Journal of Network and Computer Applications最新文献

{"title":"Spectrum-efficient hybrid protection with dedicated and shared paths in elastic optical data center networks","authors":"Xu Zhang ,&nbsp;Hankun Zeng ,&nbsp;Chuan Feng ,&nbsp;Yuxin Xu ,&nbsp;Fan Zhang ,&nbsp;Xiaoxue Gong ,&nbsp;Lei Guo","doi":"10.1016/j.jnca.2025.104238","DOIUrl":"10.1016/j.jnca.2025.104238","url":null,"abstract":"<div><div>Spectral efficiency is essential for ensuring the survivability of service requests that require multi-level protection in elastic optical data center networks (EODCNs). To tackle the survivability issue, we first create a system model that includes a network model, a service request model, and a dedicated and shared paths model. Next, we develop an integer linear programming (ILP) model aimed at minimizing the maximum index of allocated frequency slots (FSs) for various service requests with dedicated path protection (DPP) and shared backup path protection (SBPP) levels. Following this, we propose a spectrum-efficient hybrid protection algorithm (SEHPA) for survivable routing, modulation level, and spectrum assignment. Finally, we solve the ILP problem in a small-scale topology and evaluate the SEHPA algorithm in different large-scale topologies. Simulation results indicate that the SEHPA algorithm can reduce the percentage of unserviced requests by 16.1% while utilizing fewer network resources.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104238"},"PeriodicalIF":7.7,"publicationDate":"2025-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144589290","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Enhancing visibility on a science DMZ with P4-perfSONAR","authors":"Ali Mazloum ,&nbsp;Elie Kfoury ,&nbsp;Ali AlSabeh ,&nbsp;Jose Gomez ,&nbsp;Jorge Crichigno","doi":"10.1016/j.jnca.2025.104263","DOIUrl":"10.1016/j.jnca.2025.104263","url":null,"abstract":"<div><div>The Science Demilitarized Zone (Science DMZ) is a specialized network designed to facilitate the transfer of large-scale scientific data. One of the key elements of the Science DMZ is perfSONAR, an active performance measurement device that monitors end-to-end paths over multiple domains. Although versatile, perfSONAR faces limitations such as restricted visibility of events and coarse-grained measurements. This paper proposes a scheme that integrates P4 programmable data plane (PDP) switches with perfSONAR. P4 PDP switches are passively installed and operate on real-time traffic copies, providing flexibility to collect fine-grained custom measurements and report events in the data plane. This integration enables perfSONAR to collect per-flow granular statistics of actual traffic, identify a broader range of networking issues, and enhance visibility while reducing the overhead of active tests. Additionally, the scheme uses an adaptive linear prediction (LP) model that dynamically adjusts the rate of reports sent from the P4 PDP switch to perfSONAR, minimizing the storage and processing needed for the latter. Experimental results show that the system reduces the number of reports by a factor of five while maintaining a small and configurable relative mean error (RME).</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104263"},"PeriodicalIF":7.7,"publicationDate":"2025-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144579778","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A new segment routing with NEMO BSP based distributed mobility management approach in smart city network","authors":"Zainab Abdulsalam ,&nbsp;Shayla Islam ,&nbsp;Mohammad Kamrul Hasan ,&nbsp;Raenu Kolandaisamy ,&nbsp;Md Arafatur Rahman ,&nbsp;Hashim Elshafie ,&nbsp;Huda Saleh Abbas ,&nbsp;Ala Eldin Awouda ,&nbsp;Elankovan A. Sundararajan","doi":"10.1016/j.jnca.2025.104262","DOIUrl":"10.1016/j.jnca.2025.104262","url":null,"abstract":"<div><div>Due to high hop counts and complex inter-domain handover processing, the existing Distributed Mobility Management(DMM) framework in smart cities suffers from moderate delay and reliability issues during the handoff process in critical environments. These challenges hinder network efficiency, increasing latency, packet delivery costs, and reconfiguration requirements. In the present work, we proposed a novel Network Mobility Basic Support Protocol (NEMO BSP) with Segment Routing (SR) approach to enhance the network performance in distributed mobility management environments. The Segment Routing (SR) is integrated with existing network mobility methods to enhance performance. Also, we have proposed an algorithm NEMO-SR to reduce the hop count for data transmission. In previous research, the authors have reported various routing methods. However, the existing network mobility and routing methods mainly focus on the distributed mobility scheme of routers, which can improve performance to a certain extent. However, the segment routing-based distributed network mobility system can improve performance by optimizing the number of hop counts. SR enables optimized path selection and minimizes the overhead by reducing hop counts and reconfiguration needs. Thus, the proposed method can improve the key performance metrics such as Packet Delivery Cost (PDC), Latency, Tunnel Creation Rate (TCR), and Throughput. The proposed model introduces SR-specific tuning factors, which perform adaptive optimization and adjust the impact of SR on network metrics according to real-time conditions. This adaptive tuning is instrumental in high-mobility environments and data-intensive networks typical of 5G and Beyond 5G systems. SR minimizes signaling overhead and improves resource efficiency by effectively reducing the need for frequent tunnel reconfigurations. The performance of the proposed method is compared with the existing methods to analyze the performance. For the validation, both numerical analysis and simulation results were developed. The results prove that the proposed method supports mobility more efficiently, and the performance of the proposed method improves in terms of throughput, latency, PDC, and other parameters.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104262"},"PeriodicalIF":7.7,"publicationDate":"2025-07-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144597555","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Robust and lightweighted mutual authentication scheme for drone swarm networks","authors":"Kiran Illyass,&nbsp;Zubair Baig,&nbsp;Naeem Syed","doi":"10.1016/j.jnca.2025.104264","DOIUrl":"10.1016/j.jnca.2025.104264","url":null,"abstract":"<div><div>Drones are being increasingly adopted across both military and commercial domains to serve remote rendering, monitoring, surveillance and service delivery operations. Drone swarms comprise multiple drones operating cohesively as a unified system to provide collective services. Each drone in a swarm must establish mutual trust with other drones to ensure authenticity in data exchange and also to prevent the compromise of a mission. Inter-drone communication links are vulnerable to cyber threats, including unauthorized access and spoofing. While most existing studies focus on authentication mechanisms for drone-to-stationary base stations, very little research work has explored inter-drone authentication protocols specifically designed for decentralized topologies. We propose a lightweight authentication scheme for inter-drone communication that leverages a dynamic challenge–response mechanism, hash-based message authentication code and authenticated encryption to facilitate mutual authentication. We validate the efficacy of the proposed protocol through extensive informal analysis based on the Dolev–Yao and the Canetti–Krawczyk threat models and through Scyther and random oracle-based formal analysis. We also compare the protocol’s performance with state-of-the-art authentication schemes to demonstrate its efficacy and efficiency. The results obtained demonstrate the supremacy of the protocol in cost-effective threat prevention for swarms of drones.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104264"},"PeriodicalIF":7.7,"publicationDate":"2025-07-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144589291","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Sybil attack detection and traceability scheme based on temporal heterogeneous graph attention networks","authors":"Ye Chen,&nbsp;Yingxu Lai,&nbsp;Congai Zeng","doi":"10.1016/j.jnca.2025.104261","DOIUrl":"10.1016/j.jnca.2025.104261","url":null,"abstract":"<div><div>In the development and application of cooperative driving technology, Sybil attacks pose a serious threat to vehicle safety. Although existing detection schemes can identify erroneous information from Sybil nodes, they cannot prevent ongoing attacks and struggle to accurately trace their sources. The high concealment and intermittent message silences of attack sources are the root causes of this challenge. To address this, This paper propose a Sybil attack detection and tracing scheme based on a temporal heterogeneous graph attention network. Our method deeply integrates graph-structured data capturing vehicle behaviors, spatiotemporal characteristics, and dynamic traffic flow changes, and leverages graph attention to model complex interaction patterns among vehicles. This enables precise Sybil detection and physical tracing even during silent attack intervals. Experimental results on the VeReMi-Extension dataset demonstrate that our scheme achieves a Sybil node detection accuracy of 99.89% and successfully traces over 85% of attack source vehicles — a 50% improvement in tracing recall compared to existing approaches — effectively mitigating the threat of Sybil attacks. Notably, this work fills the existing research gap in tracking the physical locations of Sybil attackers.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104261"},"PeriodicalIF":7.7,"publicationDate":"2025-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144563421","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"MOOO-RDQN: A deep reinforcement learning based method for multi-objective optimization of controller placement and traffic monitoring in SDN","authors":"Jue Chen,&nbsp;Yurui Ma,&nbsp;Wenjing Lv,&nbsp;Xihe Qiu,&nbsp;Junhao Wu","doi":"10.1016/j.jnca.2025.104253","DOIUrl":"10.1016/j.jnca.2025.104253","url":null,"abstract":"<div><div>Software Defined Networks (SDN) necessitates efficient controller placement strategies to address the NP-hard Controller Placement Problem (CPP), which involves minimizing propagation latency, balancing controller loads, and ensuring adaptability to dynamic network conditions. Traditional heuristic and deterministic algorithms face challenges in balancing optimality and computational efficiency, particularly in large-scale heterogeneous networks. This paper proposes Multi-Objective Optimization Oriented-Rainbow Deep Q Network (MOOO-RDQN), deep reinforcement learning framework that synergizes five advanced techniques, including double Q-learning, prioritized experience replay, dueling networks, multi-step learning, and noisy networks, to jointly optimize controller placement and switch-controller mapping. Experimental evaluations on real-world topologies demonstrate that MOOO-RDQN outperforms standard and state-of-the-art algorithms, achieving reductions of up to 42.49% in average controller-switch latency, 59.39% in worst-case latency, 30.56% in load imbalance, and 28.73% in training time. The solution gap from brute-force global optima remains below 15% across diverse network scales. Complementing the algorithmic innovation, we design an FPGA (Field-Programmable Gate Array) based traffic monitoring module utilizing CAN (Controller Area Network) interfaces and LED (Light-Emitting Diode) indicators to detect controller overloads in real-time. This hardware-software co-design not only validates the practicality of MOOO-RDQN but also lays the foundation for future works on closed-loop control plane optimization.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104253"},"PeriodicalIF":7.7,"publicationDate":"2025-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144563505","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Integrated probabilistic clustering and Deep Reinforcement Learning for bias mitigation and device heterogeneity of Federated Learning in edge networks","authors":"Neha Singh ,&nbsp;Mainak Adhikari","doi":"10.1016/j.jnca.2025.104259","DOIUrl":"10.1016/j.jnca.2025.104259","url":null,"abstract":"<div><div>Federated Learning (FL) enables decentralized and collaborative training on resource-constrained Edge Devices (EDs) while preserving data privacy by avoiding raw data transmission. However, traditional FL approaches face challenges such as non-independent and identically distributed (non-IID) data, biased model aggregation due to device heterogeneity, and inefficiencies caused by stragglers during model updates. We propose a novel Hierarchical Deep Reinforcement Learning-based Probabilistic Federated Learning (Hier-FedDRL) strategy to address these limitations. This framework combines local and central Deep Reinforcement Learning (DRL) agents with a probabilistic clustering approach to manage heterogeneous devices and optimize resource allocation dynamically. Local DRL agents optimize intra-cluster operations, including training and resource distribution, while the central DRL agent oversees global model updates and inter-cluster coordination.</div><div>To ensure balanced aggregation and mitigate biases, the proposed framework employs Gaussian Mixture Models (GMMs) for clustering EDs based on their data distributions and resource characteristics. Additionally, a dynamic contribution-based aggregation technique is introduced to fairly weigh updates from diverse EDs, reducing biases in the global model. The performance of Hier-FedDRL is evaluated in a cloud-based setup, where Docker containers are used to simulate EDs and Google Kubernetes Engine clusters for cloud orchestration. Experimental results over benchmark datasets demonstrate that the proposed Hier-FedDRL achieves 4%–6% higher accuracy, reduces convergence time by 7%–10%, and lowers bias in the global model by 25%, outperforming state-of-the-art FL approaches while effectively addressing data and resource heterogeneity.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104259"},"PeriodicalIF":7.7,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144535513","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"MTD-FRD: Malicious traffic detection method based on feature representation and conditional diffusion model","authors":"Saihua Cai ,&nbsp;Wenjun Zhao ,&nbsp;Jinfu Chen ,&nbsp;Yige Zhao ,&nbsp;Shengran Wang","doi":"10.1016/j.jnca.2025.104256","DOIUrl":"10.1016/j.jnca.2025.104256","url":null,"abstract":"<div><div>With the rapid development of computer network, security issues are more serious. Malicious traffic detection can effectively discover the malicious behaviors in network activities through detecting the malicious traffic in large-scale network traffic, and it has become an important mean to maintain the cyberspace security. However, traditional malicious traffic detection methods analyze the traffic behavior by processing the network traffic in the formats such as PCAP, CSV and gray-scale images, they cannot fully extract the deep association information in network traffic, leading to the problems such as unclear feature representations. In addition, data imbalance problem existing in network traffic can cause the training of detection model to bias towards normal traffic, and further resulting in high false negatives and weakening the model’s ability to recognize new types of attacks, which seriously affects the accuracy of malicious traffic detection models. This paper proposes a malicious traffic detection method called MTD-FRD, which accurately detects the malicious traffic via introducing feature representation of RGB images, conditional diffusion model and bidirectional traffic channel attention long and short-term memory network (BTCA_LSTM). Firstly, the feature representation of RGB images is constructed for preserving the detailed structural features and distribution information of network traffic, which improves the feature characterization ability. And then, a network conditional diffusion model is proposed to denoise the original network traffic, which utilizes the distribution conditions of RGB images and their own features to generate the high-quality RGB images for solving the data imbalance problem. Finally, a BTCA_LSTM model is constructed to achieve efficient malicious traffic detection by extracting the fine-grained features, local features and contextual correlations in the RGB images after data augmentation. Experimental results on three widely used network traffic show that compared with five state-of-the-arts, the proposed MTD-FRD method is able to improve the TPR, F1-measure and Accuracy by 1.34%–7.51%, 1.40%–7.51% and 1.30%–12.28%, as well as reduce the FPR by 0.022%–0.484%, it also achieves more stable detection validity.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104256"},"PeriodicalIF":7.7,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144522688","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A survey on security applications with SmartNICs: Taxonomy, implementations, challenges, and future trends","authors":"Sergio Elizalde ,&nbsp;Ali AlSabeh ,&nbsp;Ali Mazloum ,&nbsp;Samia Choueiri ,&nbsp;Elie Kfoury ,&nbsp;Jose Gomez ,&nbsp;Jorge Crichigno","doi":"10.1016/j.jnca.2025.104257","DOIUrl":"10.1016/j.jnca.2025.104257","url":null,"abstract":"<div><div>Over the last decade, network applications have grown exponentially, demanding high-speed interconnects. Unfortunately, chip manufacturers are approaching the upper limits of silicon-based computing with slow improvements in computational performance and energy efficiency. This trend has forced the industry to shift paradigms, moving from monolithic architectures to heterogeneous, domain-specific designs. Moreover, the ever-evolving threats compromise digital services and demand more scalable and flexible solutions to ensure service continuity in production networks. Smart Network Interface Cards (SmartNICs) are a product of this new paradigm, integrating domain-specific engines and general-purpose cores to offload various network infrastructure tasks, including those related to security. This paper provides a comprehensive overview of SmartNICs, with a particular focus on their role in strengthening network defenses. It introduces SmartNIC technology and presents a taxonomy of security applications offloaded to SmartNICs, categorized into Intrusion Detection and Prevention Systems (IDS/IPS), defenses against volumetric attacks, and data confidentiality mechanisms. Additionally, the paper explores vulnerabilities associated with adopting SmartNICs in the cloud, examining the threat model and reviewing proposed remediations in the literature. Finally, it discusses challenges and future trends in SmartNIC security applications, highlighting current initiatives and open research areas.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104257"},"PeriodicalIF":7.7,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144566067","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Effective ensemble learning phishing detection system using hybrid feature selection","authors":"Aaron Connolly ,&nbsp;Hany F. Atlam","doi":"10.1016/j.jnca.2025.104251","DOIUrl":"10.1016/j.jnca.2025.104251","url":null,"abstract":"<div><div>Phishing emails pose a significant threat to individuals and os, with traditional detection methods struggling to keep pace with the evolving sophistication of these attacks. Conventional Machine Learning (ML) approaches exhibit several limitations in achieving satisfactory accuracy levels when challenged with the evolving sophistication of phishing techniques. To effectively mitigate this challenge, the implementation of an advanced detection system incorporating innovative and sophisticated ML algorithms is crucial. Therefore, this paper proposed a novel stacking ensemble learning approach that leverages hybrid feature selection. The proposed model enhances the effectiveness of phishing detection by combining predictions from multiple ML algorithms, each utilising different subsets of features extracted from various parts of the email, including the header, body, and URLs. This comprehensive feature set ensures that the model captures a wide range of characteristics that differentiate phishing emails from legitimate ones. Extensive experiments were conducted to evaluate the effectiveness of the proposed model. The experimental results demonstrate that the proposed model achieves an impressive accuracy of 99.53% and an F1-measure of 0.9955, surpassing the highest accuracy of 99.10% obtained by any individual ML algorithm and outperforming the most effective phishing detection systems documented in recent literature. This significant improvement in accuracy highlights the efficacy of ensemble learning in this domain. Furthermore, the increase in accuracy is achieved with only a minimal 1.6 ms increase in detection time, making the model practical for real-world applications. This paper contributes significantly to the field of phishing detection by demonstrating the effectiveness of ensemble learning techniques in combination with hybrid feature selection. The proposed model offers a practical and effective solution to the problem of phishing, with the potential to significantly reduce the number of malicious emails reaching users’ inboxes.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"242 ","pages":"Article 104251"},"PeriodicalIF":7.7,"publicationDate":"2025-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144522689","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}