International Journal of Network Management最新文献

The metaverse is a virtual environment that combines the real and digital worlds through technological and social structures. It heralds a novel paradigm in internet applications and societal engagement by weaving together diverse cutting-edge technologies to facilitate a virtual representation of the tangible world. Within the metaverse, the facets of economy, culture, and other dimensions are fully documentable, trackable, and quantifiable, largely owing to the capabilities of blockchain technology. Nonetheless, the transactional volume within the metaverse is typically substantial, posing challenges for a singular blockchain platform in terms of efficiency and support capacity. Consequently, a multi-blockchain infrastructure becomes essential to underpin the economic fabric of the metaverse. Enabling the collaborative operation of multiple blockchain platforms, specifically achieving the seamless transfer of value across different blockchain ecosystems, has emerged as a critical challenge. To address this challenge, this paper introduces a cross-chain protocol predicated on a multi-role notary system designed to facilitate inter-blockchain value transfers. The protocol specifies the functions of different entities within the notary framework, allocating specific duties to notaries, committees, and a leader. It also promotes mutual oversight among notaries to sustain a dynamic and equitable group structure. Furthermore, an incentive mechanism is proposed to motivate committee members toward prompt and judicious decision-making regarding votes. Based on experiments conducted on the Ethereum platform, our proposed solution exhibits a 75% reduction in transaction time compared to Ethereum's transaction confirmation time.

In the digital age, the expansion of cyberspace has resulted in increasing complexity, making clear cyberspace visualization crucial for effective analysis and decision-making. Current cyberspace visualizations are overly complex and fail to accurately reflect node importance. To address the challenge of complex cyberspace visualization, this study introduces the integrated centrality metric (ICM) for constructing a metaphorical map that accurately reflects node importance. The ICM, a novel node centrality measure, demonstrates superior accuracy in identifying key nodes compared to degree centrality (DC), k-shell centrality (KC), and PageRank values. Through community partitioning and point-cluster feature generalization, we extract a network's hierarchical structure to intuitively represent its community and backbone topology, and we construct a metaphorical map that offers a clear visualization of cyberspace. Experiments were conducted on four original networks and their extracted backbone networks to identify core nodes. The Jaccard coefficient was calculated considering the results of the three aforementioned centrality measures, ICM, and the SIR model. The results indicate that ICM achieved the best performance in both the original networks and all extracted backbone networks. This demonstrates that ICM can more precisely evaluate node importance, thereby facilitating the construction of metaphorical maps. Moreover, the proposed metaphorical map is more convenient than traditional topological maps for quickly comprehending the complex characteristics of networks.

As the internet of vehicles (IoV) technology develops, it promotes the intelligent interaction among vehicles, roadside units, and the environment. Nevertheless, it also brings vehicle information security challenges. In recent years, vehicle data sharing is suffering to algorithm substitution attacks (ASA), which means backdoor adversaries can carry out filtering attacks through data sharing. Therefore, this paper designs a blockchain-based proxy re-encryption (PRE) scheme with cryptographic reverse firewall (BIBPR-CRF) for IoV. In our proposal, CRF can promise the internal safety of vehicle units. More specifically, it can prevent ASA attacks while ensuring chosen plaintext attack (CPA)-security. Meanwhile, the PRE algorithm can provide the confidential sharing and secure operation of data. Moreover, we use a consortium blockchain service center (CBSC) to store the first ciphertext and re-encrypt it with smart contracts on the blockchain, which can avoid single point of failure and achieve higher efficiency compared to proxy servers. Finally, we evaluate the performance of BIBPR-CRF with regard to communication cost, computational cost, and energy consumption. Our proposal is the most fitting for IoV application, in contrast with the other three schemes.

Updatable signature (US) resists key compromise attacks and is integral in numerous fields that require authentication. However, previous US schemes granted excessive power to update token, which cannot achieve no-directional key update. In this paper, we improve Cini et al.'s US scheme by weakening update token. The improvement lies in changing the mode of generating an update token, from the signer alone to the signer and the server cooperatively. Specifically, they first negotiate a secret value, which is then used by the signer to generate an update token. This mode ensures that only the entity who owns the secret value can use the update token to update a signature. Furthermore, we employ indistinguishability obfuscation to minimize information leakage through update token. These advancements make the improved updatable signature scheme achieve no-directional key update and unidirectional signature update. Finally, we present an enhanced security model, where an adversary is permitted to freely corrupt update tokens and signing keys, except the signing key at challenge epoch, and then prove the improved scheme to be unforgeable based on CDH hardness.

The development of multiple attack methods by external attackers in recent years poses a huge challenge to the security and efficient operation of software-defined networks (SDN), which are the core of operational controllers and data storage. Therefore, it is critical to ensure that the normal process of network interaction between SDN servers and users is protected from external attacks. In this paper, we propose a risk-aware SDN defense framework based on safe reinforcement learning (SRL) to counter multiple attack actions. Specifically, the defender uses SRL to maximize the utility by choosing to provide a honeypot service or pseudo-honeypot service within predefined security constraints, while the external attacker maximizes the utility by choosing an anti-honeypot attack or masquerade attack. To describe the system risk in detail, we introduce the risk level function to model the simultaneous dynamic attack and defense processes. Simulation results demonstrate that our proposed risk-aware scheme improves the defense utility by 17.5% and 142.4% and reduces the system risk by 42.7% and 59.6% compared to the QLearning scheme and the Random scheme, respectively.

Blockchain is an innovative technology for storing data in decentralized, distributed, and secure chain blocks. Consortium blockchains are commonly used in transactions where transactions between organizations are also achieved by the blockchain. In the classic consortium blockchain system, entire nodes are added to each other in the process of transaction consensus. This leads to lower confidentiality in protecting transaction data within the organizations in the consortium. The throughput of the existing consortium blockchain system is still low. To solve the above problems, the paper proposes a two-tier consortium blockchain with transaction privacy based on sharding technology. First, a trust value assessment is carried out to select the nodes of the blockchain. The duo-head observation strategy uses these trust values to identify the nonmalicious node. Finally, the consensus separation approach based on the guarantee mechanism strategy with the shard nodes is presented. This approach is used to select reliable nodes for the blocks to be stored. The proposed consortium blockchain approach evaluation is done in terms of latency, throughput, and transactions per second metrics. As a result of the evaluations, the proposed model with 32 shards possesses 143,891 $��\mathrm{tx}�/�s�$ of throughput and 1.11 s of latency. Moreover, by the proposed two-tier consortium model, time consumption is also decreased when uploading data. For a data set of 50,000, the suggested model has a time consumption of 96 s. The proposed research results in higher throughput and less latency in transactions. Also, the research enhances the scalability and reliability by overcoming the poor node issues.

Advancement and flourishment in mobile edge computing (MEC) have motivated the farmers to deploy an efficient ecosystem in their farms. For further real-time monitoring and surveillance of the environment along with the deployment of intelligent farming, digital twin is considered as one of the emerging and most promising technologies. For proper optimization and utilization of physical systems, the physical components of the ecosystems are connected with the digital space. Further, the smart technologies and devices have convinced to address the expected level of requirements for accessing the rapid growth in farming associated with digital twins. However, with a large number of smart devices, huge amount of generated information from heterogeneous devices may increase the privacy and security concern by challenging the interrupting operations and management of services in smart farming. In addition, the growing risks associated with MEC by modifying the sensor readings and quality of service further affect the overall growth of intelligent farming. In order to resolve these challenges, this paper has proposed a secure surveillance architecture to detect deviations by incorporating digital twins in the ecosystem. Further, for real-time monitoring and preprocessing of information, we have integrated a four-dimensional trust mechanism along with blockchain. The four-dimensional trusted method recognizes the behavior of each communicating device during the transmission of information in the network. Further, blockchain strengthens the surveillance process of each device behavior by continuously monitoring their activities. The proposed mechanism is tested and verified against various abnormalities received from sensors by simulating false use cases in the ecosystem and compared against various security metrics over existing approaches. Furthermore, the proposed mechanism is validated against several security threats such as control command threat, coordinated cyber threats, accuracy, and decision-making and prediction of records over existing methods.

Deep neural network (DNN) and machine learning (ML) models/ inferences produce highly accurate results demanding enormous computational resources. The limited capacity of end-user smart gadgets drives companies to exploit computational resources in an edge-to-cloud continuum and host applications at user-facing locations with users requiring fast responses. Kubernetes hosted inferences with poor resource request estimation results in service level agreement (SLA) violation in terms of latency and below par performance with higher end-to-end (E2E) delays. Lifetime static resource provisioning either hurts user experience for under-resource provisioning or incurs cost with over-provisioning. Dynamic scaling offers to remedy delay by upscaling leading to additional cost whereas a simple migration to another location offering latency in SLA bounds can reduce delay and minimize cost. To address this cost and delay challenges for ML inferences in the inherent heterogeneous, resource-constrained, and distributed edge environment, we propose ProKube, which is a proactive container scaling and migration orchestrator to dynamically adjust the resources and container locations with a fair balance between cost and delay. ProKube is developed in conjunction with Google Kubernetes Engine (GKE) enabling cross-cluster migration and/ or dynamic scaling. It further supports the regular addition of freshly collected logs into scheduling decisions to handle unpredictable network behavior. Experiments conducted in heterogeneous edge settings show the efficacy of ProKube to its counterparts cost greedy (CG), latency greedy (LG), and GeKube (GK). ProKube offers 68%, 7%, and 64% SLA violation reduction to CG, LG, and GK, respectively, and it improves cost by 4.77 cores to LG and offers more cost of 3.94 to CG and GK.