Journal of Network and Computer Applications最新文献

{"title":"Consensus hybrid ensemble machine learning for intrusion detection with explainable AI","authors":"Usman Ahmed ,&nbsp;Zheng Jiangbin ,&nbsp;Sheharyar Khan ,&nbsp;Muhammad Tariq Sadiq","doi":"10.1016/j.jnca.2024.104091","DOIUrl":"10.1016/j.jnca.2024.104091","url":null,"abstract":"<div><div>Intrusion detection systems (IDSs) are dynamic to cybersecurity because they protect computer networks from malicious activity. IDS can benefit from machine learning; however, individual models may be unable to handle sophisticated and dynamic threats. Current cutting-edge research frequently concentrates on single machine-learning models for intrusion detection. They do not emphasize the necessity for more flexible and effective alternatives. The current computer network identification design techniques often need to improve efficiency and interpretability. Techniques that allow different models to operate together and adjust to dynamic network settings are required. This research addresses this gap, suggesting an innovative ensemble learning strategy, the ”Consensus Hybrid Ensemble Model” (CHEM)”, for intrusion detection. We combined different types of models, such as linear, nonlinear, and ensemble methods, neural networks, and probabilistic models, by using a metaclassifier approach. In this setup, a hybrid model of random forest (RF) and decision tree (DT) acts as the metaclassifier in a voting classifier, which uses consensus voting to align predictions from the various base classifiers. This method enhances the decision-making by considering each base classifier’s confidence and agreement. Local and global explanation models, such as the Shapley Additive explanations (SHAP) and Local Interpretable Model-agnostic Explanations (LIME) approaches, contributed to the primary predictions of the models’ transparency. We used different datasets for testing, such as Kdd99, NSL-KDD, CIC-IDS2017, BoTNeTIoT, and Edge-IIoTset. The proposed ”CHEM” model shows impressive performance across several attack scenarios, including novel and zero-day attacks, and proves its ability to identify and adapt to changing cyber threats. Several ablation experiments were conducted on available datasets to train, test, evaluate, and compare the proposed ”CHEM” model with the most sophisticated and state-of-the-art models. This research combines machine learning algorithms to create a precise IDS that adapts to ever-changing cyber threats.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"235 ","pages":"Article 104091"},"PeriodicalIF":7.7,"publicationDate":"2024-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142874162","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Adaptive differential privacy in asynchronous federated learning for aerial-aided edge computing","authors":"Yadong Zhang ,&nbsp;Huixiang Zhang ,&nbsp;Yi Yang ,&nbsp;Wen Sun ,&nbsp;Haibin Zhang ,&nbsp;Yaru Fu","doi":"10.1016/j.jnca.2024.104087","DOIUrl":"10.1016/j.jnca.2024.104087","url":null,"abstract":"<div><div>The integration of aerial-aided edge computing and federated learning (FL) is expected to completely change the way data is collected and utilized in edge computing scenarios, while effectively addressing the issues of data privacy protection and data distribution in this scenario. However, in the face of the challenge of device heterogeneity at the edge computing systems, most current synchronous federated learning approaches suffer from low efficiency because of the straggler effect. This issue can be significantly mitigated by adopting Asynchronous Federated Learning (AFL). Despite the potential benefits, AFL remains under-explored, posing a significant hurdle to optimizing the utility of privacy-enhanced AFL. To address this, we introduce adaptive differential privacy algorithms aimed at enhancing the balance between model utility and privacy in AFL. Our approach begins by defining two frameworks for privacy-enhanced AFL, taking into account various factors relevant to different adversary models. Through in-depth analysis of the model convergence in AFL, we demonstrate how differential privacy can be adaptively achieved while maintaining high utility. Extensive experiments on diverse training models and benchmark datasets showcase that our proposed algorithms outperform existing benchmark methods in terms of overall performance, enhancing test accuracy under similar privacy constraints and achieving faster convergence rates.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"235 ","pages":"Article 104087"},"PeriodicalIF":7.7,"publicationDate":"2024-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142873856","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A survey of Machine Learning-based Physical-Layer Authentication in wireless communications","authors":"Rui Meng ,&nbsp;Bingxuan Xu ,&nbsp;Xiaodong Xu ,&nbsp;Mengying Sun ,&nbsp;Bizhu Wang ,&nbsp;Shujun Han ,&nbsp;Suyu Lv ,&nbsp;Ping Zhang","doi":"10.1016/j.jnca.2024.104085","DOIUrl":"10.1016/j.jnca.2024.104085","url":null,"abstract":"<div><div>To ensure secure and reliable communication in wireless systems, authenticating the identities of numerous nodes is imperative. Traditional cryptography-based authentication methods suffer from issues such as low compatibility, reliability, and high complexity. Physical-Layer Authentication (PLA) is emerging as a promising complement due to its exploitation of unique properties in wireless environments. Recently, Machine Learning (ML)-based PLA has gained attention for its intelligence, adaptability, universality, and scalability compared to non-ML approaches. However, a comprehensive overview of state-of-the-art ML-based PLA and its foundational aspects is lacking. This paper presents a comprehensive survey of characteristics and technologies that can be used in the ML-based PLA. We categorize existing ML-based PLA schemes into two main types: multi-device identification and attack detection schemes. In deep learning-based multi-device identification schemes, Deep Neural Networks are employed to train models, avoiding complex processing and expert feature transformation. Deep learning-based multi-device identification schemes are further subdivided, with schemes based on Convolutional Neural Networks being extensively researched. In ML-based attack detection schemes, receivers utilize intelligent ML techniques to set detection thresholds automatically, eliminating the need for manual calculation or knowledge of channel models. ML-based attack detection schemes are categorized into three sub-types: Supervised Learning, Unsupervised Learning, and Reinforcement Learning. Additionally, we summarize open-source datasets used for PLA, encompassing Radio Frequency fingerprints and channel fingerprints. Finally, this paper outlines future research directions to guide researchers in related fields.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"235 ","pages":"Article 104085"},"PeriodicalIF":7.7,"publicationDate":"2024-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142825310","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Optimizing federated learning with weighted aggregation in aerial and space networks","authors":"Fan Dong,&nbsp;Henry Leung,&nbsp;Steve Drew","doi":"10.1016/j.jnca.2024.104086","DOIUrl":"10.1016/j.jnca.2024.104086","url":null,"abstract":"<div><div>Federated learning offers a promising solution for overcoming the challenges of networking and data privacy in aerial and space networks by harnessing large-scale private edge data and computing resources from drones, balloons, and satellites. Although existing research has extensively explored optimizing the learning process, improving computing efficiency, and reducing communication overhead, statistical heterogeneity remains a substantial challenge for federated learning optimization. While state-of-the-art algorithms have made progress, they often overlook diversity heterogeneity and fail to significantly improve performance in high-degree label heterogeneity conditions. In this paper, statistical heterogeneity is further dissected into two categories: diversity heterogeneity and label heterogeneity, allowing for a more nuanced analysis. It also emphasizes the importance of addressing both diversity heterogeneity and high-degree label heterogeneity in aerial and space network applications. A theoretical analysis is provided to guide optimization in these two challenging scenarios. To tackle diversity heterogeneity, the WeiAvgCS algorithm is introduced to accelerate federated learning convergence. This algorithm employs weighted aggregation and client selection based on an estimated diversity measure, termed <em>projection</em>, enabling WeiAvgCS to outperform other benchmarks without compromising privacy. For high-degree label heterogeneity, the FedBalance algorithm is proposed, utilizing the label distribution information of each client. A novel metric, termed <em>relative scarcity</em>, is introduced to determine the aggregation weights assigned to clients. During the training process, fully homomorphic encryption is employed to protect clients’ label distributions. Additionally, two communication protocols are designed to facilitate training across different scenarios. Extensive experiments were conducted, demonstrating the effectiveness of WeiAvgCS and FedBalance in addressing the research gaps in diversity heterogeneity and high-degree label heterogeneity.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"235 ","pages":"Article 104086"},"PeriodicalIF":7.7,"publicationDate":"2024-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142873857","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A novel community-driven recommendation-based approach to predict and select friendships on the social IoT utilizing deep reinforcement learning","authors":"Babak Farhadi ,&nbsp;Parvaneh Asghari ,&nbsp;Ebrahim Mahdipour ,&nbsp;Hamid Haj Seyyed Javadi","doi":"10.1016/j.jnca.2024.104092","DOIUrl":"10.1016/j.jnca.2024.104092","url":null,"abstract":"<div><div>The study of how to integrate Complex Networks (CN) within the Internet of Things (IoT) ecosystem has advanced significantly because of the field's recent expansion. CNs can tackle the biggest IoT issues by providing a common conceptual framework that encompasses the IoT scope. To this end, the Social Internet of Things (SIoT) perspective is introduced. In this study, a dynamic community-driven recommendation-oriented connection prediction and choice strategy utilizing Deep Reinforcement Learning (DRL) is proposed to deal with the key challenges located in the SIoT friendship selection component. To increase the efficiency of exploration, we incorporate an approach motivated by curiosity to create an intrinsic bonus signal that encourages the DRL agent to efficiently interact with its surroundings. Also, a novel method for Dynamic Community Detection (DCD) on SIoT to carry out community-oriented object recommendations is introduced. Lastly, we complete the experimental verifications utilizing datasets from the real world, and the experimental findings demonstrate that, in comparison to the related baselines, the approach presented here can enhance the accuracy of the social IoT friendship selection task and the effectiveness of training.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"235 ","pages":"Article 104092"},"PeriodicalIF":7.7,"publicationDate":"2024-12-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142873860","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A secure routing and malicious node detection in mobile Ad hoc network using trust value evaluation with improved XGBoost mechanism","authors":"Geetika Dhand ,&nbsp;Meena Rao ,&nbsp;Parul Chaudhary ,&nbsp;Kavita Sheoran","doi":"10.1016/j.jnca.2024.104093","DOIUrl":"10.1016/j.jnca.2024.104093","url":null,"abstract":"<div><div>Mobile ad hoc networks (MANETs) are beneficial in a wide range of sectors because of their rapid network creation capabilities. If mobile nodes collaborate and have mutual trust, the network can function properly. Routing becomes more difficult, and vulnerabilities are exposed more quickly as a result of flexible network features and frequent relationship flaws induced by node movement. This paper proposes a method for evaluating trust nodes using direct trust values, indirect trust values, and comprehensive trust values. Then, evaluating the trust value, the network's malicious and non-malicious nodes are identified using the Improved Extreme Gradient Boosting (XGBoost) algorithm. From the detected malicious nodes, the cluster head is chosen to ensure effective data transmission. Finally, the optimal routes are chosen using a novel Enhanced Cat Swarm-assisted Optimized Link State Routing Protocol (ECSO OLSRP). Furthermore, the Cat Swarm Optimization (CSO) algorithm determines the ideal route path based on characteristics such as node stability degree and connection stability degree. Because the proposed technique provides secure data transmission, node path setup, and node efficiency evaluation, it can maintain network performance even in the presence of several hostile nodes. The performance of the proposed trust-based approach security routing technique in terms of packet delivery ratio of nodes (0.47), end-to-end delay time of nodes (0.06), network throughput of nodes (1852.22), and control overhead of nodes (7.41).</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"235 ","pages":"Article 104093"},"PeriodicalIF":7.7,"publicationDate":"2024-12-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142873859","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Label-aware learning to enhance unsupervised cross-domain rumor detection","authors":"Hongyan Ran,&nbsp;Xiaohong Li,&nbsp;Zhichang Zhang","doi":"10.1016/j.jnca.2024.104084","DOIUrl":"10.1016/j.jnca.2024.104084","url":null,"abstract":"<div><div>Recently, massive research has achieved significant development in improving the performance of rumor detection. However, identifying rumors in an invisible domain is still an elusive challenge. To address this issue, we propose an unsupervised cross-domain rumor detection model that enhances contrastive learning and cross-attention by label-aware learning to alleviate the domain shift. The model performs cross-domain feature alignment and enforces target samples to align with the corresponding prototypes of a given source domain. Moreover, we use a cross-attention mechanism on a pair of source data and target data with the same labels to learn domain-invariant representations. Because the samples in a domain pair tend to express similar semantic patterns, especially on the people’s attitudes (e.g., supporting or denying) towards the same category of rumors. In addition, we add a label-aware learning module as an enhancement component to learn the correlations between labels and instances during training and generate a better label distribution to replace the original one-hot label vector to guide the model training. At the same time, we use the label representation learned by the label learning module to guide the production of pseudo-label for the target samples. We conduct experiments on four groups of cross-domain datasets and show that our proposed model achieves state-of-the-art performance.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"235 ","pages":"Article 104084"},"PeriodicalIF":7.7,"publicationDate":"2024-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142825314","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A comprehensive plane-wise review of DDoS attacks in SDN: Leveraging detection and mitigation through machine learning and deep learning","authors":"Dhruv Kalambe,&nbsp;Divyansh Sharma,&nbsp;Pushkar Kadam,&nbsp;Shivangi Surati","doi":"10.1016/j.jnca.2024.104081","DOIUrl":"10.1016/j.jnca.2024.104081","url":null,"abstract":"<div><div>The traditional architecture of networks in Software Defined Networking (SDN) is divided into three distinct planes to incorporate intelligence into networks. However, this structure has also introduced security threats and challenges across these planes, including the widely recognized Distributed Denial of Service (DDoS) attack. Therefore, it is essential to predict such attacks and their variants at different planes in SDN to maintain seamless network operations. Apart from network based and flow analysis based solutions to detect the attacks; machine learning and deep learning based prediction and mitigation approaches are also explored by the researchers and applied at different planes of software defined networking. Consequently, a detailed analysis of DDoS attacks and a review that explores DDoS attacks in SDN along with their learning based prediction/mitigation strategies are required to be studied and presented in detail. This paper primarily aims to investigate and analyze DDoS attacks on each plane of SDN and to study as well as compare machine learning, advanced federated learning and deep learning approaches to predict these attacks. The real world case studies are also explored to compare the analysis. In addition, low-rate DDoS attacks and novel research directions are discussed that can further be utilized by SDN experts and researchers to confront the effects by DDoS attacks on SDN.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"235 ","pages":"Article 104081"},"PeriodicalIF":7.7,"publicationDate":"2024-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142825313","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"MDQ: A QoS-Congestion Aware Deep Reinforcement Learning Approach for Multi-Path Routing in SDN","authors":"Lizeth Patricia Aguirre Sanchez,&nbsp;Yao Shen,&nbsp;Minyi Guo","doi":"10.1016/j.jnca.2024.104082","DOIUrl":"10.1016/j.jnca.2024.104082","url":null,"abstract":"<div><div>The challenge of link overutilization in networking persists, prompting the development of load-balancing methods such as multi-path strategies and flow rerouting. However, traditional rule-based heuristics struggle to adapt dynamically to network changes. This leads to complex models and lengthy convergence times, unsuitable for diverse QoS demands, particularly in time-sensitive applications. Existing routing approaches often result in specific types of traffic overloading links or general congestion, prolonged convergence delays, and scalability challenges. To tackle these issues, we propose a QoS-Congestion Aware Deep Reinforcement Learning Approach for Multi-Path Routing in Software-Defined Networking (MDQ). Leveraging Deep Reinforcement Learning, MDQ intelligently selects optimal multi-paths and allocates traffic based on flow needs. We design a multi-objective function using a combination of link and queue metrics to establish an efficient routing policy. Moreover, we integrate a congestion severity index into the learning process and incorporate a traffic classification phase to handle mice-elephant flows, ensuring that diverse class-of-service requirements are adequately addressed. Through an RYU-Docker-based Openflow framework integrating a Live QoS Monitor, DNC Classifier, and Online Routing, results demonstrate a 19%–22% reduction in delay compared to state-of-the-art algorithms, exhibiting robust reliability across diverse scenarios of network dynamics.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"235 ","pages":"Article 104082"},"PeriodicalIF":7.7,"publicationDate":"2024-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142825309","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Caching or re-computing: Online cost optimization for running big data tasks in IaaS clouds","authors":"Xiankun Fu,&nbsp;Li Pan,&nbsp;Shijun Liu","doi":"10.1016/j.jnca.2024.104080","DOIUrl":"10.1016/j.jnca.2024.104080","url":null,"abstract":"<div><div>High computing power and large storage capacity are necessary for running big data tasks, which leads to high infrastructure costs. Infrastructure-as-a-Service (IaaS) clouds can provide configuration environments and computing resources needed for running big data tasks, while saving users from expensive software and hardware infrastructure investments. Many studies show that the cost of computation can be reduced by caching intermediate results and reusing them instead of repeating computations. However, the storage cost incurred by caching a large number of intermediate results over a long period of time may exceed the cost of computation, ultimately leading to an increase in total cost instead. For making optimal caching decisions, future usage profiles for big data tasks are needed, but it is generally very hard to predict them precisely. In this paper, to address this problem, we propose two practical online algorithms, one deterministic and the other randomized, which can determine whether to cache intermediate results to reduce the total cost of big data tasks without requiring any future information. We prove theoretically that the competitive ratio of the proposed deterministic (randomized) algorithm is <span><math><mrow><mi>m</mi><mi>i</mi><mi>n</mi><mrow><mo>(</mo><mn>2</mn><mo>−</mo><mfrac><mrow><mn>1</mn><mo>−</mo><mi>η</mi></mrow><mrow><mi>δ</mi></mrow></mfrac><mo>,</mo><mn>2</mn><mo>−</mo><mfrac><mrow><mi>η</mi></mrow><mrow><mi>β</mi></mrow></mfrac><mo>)</mo></mrow></mrow></math></span> (resp., <span><math><mfrac><mrow><mi>e</mi></mrow><mrow><mi>e</mi><mo>−</mo><mn>1</mn></mrow></mfrac></math></span>). Using real-world Wikipedia data as well as synthetic datasets, we verify the effectiveness of our proposed algorithms through a large number of experiments based on the price of Alibaba’s public IaaS cloud products.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"235 ","pages":"Article 104080"},"PeriodicalIF":7.7,"publicationDate":"2024-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142825311","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}