Journal of Network and Computer Applications最新文献

{"title":"MTEAL: Network routing optimization of SD-WAN traffic engineering integrating multi-dimensional QoS metrics","authors":"Yuyu Chen ,&nbsp;Anyang Gu ,&nbsp;Lin Cui ,&nbsp;Longxin Lin","doi":"10.1016/j.jnca.2025.104272","DOIUrl":"10.1016/j.jnca.2025.104272","url":null,"abstract":"<div><div>In the field of network routing optimization, the metrics associated with quality of service (QoS) play a fundamental role in ensuring the reliable execution of high-priority applications and traffic. Recent advancements in software-defined wide area networks (SD-WAN) , have made it feasible to optimize complex objectives in network efficiency. Traditional methods, such as linear programming (LP), face challenges in modeling complex QoS metrics. Meanwhile, commonly used machine learning methods lack sufficient awareness of network topology. They also show insufficient robustness to dynamic traffic changes. To overcome these challenges, we propose MTEAL, a framework that integrates graph neural network (GNN) with multi-agent reinforcement learning (MARL). By leveraging its unique edge-edge GNN architecture, MTEAL effectively captures inter-link correlations and flow-level traffic dynamics, enabling robust optimization of diverse QoS metrics. We have developed a two-stage optimized reward function as well as a novel deep GNN module to enhance the model’s perception and optimization capability for various QoS metrics. Our experimental findings substantiate that MTEAL outperforms other models on three small-scale wide area networks (WAN) topologies, achieving improvements over TEAL and DRL-GNN models across multiple indicators and configurations. Optimally, the proposed approach exhibited improvements of 8.7% in flow arrival rate and 9.5% in average delay. In the event of link failures, it exhibited superior and more stable performance compared to the other two models. In situations involving diverse traffic patterns and unfamiliar topologies, our method shows greater robustness and generalization capability than TEAL.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104272"},"PeriodicalIF":7.7,"publicationDate":"2025-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144664839","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Machine learning-based IoT: Developing an energy-efficient and balanced clustering routing protocol (EEB-CR) for WSNs","authors":"Nguyen Duy Tan ,&nbsp;Thi-Thu-Huong Le","doi":"10.1016/j.jnca.2025.104269","DOIUrl":"10.1016/j.jnca.2025.104269","url":null,"abstract":"<div><div>Wireless sensor networks (WSNs) have become integral to the Internet of Things (IoT), supporting diverse applications such as healthcare, environmental monitoring, intrusion detection, military surveillance, and industrial automation. However, sensor nodes (SNs) in WSNs are constrained by limited computational capabilities and finite energy reserves, making energy efficiency a critical concern for IoT applications deployed over WSN infrastructure. This study proposes an Energy-Efficient and Balanced Cluster-based Routing protocol (EEB-CR) to improve the operational longevity and energy distribution of WSNs. The EEB-CR protocol operates in three systematic phases: balanced cluster formation, cluster head (CH) selection, and energy-aware route discovery. Initially, balanced clusters are formed using an enhanced fuzzy <span><math><mi>c</mi></math></span>-means algorithm integrated with a mechanism to reduce uneven energy usage among SNs. Subsequently, CHs are optimally selected based on local node density, residual energy, and Euclidean distance to the base station (or gateway), and the CH role is periodically rotated among cluster members to promote fairness in energy consumption. In the final phase, the Ford–Fulkerson algorithm is employed to establish both intra- and inter-cluster data transmission paths with the objective of minimizing communication overhead from SNs to the base station (BS). Performance evaluation conducted through NS2 simulations demonstrates that EEB-CR achieves superior energy distribution balance and improved network stability compared to benchmark protocols such as LEACH-C, TEZEM, PECR, and FC-GWO.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104269"},"PeriodicalIF":7.7,"publicationDate":"2025-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144664878","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Fine-grained access control with decentralized delegation for collaborative healthcare systems","authors":"Minghui Li ,&nbsp;Jingfeng Xue ,&nbsp;Yong Wang ,&nbsp;Tianwei Lei ,&nbsp;Zixiao Kong","doi":"10.1016/j.jnca.2025.104273","DOIUrl":"10.1016/j.jnca.2025.104273","url":null,"abstract":"<div><div>Collaborative treatment has emerged as a crucial approach for improving the quality and efficiency of medical services in modern healthcare systems. To support this paradigm, secure access control over electronic health records (EHR) and flexible delegation of patient permissions are essential for enabling efficient, privacy-preserving data sharing. This paper proposes a fine-grained access control scheme with decentralized permission delegation tailored for medical collaboration scenarios. To ensure fine-grained access control, we adopt a hybrid encryption scheme that combines a dual-key regression tree with Identity-Based Encryption with Wildcard Key Derivation (WKD-IBE) for efficient and scalable key management. This integration enables access control based on data attributes rather than user identities and adheres to the principle of minimal data disclosure. To support decentralized permission delegation, we extend the WKD-IBE scheme to enable patients to authorize multiple doctors to grant access permissions collaboratively. This extension ensures controlled delegation by enforcing a predefined threshold of doctors and requiring consensus on the requested access scope. Additionally, we provide both theoretical and practical security analyses, along with an implementation to demonstrate the scheme’s real-world applicability. Experimental results demonstrate that our scheme achieves lower authorization latency and better scalability in collaborative healthcare scenarios while maintaining comparable encryption efficiency.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104273"},"PeriodicalIF":7.7,"publicationDate":"2025-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144664874","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An enhanced RAN for future converged audiovisual services: The bcNode","authors":"Rufino Cabrera ,&nbsp;Jon Montalban ,&nbsp;Orlando Landrove ,&nbsp;Erick Jimenez ,&nbsp;Eneko Iradier ,&nbsp;Pablo Angueira ,&nbsp;Sung-Ik Park ,&nbsp;Sunhyoung Kwon ,&nbsp;Namho Hur","doi":"10.1016/j.jnca.2025.104274","DOIUrl":"10.1016/j.jnca.2025.104274","url":null,"abstract":"<div><div>The current architecture of terrestrial broadcast network limits the evolution of terrestrial audiovisual services (broadcasting). A drastic change is required before the unavoidable future convergence with 5G/6G networks for more advanced services, including interactivity, 360°video, etc. Recent studies have explored the feasibility of incorporating a higher entity called a Broadcast Core Network (BCN) based on the equivalent model of mobile communication networks. This new paradigm requires upgrading the existing access network to manage both the modules of the new core network and those corresponding to the radio access technology. The present work proposes an intelligent software-based node (bcNode) that manages the Radio Access Network (RAN) and the BCN instructions after analyzing different aspects, such as the state of the art of CN-based RAN architectures and the challenges and limitations of the current broadcasting network. This manuscript details the main blocks of the Broadcast Node in relationship with transmitting facilities. The proposal also explains the necessary extensions to the ATSC 3.0 ALP protocol to support new services. Eventually, the paper presents numerical results to evaluate the performance of the proposal based on standard KPI parameters and compares it with the legacy infrastructure.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"243 ","pages":"Article 104274"},"PeriodicalIF":8.0,"publicationDate":"2025-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144664872","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Seamless remote roaming activation in LoRaWAN via an API-driven gateway bridge service","authors":"Luca D’Agati ,&nbsp;Laura García ,&nbsp;Rafael Asorey-Cacheda ,&nbsp;Marco Garofalo ,&nbsp;Francesco Longo ,&nbsp;Antonio-Javier Garcia-Sanchez ,&nbsp;Joan Garcia-Haro ,&nbsp;Antonio Puliafito ,&nbsp;Giovanni Merlino","doi":"10.1016/j.jnca.2025.104268","DOIUrl":"10.1016/j.jnca.2025.104268","url":null,"abstract":"<div><div>The rapid expansion of the Internet of Things (IoT) landscape, notably in smart cities, smart metering, environmental monitoring, and smart agriculture, highlights the critical need for seamless and efficient device roaming within Long Range Wide Area Network (LoRaWAN) infrastructures. Although LoRaWAN shows great potential, its deployment faces significant challenges, especially under the constraints of the version 1.0 specifications, to enable efficient device mobility. This study introduces a comprehensive approach to enhance LoRaWAN-supported mobility, using three key advancements: the decoupling of Gateways (GWs) from the core network infrastructures to facilitate flexible deployments, the adoption of an adaptive GW-to-network connection protocol responsive to real-time traffic demands, and the enhancement of GW interoperability to provide dynamic and efficient network configurations. A notable innovation of this research is developing a mechanism that enables packet forwarding through an unidentified GW, eliminating the need for pre-established network agreements. The empirical evaluations of the article detail the effectiveness of the architecture in IoT applications, showcasing significant improvements in LoRaWAN’s roaming capabilities and reporting average latencies of up to 0.39 s in experimental tests. Extensive simulations with up to 100 roaming devices and 100 stationary devices further confirmed scalability, keeping the average roaming-to-stationary latency gap below 0.16 s and the worst-case end-to-end delay below 1.2 s even in highly congested scenarios. This contribution addresses pivotal challenges within the current LoRaWAN networks and sets the background for future advancements in IoT network technologies.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104268"},"PeriodicalIF":7.7,"publicationDate":"2025-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144664877","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A proactive privacy-preserving framework for mobile trajectory sharing","authors":"Mohammad Hossein Farahnakiyan,&nbsp;Rasool Esmaeilyfard,&nbsp;Reza Javidan","doi":"10.1016/j.jnca.2025.104271","DOIUrl":"10.1016/j.jnca.2025.104271","url":null,"abstract":"<div><div>Location-Based Services (LBS) leverage Global Positioning System (GPS) data to deliver personalized services such as navigation and location-based advertising. However, the sensitive nature of trajectory data raises serious privacy risks, particularly in real-time applications. Existing privacy-preserving methods often rely on static obfuscation, uniform protection strategies, or reactive anonymization techniques that fail to adapt to individual user preferences or account for semantic characteristics of locations—leading to either excessive distortion or insufficient privacy. To address these limitations, we present PRISM, a novel and integrated privacy-preserving framework that fills this gap by combining three key innovations: (1) Hierarchical Semantic Mapping (HSM) for context-aware anonymization based on semantic sensitivity; (2) a proactive LSTM-based prediction model with backtracking attention that anticipates sensitive interaction points before data exposure; and (3) a user-specific privacy profile system that enables dynamic, personalized privacy control. Unlike previous methods, PRISM adapts privacy enforcement in real-time based on both predicted behavior and semantic context, significantly improving the balance between privacy and utility. Experiments on Geolife , Gowalla, Brightkite, and OpenStreetMap datasets show PRISM achieves a 40% reduction in Privacy-Preserving Time (PPT) and a 5% improvement in data utility, while ensuring robust privacy, as measured by the Location Privacy Index (LPI). PRISM’s dynamic, user-centric approach provides a scalable solution for safeguarding location data in modern real-world LBS applications.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104271"},"PeriodicalIF":7.7,"publicationDate":"2025-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144664875","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"SafeAcc: A lightweight and accurate user identification scheme using location-identity learning for indoor Internet access","authors":"Mohsen Ali Alawami ,&nbsp;Sang-Hoon Choi ,&nbsp;Ki-Woong Park","doi":"10.1016/j.jnca.2025.104267","DOIUrl":"10.1016/j.jnca.2025.104267","url":null,"abstract":"<div><div>Wireless networks, especially Wi-Fi access points (APs), have been an indispensable part of our daily life. For example, cafes and restaurants provide free Wi-Fi access with/without password settings only for customers (legitimate users). However, undesired users who reside outside but still within the coverage can easily use the Internet for free, misuse the Wi-Fi network, or apply harmful threats to the connected users and devices. In case administrators protect Wi-Fi networks using the cryptographic keys in WPA2 and WPA3, they have two limitations: (1) secure Wi-Fi APs increase the burden on customers not only because of manually inputting passwords but also finding the location of Wi-Fi information (<em>i.e.,</em> SSID and password), and (2) the security of Wi-Fi APs is only as good as their passwords. To enhance the security and ensure the usability of Internet access in indoor environments, we present a lightweight and accurate identification scheme named <span>SafeAcc</span> that uses the smartphone’s physical fingerprints sensed at the user’s location inside the area-of-interest (AoI) and meanwhile hard for an attacker to mimic. In this work, we explore the synergistic cooperation of the user’s identity and location information to adapt the networks to only grant Internet access to the legitimate users who reside within the AoI. Our idea is to use Wi-Fi signals and the light intensity readings of smartphones as physical fingerprints to identify users’ locations via a location-identity learning protocol and grant or disable Internet access accordingly. To evaluate the feasibility of <span>SafeAcc</span> in real-life scenarios, we developed an android-collector application and collected a real-world dataset containing fingerprints (Wi-Fi and light scans) from 40 locations distributed in two large and adjacent neighbor areas in a building. The data collection process is repeated for ten rounds that extend for a period of a month (each round is conducted during three periods a day: Morning, Afternoon, and Evening) and using two smartphones. The experimental results show that the identification accuracy using Wi-Fi fingerprints is always higher than those of light fingerprints — F1 scores ranging from 92.4% to 99.2% for Galaxy Note5 across the ten rounds and the three periods (Morning, Afternoon, and Evening). Also, the results show a slight accuracy difference when changing the device to Galaxy S8 providing F1 scores ranging from 86.5% to 99.5%. In addition, results showed reliable performance when <span>SafeAcc</span> was evaluated against unseen fingerprints (<em>i.e.,</em> drift concept) collected after two weeks (achieved F1 scores ranging from 95% to 98.3%) and after five weeks (achieved F1 scores ranging from 97.5% to 98.7%) respectively. We also measured the identification time required for training and testing models to ensure the usability of the <span>SafeAcc</span> in real-world usage.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104267"},"PeriodicalIF":7.7,"publicationDate":"2025-07-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144664879","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A gateway-assisted blockchain-based authentication scheme for internet-of-things","authors":"Pooja Khobragade,&nbsp;Ashok Kumar Turuk","doi":"10.1016/j.jnca.2025.104252","DOIUrl":"10.1016/j.jnca.2025.104252","url":null,"abstract":"<div><div>With the rapid proliferation, a massive amount of sensitive data has been generated and transmitted by smart Internet of Things (IoT) devices in recent years. Securing this data is a significant concern as the attackers may exploit vulnerabilities in the system or deploy a malicious device to stop the system from securing itself. However, the traditional centralized authentication has its own fragility with many security risks. Blockchain technology has emerged as a promising solution for developing authentication in a decentralized network, such as IoT, offering enhanced security and resilience. Most existing blockchain-based authentication models use a registration center authority (RAC) for registration and authentication. This is susceptible to a single-point-of-failure (SPoF) and insider attacks. Also, incurs high overhead in IoT computation, communication, storage and energy consumption. This paper proposed a new smart contract-based authentication for IoT using the gateway. Gateway nodes provide system scalability by relieving the resource-constrained IoT devices from computation, communication and authentication tasks. For registration of IoT device, gateway device and users, a token is created using Merkle tree and a smart contract is executed. The proposed model uses InterPlanetary File System (IPFS) to add storage scalability for the resource-constrained IoT device. Smart contract is written in Solidity and deployed in Remix IDE. The Ethereum blockchain network is used to deploy the smart contract. Metamask Goerli test network is used to check the status of deployed contracts. The security of the proposed protocol is evaluated through both formal and informal analyses. Formal verification is conducted using the Scyther toolbox and the Random Oracle Model (ROM), while informal analysis is also carried out to assess the protocol’s resilience against potential threats. Security analysis demonstrates that the suggested protocol meets the security criteria and assures semantic security. Experimental results show that the proposed blockchain authentication protocol performs better compared to other existing work in terms of transaction cost, communication overhead, storage and cryptography costs. The proposed smart contract protocol requires a 0.486 ETH transaction fee, which is substantially lower than that of comparable protocols, highlighting its cost-effectiveness and practical viability.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104252"},"PeriodicalIF":7.7,"publicationDate":"2025-07-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144664880","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"CEMA: Cost Effective Multi-Layered Autoscaling for Microservice based Applications","authors":"Numan Shafi,&nbsp;Muhammad Abdullah,&nbsp;Waheed Iqbal,&nbsp;Faisal Bukhari","doi":"10.1016/j.jnca.2025.104266","DOIUrl":"10.1016/j.jnca.2025.104266","url":null,"abstract":"<div><div>Microservices architecture offers flexibility, scalability, and modularity by dividing applications into small and independent services. However, traditional autoscaling methods often focus on the autoscaling of the container layer alone, leading to inefficiencies such as over-provisioning and under-provisioning of virtual machines (VMs). These inefficiencies can increase operational costs and energy consumption. To address these challenges, this paper presents a novel, cost-effective Multi-Layered Autoscaling (CEMA) strategy that includes service migration to optimize resource allocation across container and VM layers. CEMA leverages predictive autoscaling techniques to dynamically adjust the number of containers and VMs based on real-time workload demands. The strategy includes a service migration mechanism that moves containers from underutilized VMs to those with available capacity, enabling the shutdown of idle VMs and reducing energy consumption. Through extensive experimentation using real-world workloads, including the WorldCup, Wikipedia, Calgary, ClarkNet, and NASA, CEMA demonstrates significant improvements over existing autoscaling methods. Results show CEMA gives 11.7% more processed requests with 19% fewer SLO violations than the baseline methods. Moreover, CEMA reduces the 1.6<span><math><mo>×</mo></math></span> infrastructure cost as compared to baseline methods. This paper highlights CEMA’s potential to enhance the efficiency and sustainability of microservices-based applications in cloud environments.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104266"},"PeriodicalIF":7.7,"publicationDate":"2025-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144597556","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Towards understanding the behavior of image-based network intrusion detection systems","authors":"Ayah Abdel-Ghani ,&nbsp;Jezia Zakraoui ,&nbsp;Abdulaziz Al-Ali ,&nbsp;Abdelhak Belhi ,&nbsp;Sandy Rahme ,&nbsp;Abdelaziz Bouras","doi":"10.1016/j.jnca.2025.104254","DOIUrl":"10.1016/j.jnca.2025.104254","url":null,"abstract":"<div><div>Network Intrusion Detection Systems play a pivotal role in preventing cyber attacks by identifying threats within computer networks. Recent advancements in deep learning techniques positioned them as highly effective methods in detecting a diverse range of cyber attacks. However, the ”Black-Box” nature of deep models makes understanding their decisions very challenging, and renders them susceptible to adversarial attacks. In this paper, we propose the use of Explainable AI (XAI) approaches in deep-learning-based network traffic classifiers to validate their decisions’ rationale and soundness. In particular, we combine the popular Grad-CAM technique with a reverse lookup algorithm to explain models trained using image-transformed raw network traffic sessions, encompassing general, malware, and encrypted traffic data. Model behaviors were analyzed by mapping the highly impacting pixels to their corresponding raw features, to facilitate investigating the meaningfulness of the features learned by the model. Experimental results indicate cases of consistent highlighting of pixels associated with network layers across specific traffic types. However, models occasionally used unexpected features during the classification process, raising security vulnerability concerns that merit serious investigation. The proposed approach serves as a valid method to explain the behavior of general black-box image-based network traffic classification models and assess their robustness. The implementation code is available at <span><span>https://github.com/ayahdev/XAI-Image-Based-IDS</span><svg><path></path></svg></span>.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104254"},"PeriodicalIF":7.7,"publicationDate":"2025-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144613103","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}