Pub Date : 2025-08-28DOI: 10.1109/TNSM.2025.3603630
Wenjun Fan;Na Fan;Junhui Zhang;Jia Liu;Yifan Dai
On vehicular named data network (VNDN), Interest Flooding Attack (IFA) can exhaust the computing resources by sending a large number of malicious Interest packets, which leads to the failure of satisfying the legitimate requests and seriously hazards the operation of Internet of Vehicles (IoV). To solve this problem, this paper proposes a distributed network traffic monitoring-enabled multi-indicator detection and prevention approach for VNDN to detect and resist the IFA attacks. In order for facilitating this approach, a distributed network traffic monitoring layer based on road side unit (RSU) is constructed. With such a monitoring layer, a multi-indicator detection approach is designed, which consists of three indicators: information entropy, self-similarity, and singularity, whereby the thresholds are tweaked by the real-time density of traffic flow. Apart from the detection, a blacklisting based prevention approach is realized to mitigate the attack impact. We validate the proposed approach via prototyping it on our VNDN experimental platform using realistic parameters setting and leveraging the original NDN packet structure to corroborate the usage of the required Source ID for identifying the source of the Interest packet, which consolidates the practicability of the approach. The experimental results show that our multi-indicator detection approach has a greatly higher detection performance than those of using indicators individually, and the blacklisting-based prevention can effectively mitigate the attack impact as well.
{"title":"Securing VNDN With Multi-Indicator Intrusion Detection Approach Against the IFA Threat","authors":"Wenjun Fan;Na Fan;Junhui Zhang;Jia Liu;Yifan Dai","doi":"10.1109/TNSM.2025.3603630","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3603630","url":null,"abstract":"On vehicular named data network (VNDN), Interest Flooding Attack (IFA) can exhaust the computing resources by sending a large number of malicious Interest packets, which leads to the failure of satisfying the legitimate requests and seriously hazards the operation of Internet of Vehicles (IoV). To solve this problem, this paper proposes a distributed network traffic monitoring-enabled multi-indicator detection and prevention approach for VNDN to detect and resist the IFA attacks. In order for facilitating this approach, a distributed network traffic monitoring layer based on road side unit (RSU) is constructed. With such a monitoring layer, a multi-indicator detection approach is designed, which consists of three indicators: information entropy, self-similarity, and singularity, whereby the thresholds are tweaked by the real-time density of traffic flow. Apart from the detection, a blacklisting based prevention approach is realized to mitigate the attack impact. We validate the proposed approach via prototyping it on our VNDN experimental platform using realistic parameters setting and leveraging the original NDN packet structure to corroborate the usage of the required Source ID for identifying the source of the Interest packet, which consolidates the practicability of the approach. The experimental results show that our multi-indicator detection approach has a greatly higher detection performance than those of using indicators individually, and the blacklisting-based prevention can effectively mitigate the attack impact as well.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 6","pages":"6097-6111"},"PeriodicalIF":5.4,"publicationDate":"2025-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145665762","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-08-26DOI: 10.1109/TNSM.2025.3602964
Shuangwu Chen;Siyang Chen;Yuxing Wei;Dong Jin;Xiaobin Tan;Xiaofeng Jiang;Jian Yang
Website Fingerprinting (WF) attacks have posed a serious threat to the anonymity of the onion router (Tor) communication system, as attackers can passively pry into the encrypted traffic and infer the website visited by users. To defend against WF, recent studies focus on adversarial perturbations. However, most of them suffer from a high bandwidth overhead and a low defense performance. To address this problem, our basic idea is to generate perturbation only on the sensitive regions, which can effectively mask the website’s fingerprint, thus misleading the WF attack models and reducing the bandwidth overhead. In this paper, we formulate a joint optimization problem of perturbation position and magnitude by confining the perturbations within sensitive regions, which is rarely considered in the literature. We propose a robust low-overhead WF defense method based on reinforcement learning (RL), named RLpatch. RLpatch identifies the common sensitive regions of various surrogate models and adjusts perturbation according to the query result from a query WF model. It further employs the positional frequency of perturbations to generate a common perturbation paradigm for different traces of a same website. Experimental results show that RLpatch achieves higher defense performance, lower bandwidth overhead and better robustness against adversarial training compared to the state-of-the-art methods.
{"title":"RLpatch: A Robust Low-Overhead Website Fingerprinting Defense Method Based on Reinforcement Learning Within Sensitive Regions","authors":"Shuangwu Chen;Siyang Chen;Yuxing Wei;Dong Jin;Xiaobin Tan;Xiaofeng Jiang;Jian Yang","doi":"10.1109/TNSM.2025.3602964","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3602964","url":null,"abstract":"Website Fingerprinting (WF) attacks have posed a serious threat to the anonymity of the onion router (Tor) communication system, as attackers can passively pry into the encrypted traffic and infer the website visited by users. To defend against WF, recent studies focus on adversarial perturbations. However, most of them suffer from a high bandwidth overhead and a low defense performance. To address this problem, our basic idea is to generate perturbation only on the sensitive regions, which can effectively mask the website’s fingerprint, thus misleading the WF attack models and reducing the bandwidth overhead. In this paper, we formulate a joint optimization problem of perturbation position and magnitude by confining the perturbations within sensitive regions, which is rarely considered in the literature. We propose a robust low-overhead WF defense method based on reinforcement learning (RL), named RLpatch. RLpatch identifies the common sensitive regions of various surrogate models and adjusts perturbation according to the query result from a query WF model. It further employs the positional frequency of perturbations to generate a common perturbation paradigm for different traces of a same website. Experimental results show that RLpatch achieves higher defense performance, lower bandwidth overhead and better robustness against adversarial training compared to the state-of-the-art methods.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 6","pages":"6066-6082"},"PeriodicalIF":5.4,"publicationDate":"2025-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145665810","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-08-25DOI: 10.1109/TNSM.2025.3602646
Amit Kumar Bhuyan;Hrishikesh Dutta;Subir Biswas
This paper presents a Micro-Unmanned Aerial Vehicle (UAV)-enhanced content management system for disaster scenarios where communication infrastructure is generally compromised. Utilizing a hybrid network of stationary and mobile Micro-UAVs, this system aims to provide crucial content access to isolated communities. In the developed architecture, stationary anchor UAVs, equipped with vertical and lateral links, serve users in individual disaster-affected communities. and mobile micro-ferrying UAVs, with enhanced mobility, extend coverage across multiple such communities. The primary goal is to devise a content dissemination system that dynamically learns caching policies to maximize content accessibility to users left without communication infrastructure. The core contribution is an adaptive content dissemination framework that employs a decentralized Top-k Multi-Armed Bandit learning approach for efficient UAV caching decisions. This approach accounts for geo-temporal variations in content popularity and diverse user demands. Additionally, a Selective Caching Algorithm is proposed to minimize redundant content copies by leveraging inter-UAV information sharing. Through functional verification and performance evaluation, the proposed framework demonstrates improved system performance and adaptability across varying network sizes, micro-UAV swarms, and content popularity distributions.
{"title":"Top-k Multi-Armed Bandit Learning for Content Dissemination in Swarms of Micro-UAVs","authors":"Amit Kumar Bhuyan;Hrishikesh Dutta;Subir Biswas","doi":"10.1109/TNSM.2025.3602646","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3602646","url":null,"abstract":"This paper presents a Micro-Unmanned Aerial Vehicle (UAV)-enhanced content management system for disaster scenarios where communication infrastructure is generally compromised. Utilizing a hybrid network of stationary and mobile Micro-UAVs, this system aims to provide crucial content access to isolated communities. In the developed architecture, stationary anchor UAVs, equipped with vertical and lateral links, serve users in individual disaster-affected communities. and mobile micro-ferrying UAVs, with enhanced mobility, extend coverage across multiple such communities. The primary goal is to devise a content dissemination system that dynamically learns caching policies to maximize content accessibility to users left without communication infrastructure. The core contribution is an adaptive content dissemination framework that employs a decentralized Top-k Multi-Armed Bandit learning approach for efficient UAV caching decisions. This approach accounts for geo-temporal variations in content popularity and diverse user demands. Additionally, a Selective Caching Algorithm is proposed to minimize redundant content copies by leveraging inter-UAV information sharing. Through functional verification and performance evaluation, the proposed framework demonstrates improved system performance and adaptability across varying network sizes, micro-UAV swarms, and content popularity distributions.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 6","pages":"6229-6244"},"PeriodicalIF":5.4,"publicationDate":"2025-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11141493","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145665782","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-08-18DOI: 10.1109/TNSM.2025.3599168
Huigyu Yang;Jeongjun Park;Syed M. Raza;Moonseong Kim;Min Young Chung;Hyunseung Choo
The mobile network traffic patterns in urban areas significantly diverge depending on commercial and residential establishments. These regional traffic patterns provide crucial clues for predicting traffic patterns precisely. Previous studies have employed a combination of time-series and convolutional Deep Learning (DL) models to effectively capture the correlation of the regional features and traffic patterns. Despite promising results, these approaches are limited in identifying pattern similarities among sparsely located regions and can be further improved. To this end, this study proposes a GEospatial clustering and residual Convolutional temporal long Short-term memory (GECOS) framework consisting of clustering and DL components. The proposed Urbanflow Peak Clustering (UPC) component exploits the peak traffic times of daily mobile data to obtain the groups of cells with similar traffic patterns apart from their geographical diversity. The UPC improves the scalability of existing algorithms and enables DL components to improve their accuracy by recognizing unique regional patterns and localizing the training targets. The proposed Residual Convolutional TCN-LSTM (RCTL) serves as the DL component of GECOS that improves TCN-LSTM structure through layer-wise feature transfer and enhances long-term dependency learnability. The RCTL ensures more accurate capturing of extensive spatiotemporal features through structural enhancements. The experiments conducted on real-world mobile traffic data showcase 43% improvement by GECOS compared to state-of-the-art models, enabling precise traffic engineering policies by operators.
{"title":"Urban Mobile Data Prediction With Geospatial Clustering and Dual Residual Learning","authors":"Huigyu Yang;Jeongjun Park;Syed M. Raza;Moonseong Kim;Min Young Chung;Hyunseung Choo","doi":"10.1109/TNSM.2025.3599168","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3599168","url":null,"abstract":"The mobile network traffic patterns in urban areas significantly diverge depending on commercial and residential establishments. These regional traffic patterns provide crucial clues for predicting traffic patterns precisely. Previous studies have employed a combination of time-series and convolutional Deep Learning (DL) models to effectively capture the correlation of the regional features and traffic patterns. Despite promising results, these approaches are limited in identifying pattern similarities among sparsely located regions and can be further improved. To this end, this study proposes a GEospatial clustering and residual Convolutional temporal long Short-term memory (GECOS) framework consisting of clustering and DL components. The proposed Urbanflow Peak Clustering (UPC) component exploits the peak traffic times of daily mobile data to obtain the groups of cells with similar traffic patterns apart from their geographical diversity. The UPC improves the scalability of existing algorithms and enables DL components to improve their accuracy by recognizing unique regional patterns and localizing the training targets. The proposed Residual Convolutional TCN-LSTM (RCTL) serves as the DL component of GECOS that improves TCN-LSTM structure through layer-wise feature transfer and enhances long-term dependency learnability. The RCTL ensures more accurate capturing of extensive spatiotemporal features through structural enhancements. The experiments conducted on real-world mobile traffic data showcase 43% improvement by GECOS compared to state-of-the-art models, enabling precise traffic engineering policies by operators.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 6","pages":"6260-6273"},"PeriodicalIF":5.4,"publicationDate":"2025-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145665789","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-08-18DOI: 10.1109/TNSM.2025.3599393
Mohammad Saleh Mahdizadeh;Behnam Bahrak;Mohammad Sayad Haghighi
The Bitcoin Lightning Network, as a second-layer solution for enhancing the scalability of Bitcoin transactions, facilitates transactions through payment channels between nodes. However, the rapid growth of the network and rising transaction volumes have exacerbated the challenge of managing payment channel imbalances. Payment channel imbalance, characterized by the concentration of liquidity in one direction, leads to a decrease in payment success rates, a reduction in the effective lifespan of payment channels, and a decline in the network’s overall efficiency and throughput. This study introduces a graph neural network-based recommendation strategy designed to enhance the Lightning Network’s autopilot system. The proposed approach proactively mitigates channel imbalances by optimizing channel recommendations, enabling dynamic and scalable liquidity management for network users. Simulations conducted using the CLoTH tool demonstrate a 45% increase in payment success rates, a 46% reduction in imbalanced channels, and a 14% increase in the lifespan of payment channels across the network compared to the existing autopilot recommendation strategies, and when compared with the commonly adopted circular rebalancing method, the proposed strategy achieves a 27% improvement in payment success rates. Additionally, we offer a comparative topological analysis between two snapshots of the LN, taken in November 2021 and August 2023, to facilitate unsupervised learning tasks. The results highlight an increase in network centralization alongside a decrease in the network size, emphasizing the growing need for decentralization strategies in the LN, such as the one proposed in this study.
{"title":"A GNN-Based Autopilot Recommendation Strategy to Mitigate Payment Channel Imbalance Problem in Bitcoin Lightning Network","authors":"Mohammad Saleh Mahdizadeh;Behnam Bahrak;Mohammad Sayad Haghighi","doi":"10.1109/TNSM.2025.3599393","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3599393","url":null,"abstract":"The Bitcoin Lightning Network, as a second-layer solution for enhancing the scalability of Bitcoin transactions, facilitates transactions through payment channels between nodes. However, the rapid growth of the network and rising transaction volumes have exacerbated the challenge of managing payment channel imbalances. Payment channel imbalance, characterized by the concentration of liquidity in one direction, leads to a decrease in payment success rates, a reduction in the effective lifespan of payment channels, and a decline in the network’s overall efficiency and throughput. This study introduces a graph neural network-based recommendation strategy designed to enhance the Lightning Network’s autopilot system. The proposed approach proactively mitigates channel imbalances by optimizing channel recommendations, enabling dynamic and scalable liquidity management for network users. Simulations conducted using the CLoTH tool demonstrate a 45% increase in payment success rates, a 46% reduction in imbalanced channels, and a 14% increase in the lifespan of payment channels across the network compared to the existing autopilot recommendation strategies, and when compared with the commonly adopted circular rebalancing method, the proposed strategy achieves a 27% improvement in payment success rates. Additionally, we offer a comparative topological analysis between two snapshots of the LN, taken in November 2021 and August 2023, to facilitate unsupervised learning tasks. The results highlight an increase in network centralization alongside a decrease in the network size, emphasizing the growing need for decentralization strategies in the LN, such as the one proposed in this study.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"23 ","pages":"1863-1873"},"PeriodicalIF":5.4,"publicationDate":"2025-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145982125","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-08-15DOI: 10.1109/TNSM.2025.3599203
Anna Prado;Fidan Mehmeti;Wolfgang Kellerer
Signal quality fluctuates significantly due to blockages of Line of Sight, shadowing, and user mobility. This renders mobility management in 5G quite challenging. To improve it, 3GPP introduced Conditional Handover (CHO), which reduces handover failures by preparing target Base Stations (BSs) in advance. CHO adapts to the varying channel conditions and constantly prepares/releases cells, which leads to an increased exchange of control messages between the user and BSs. Connecting to the BS with the strongest signal is not always beneficial because the available resources and other users’ channels should be considered for a successful network operation. Hence, the need to carefully decide when to hand over, and when that happens, to select the best target BS. In this paper, we first formulate an optimization problem that minimizes network signaling by reducing the number of unprepared handovers and wasted cell preparations while providing a minimum rate to everyone. As the problem is NP-hard, we relax it and obtain a lower bound. Then, we propose a Cost-Efficient CHO (CECHO) algorithm with performance guarantees. Using 5G datasets, we compare CECHO with two baselines and show that it outperforms them by at least 45% while being near-optimal. However, reducing the signaling decreases the total throughput, which is an important metric for the network operator. Thus, we expand our initial problem into a Multi-Objective (MO) optimization, where we additionally maximize the network sum throughput. Results show that CECHO-MO increases the sum throughput more than $3times $ with only a 4% increase in signaling.
由于视线、阴影和用户移动性的阻塞,信号质量波动很大。这使得5G的移动性管理非常具有挑战性。为了改进这一点,3GPP引入了条件切换(CHO),通过提前准备目标基站(BSs)来减少切换失败。CHO适应不同的信道条件并不断准备/释放cell,这导致用户和BSs之间控制消息的交换增加。连接到具有最强信号的BS并不总是有益的,因为为了成功的网络操作,应该考虑可用资源和其他用户的信道。因此,需要仔细决定何时移交,以及当这种情况发生时,选择最佳目标BS。在本文中,我们首先制定了一个优化问题,通过减少未准备的移交数量和浪费的细胞准备,同时为每个人提供最小的速率,从而最大限度地减少网络信令。由于问题是np困难的,我们将其松弛并得到一个下界。然后,我们提出了一种具有性能保证的Cost-Efficient CHO (CECHO)算法。使用5G数据集,我们将CECHO与两条基线进行比较,结果表明,CECHO在接近最佳的情况下,其性能至少优于它们45%。然而,减少信令会降低总吞吐量,这是网络运营商的一个重要指标。因此,我们将初始问题扩展为多目标(MO)优化,其中我们额外最大化网络和吞吐量。结果表明,ceho - mo使总吞吐量增加了3倍以上,而信令量仅增加了4%。
{"title":"Reducing Mobility-Related Signaling With Network Sum Throughput Maximization in 5G","authors":"Anna Prado;Fidan Mehmeti;Wolfgang Kellerer","doi":"10.1109/TNSM.2025.3599203","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3599203","url":null,"abstract":"Signal quality fluctuates significantly due to blockages of Line of Sight, shadowing, and user mobility. This renders mobility management in 5G quite challenging. To improve it, 3GPP introduced Conditional Handover (CHO), which reduces handover failures by preparing target Base Stations (BSs) in advance. CHO adapts to the varying channel conditions and constantly prepares/releases cells, which leads to an increased exchange of control messages between the user and BSs. Connecting to the BS with the strongest signal is not always beneficial because the available resources and other users’ channels should be considered for a successful network operation. Hence, the need to carefully decide when to hand over, and when that happens, to select the best target BS. In this paper, we first formulate an optimization problem that minimizes network signaling by reducing the number of unprepared handovers and wasted cell preparations while providing a minimum rate to everyone. As the problem is NP-hard, we relax it and obtain a lower bound. Then, we propose a Cost-Efficient CHO (CECHO) algorithm with performance guarantees. Using 5G datasets, we compare CECHO with two baselines and show that it outperforms them by at least 45% while being near-optimal. However, reducing the signaling decreases the total throughput, which is an important metric for the network operator. Thus, we expand our initial problem into a Multi-Objective (MO) optimization, where we additionally maximize the network sum throughput. Results show that CECHO-MO increases the sum throughput more than <inline-formula> <tex-math>$3times $ </tex-math></inline-formula> with only a 4% increase in signaling.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 6","pages":"6048-6065"},"PeriodicalIF":5.4,"publicationDate":"2025-08-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11126168","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145665775","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Accurate and comprehensive data acquisition is critical for modern data-driven environmental applications. Mobile Crowdsensing (MCS) offers an effective approach by leveraging user participation to collect environmental data through task assignment. To minimize costs, MCS platforms often partition the environment into subareas and utilize inference algorithms to extrapolate data for entire subareas based on partial sensing in a limited subset. However, determining the optimal set of users for sensing tasks remains challenging due to constraints such as user availability and the complexity of data inference models. This paper introduces Sensify, a task assignment strategy that optimizes data acquisition by accounting for data correlations and budget constraints. Sensify efficiently selects subareas and recruits cost-effective users for sensing tasks, incorporating user-specific contexts such as location and device power availability during task assignment. To adaptively manage the platform budget, the strategy considers a dynamic set of users with varying costs over time. A deep recurrent reinforcement learning-based network is employed to select optimal subareas for sensing, while user recruitment is dynamically optimized using a reinforcement learning approach. Specifically, a modified Contextual Combinatorial Multi-Armed Bandit (CC-MAB) framework is utilized to handle the volatility and variability in user costs. Experiments conducted on two real-world datasets demonstrate that Sensify can improve data acquisition by up to 7% compared to existing approaches.
{"title":"Sensify: A Learning-Based Budget-Aware Task Assignment in Mobile Crowdsensing","authors":"Shabnam Seradji;Ahmad Khonsari;Vahid Shah-Mansouri;Mahdi Dolati;Masoumeh Moradian","doi":"10.1109/TNSM.2025.3597953","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3597953","url":null,"abstract":"Accurate and comprehensive data acquisition is critical for modern data-driven environmental applications. Mobile Crowdsensing (MCS) offers an effective approach by leveraging user participation to collect environmental data through task assignment. To minimize costs, MCS platforms often partition the environment into subareas and utilize inference algorithms to extrapolate data for entire subareas based on partial sensing in a limited subset. However, determining the optimal set of users for sensing tasks remains challenging due to constraints such as user availability and the complexity of data inference models. This paper introduces Sensify, a task assignment strategy that optimizes data acquisition by accounting for data correlations and budget constraints. Sensify efficiently selects subareas and recruits cost-effective users for sensing tasks, incorporating user-specific contexts such as location and device power availability during task assignment. To adaptively manage the platform budget, the strategy considers a dynamic set of users with varying costs over time. A deep recurrent reinforcement learning-based network is employed to select optimal subareas for sensing, while user recruitment is dynamically optimized using a reinforcement learning approach. Specifically, a modified Contextual Combinatorial Multi-Armed Bandit (CC-MAB) framework is utilized to handle the volatility and variability in user costs. Experiments conducted on two real-world datasets demonstrate that Sensify can improve data acquisition by up to 7% compared to existing approaches.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 6","pages":"6128-6142"},"PeriodicalIF":5.4,"publicationDate":"2025-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145665754","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In mobile crowdsensing, task interruptions can cause failures and reduce system stability. Despite the significance of this issue, few studies have addressed task allocation under interruptions. To bridge this gap, we propose IT-STA, an interruption-based stable task allocation algorithm that reallocates interrupted tasks to improve completion rates and maintain system stability. First, an efficient detection mechanism is designed to promptly identify interrupted tasks, ensuring timely intervention. Second, a distributed reallocation strategy is developed to assign interrupted tasks to suitable participants, leveraging a novel individual migration strategy that enables parallel coordination among nodes, ensuring efficient global matching and avoiding suboptimal solutions. Experimental results demonstrate IT-STA’s superiority over baselines in task allocation stability and performance.
{"title":"Stable Task Allocation in Mobile Crowdsensing: An Interruption-Driven Approach","authors":"Kaimin Wei;Guozi Qi;Lin Cui;Jinpeng Chen;Xiaohui Chen;Ke Xu","doi":"10.1109/TNSM.2025.3598025","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3598025","url":null,"abstract":"In mobile crowdsensing, task interruptions can cause failures and reduce system stability. Despite the significance of this issue, few studies have addressed task allocation under interruptions. To bridge this gap, we propose IT-STA, an interruption-based stable task allocation algorithm that reallocates interrupted tasks to improve completion rates and maintain system stability. First, an efficient detection mechanism is designed to promptly identify interrupted tasks, ensuring timely intervention. Second, a distributed reallocation strategy is developed to assign interrupted tasks to suitable participants, leveraging a novel individual migration strategy that enables parallel coordination among nodes, ensuring efficient global matching and avoiding suboptimal solutions. Experimental results demonstrate IT-STA’s superiority over baselines in task allocation stability and performance.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 6","pages":"6190-6199"},"PeriodicalIF":5.4,"publicationDate":"2025-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145665763","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-08-11DOI: 10.1109/TNSM.2025.3597550
Shiwen Zhang;Wen Zhang;Wei Liang;Wenqiang Jin;Keqin Li
Internet of Things (IoT) networks have penetrated our daily life and industries. However, IoT devices are typically small-sized with constrained storage. Distributed storage systems are emerging as promising solutions to tackle such challenges. InterPlanetary File System (IPFS) is a desired framework enabling IoT devices to upload its data to a distributed cloud while returning a hash-ID for downloading and file-sharing purposes. Nevertheless, IPFS lacks of robust security design and is vulnerable to security threats such as data tampering, and data leakage. In particular, whenever device A’s file hash-ID is shared to an arbitrary device B, device A will fully lose the control over file. In other words, device B could further share it to anyone without device A’s agreements. To conquer the challenge, we propose a comprehensive design for securing the distributed IoT storage systems, named StorSec. Specifically, we design a new heterogeneous framework using an improved attribute encryption algorithm to eliminate the single-point performance bottleneck problem, which not only realizes fine-grained access control and ensures the security of data during transmission, but also improves the performance of key generation. Secondly, we design an anomaly detection algorithm, which is based on hashchain technology and combines the user privacy metadata stored on the blockchain to complete the verification process, effectively protecting the file hash identifier, ensuring access control to the file, and thus providing protection for the security and integrity of data storage. Furthermore, we design an auditing algorithm that helps the system in tracking malicious entities. Ultimately, the security and efficiency of the proposed scheme are evaluated by both security analysis and experimental results.
{"title":"StorSec: A Comprehensive Design for Securing the Distributed IoT Storage Systems","authors":"Shiwen Zhang;Wen Zhang;Wei Liang;Wenqiang Jin;Keqin Li","doi":"10.1109/TNSM.2025.3597550","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3597550","url":null,"abstract":"Internet of Things (IoT) networks have penetrated our daily life and industries. However, IoT devices are typically small-sized with constrained storage. Distributed storage systems are emerging as promising solutions to tackle such challenges. InterPlanetary File System (IPFS) is a desired framework enabling IoT devices to upload its data to a distributed cloud while returning a hash-ID for downloading and file-sharing purposes. Nevertheless, IPFS lacks of robust security design and is vulnerable to security threats such as data tampering, and data leakage. In particular, whenever device A’s file hash-ID is shared to an arbitrary device B, device A will fully lose the control over file. In other words, device B could further share it to anyone without device A’s agreements. To conquer the challenge, we propose a comprehensive design for securing the distributed IoT storage systems, named StorSec. Specifically, we design a new heterogeneous framework using an improved attribute encryption algorithm to eliminate the single-point performance bottleneck problem, which not only realizes fine-grained access control and ensures the security of data during transmission, but also improves the performance of key generation. Secondly, we design an anomaly detection algorithm, which is based on hashchain technology and combines the user privacy metadata stored on the blockchain to complete the verification process, effectively protecting the file hash identifier, ensuring access control to the file, and thus providing protection for the security and integrity of data storage. Furthermore, we design an auditing algorithm that helps the system in tracking malicious entities. Ultimately, the security and efficiency of the proposed scheme are evaluated by both security analysis and experimental results.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 6","pages":"6215-6228"},"PeriodicalIF":5.4,"publicationDate":"2025-08-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145665747","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-08-11DOI: 10.1109/TNSM.2025.3597417
B. D. Deebak;Seong Oun Hwang
Forensic Aware Cyber-Physical System (FA-CPS) is an evolving core of digital forensic systems that discovers the integrity of biometric service platforms. Most forensic agencies use emerging technologies such as IoT, Cloud, etc., to integrate a few core elements (networking, communication, and distributed computing) to achieve sustainable memory forensics. This systematic process brings additional capabilities to the physical systems that capture device memories to discover the evidence of malicious tools. Therefore, this paper deals with the Internet of Things (IoT) to form an effective and economical interaction with evolving technologies, including B5G/6G, edge, and cloud computing, to uncover the context of security implications. Most precisely, to sense, collect, share, and analyze numerical data from information systems, the application domain, like healthcare, utilizes computing methods and communications technologies to collect and analyze physiological data from patients in a haphazard way. Since an insecure network has security issues such as information leakage, secret key loss, and fraudulent authentication in Telehealth and remote monitoring, this work applies elliptic curve cryptography (ECC) and a physical unclonable function (PUF) to construct an AI-driven privacy-preserving key authentication framework (AID-PPKAF). In the proposed AID-PPKAF, the PUF generates key information, and ECC encrypts the parameters generated by the system to establish session key agreement and proper mutual authentication. The security analyses (both formal and informal) prove that AID-PPKAF has greater security efficiency than other state-of-the-art approaches. Lastly, a performance analysis using NS3 and a pragmatic study using SVM demonstrate the significance of identity protection in designing a more reliable authentication model.
{"title":"Privacy-Preserving Authentication With Service Analytics for Forensic-Aware Cyber-Physical Systems","authors":"B. D. Deebak;Seong Oun Hwang","doi":"10.1109/TNSM.2025.3597417","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3597417","url":null,"abstract":"Forensic Aware Cyber-Physical System (FA-CPS) is an evolving core of digital forensic systems that discovers the integrity of biometric service platforms. Most forensic agencies use emerging technologies such as IoT, Cloud, etc., to integrate a few core elements (networking, communication, and distributed computing) to achieve sustainable memory forensics. This systematic process brings additional capabilities to the physical systems that capture device memories to discover the evidence of malicious tools. Therefore, this paper deals with the Internet of Things (IoT) to form an effective and economical interaction with evolving technologies, including B5G/6G, edge, and cloud computing, to uncover the context of security implications. Most precisely, to sense, collect, share, and analyze numerical data from information systems, the application domain, like healthcare, utilizes computing methods and communications technologies to collect and analyze physiological data from patients in a haphazard way. Since an insecure network has security issues such as information leakage, secret key loss, and fraudulent authentication in Telehealth and remote monitoring, this work applies elliptic curve cryptography (ECC) and a physical unclonable function (PUF) to construct an AI-driven privacy-preserving key authentication framework (AID-PPKAF). In the proposed AID-PPKAF, the PUF generates key information, and ECC encrypts the parameters generated by the system to establish session key agreement and proper mutual authentication. The security analyses (both formal and informal) prove that AID-PPKAF has greater security efficiency than other state-of-the-art approaches. Lastly, a performance analysis using NS3 and a pragmatic study using SVM demonstrate the significance of identity protection in designing a more reliable authentication model.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 6","pages":"6001-6020"},"PeriodicalIF":5.4,"publicationDate":"2025-08-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145665746","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: