-03-15 DOI: 10.1016/j.jnca.2025.104165

Gang Xu , Lele Lei , Yanhui Mao , Zongpeng Li , Xiu-Bo Chen , Kejia Zhang

{"title":"CBRFL: A framework for Committee-based Byzantine-Resilient Federated Learning","authors":"Gang Xu , Lele Lei , Yanhui Mao , Zongpeng Li , Xiu-Bo Chen , Kejia Zhang","doi":"10.1016/j.jnca.2025.104165","DOIUrl":"10.1016/j.jnca.2025.104165","url":null,"abstract":"<div><div>Federated Learning (FL), a decentralized machine learning paradigm, has gained attention for enabling collaborative model training without sharing raw data. However, traditional FL architectures rely on a central server, creating trust issues, single points of failure, and vulnerabilities to Byzantine attacks due to the lack of effective gradient validation. In this paper, we introduce the Committee-Based Byzantine-Resilient Federated Learning Framework (CBRFL), which decentralizes using a blockchain-based off-chain committee consensus mechanism for gradient validation and adaptive aggregation, eliminating the need for a central server. Furthermore, we present a momentum and adaptive global learning rate mechanism to improve training stability, along with a contribution and reputation system to enhance the reliability of committee members. The experimental results show that CBRFL outperforms robust FL algorithms across four federated heterogeneous datasets and three attack methods. Without attacks, CBRFL performs similarly to leading heterogeneous FL baselines in most scenarios.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"238 ","pages":"Article 104165"},"PeriodicalIF":7.7,"publicationDate":"2025-03-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143654551","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Hierarchical multi-scale spatio-temporal semantic graph convolutional network for traffic flow forecasting

IF 7.7 2区计算机科学

Journal of Network and Computer Applications Pub Date : 2025-03-13 DOI: 10.1016/j.jnca.2025.104166

Hongfan Mu , Noura Aljeri , Azzedine Boukerche

{"title":"Hierarchical multi-scale spatio-temporal semantic graph convolutional network for traffic flow forecasting","authors":"Hongfan Mu , Noura Aljeri , Azzedine Boukerche","doi":"10.1016/j.jnca.2025.104166","DOIUrl":"10.1016/j.jnca.2025.104166","url":null,"abstract":"<div><div>Accurate traffic flow forecasting is essential for various traffic applications, such as real-time traffic signal control, demand prediction, and route guidance. However, the increasing complexity and non-linearity of big data in the traffic domain pose a challenge for accurate forecasting, necessitating powerful models. This paper proposes a Spatio-temporal model for traffic flow prediction based on Graph Convolutional Neural Network (GCN) and Convolutional Neural Networks (CNN). The hierarchical architecture of Spatio-temporal modeling is utilized to consider multi-scale Spatio-temporal dependencies. We evaluate the proposed model using three real-world datasets, including METR-LA, PeMS04(S), and PeMS04(L). Our experiments demonstrate that the model captures comprehensive spatiotemporal correlations with multi-scale semantics, outperforming features extracted from single domains and non-multi scales. Furthermore, the proposed model is powerful for long-term prediction. We also conduct ablation and architecture studies to highlight the importance of model architecture for Spatiotemporal feature extraction. Our proposed Spatio-temporal model based on GCN and CNN offers a promising approach to traffic flow forecasting in complex traffic scenarios.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"238 ","pages":"Article 104166"},"PeriodicalIF":7.7,"publicationDate":"2025-03-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143678154","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Tensor-based ranking-hiding privacy-preserving scheme for cloud-fog-edge cooperative cyber–physical-social systems

IF 7.7 2区计算机科学

Journal of Network and Computer Applications Pub Date : 2025-03-13 DOI: 10.1016/j.jnca.2025.104167

Jing Yu , Yan Xiao , Lianhua Chi , Shunli Zhang , Zongmin Cui

{"title":"Tensor-based ranking-hiding privacy-preserving scheme for cloud-fog-edge cooperative cyber–physical-social systems","authors":"Jing Yu , Yan Xiao , Lianhua Chi , Shunli Zhang , Zongmin Cui","doi":"10.1016/j.jnca.2025.104167","DOIUrl":"10.1016/j.jnca.2025.104167","url":null,"abstract":"<div><div>Users living in Cyber-Physical-Social Systems (CPSS) generate massive amounts of data every day. The CPSS data may imply some reliable rules that can help CPSS better provide highly reliable services to humans. Nevertheless, the high-level reliable rules are very difficult to be mined and formalized. Therefore, we propose a Cloud-Fog-Edge Cooperative Reliable CPSS (CFECRC) framework for possibly adding reliable rules into CPSS. Ranked data is an important type of data in CPSS. How to design a secure, accurate and efficient ranking-hiding privacy-preserving scheme is a key challenge in CFECRC framework. However, existing privacy-preserving methods still have various shortcomings in the trade-off among privacy-preserving, analytic accuracy, and computational efficiency for ranking-hiding. To address the shortcomings, we propose a Tensor-based Ranking-Hiding Privacy-Preserving scheme (TRHPP) for CFECRC framework. First, we construct a set of 5th-order tensors to synthetically model item, user, location, time and weather as a whole to enhance analytic accuracy. Second, we obfuscate CPSS data and hide data ranking based on the obfuscated data to strengthen privacy-preserving and decrease computational overhead. The experimental results show that our scheme significantly outperforms existing classical schemes in privacy-preserving, analytic accuracy and computational efficiency simultaneously. This further verifies the feasibility of our framework.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"238 ","pages":"Article 104167"},"PeriodicalIF":7.7,"publicationDate":"2025-03-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143642735","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A comprehensive survey on channel hopping and scheduling enhancements for TSCH networks

IF 7.7 2区计算机科学

Journal of Network and Computer Applications Pub Date : 2025-03-08 DOI: 10.1016/j.jnca.2025.104164

Martina Balbi , Lance Doherty , Thomas Watteyne

引用次数: 0