Internet of Things最新文献_第2页

Correct by design, complete by iteration: A graph-based framework for automated security assessment 设计正确，迭代完成：用于自动安全评估的基于图的框架

IF 7.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Internet of Things

Pub Date : 2026-03-01 Epub Date: 2025-12-14 DOI: 10.1016/j.iot.2025.101851

Felice Moretta , Umberto Barbato , Massimiliano Rak , Daniele Granata

Modern IT infrastructures, especially IoT and cyber-physical systems, require systematic and repeatable security assessment methods. A persistent challenge concerns the correctness and completeness of the system model underlying such analyses, which directly affect the quality of threat modeling and penetration test planning. Existing model-based approaches support these activities, but rarely ensure that the adopted model is both structurally valid and representative of the real system. This paper addresses this gap by introducing a formal modeling framework and extending a security assessment methodology (ESSecA) with a cyclical refinement process. At its core lies the Multi-purpose Application Composition Model (MACM), a property-graph formalism equipped with a schema and a set of syntactic and semantic constraints that define the space of admissible models. These constraints are automatically verified through formal checks (e.g., Cypher queries and Neo4j triggers), enabling automated verification of model correctness throughout the assessment lifecycle. As a result, any model accepted by the framework is guaranteed to comply with the rules of the modeling system. The cyclical refinement process complements this by addressing model completeness. Penetration testing results are iteratively reintegrated into the model, enriching it with newly discovered elements and interactions. This produces progressively more accurate system representations, which in turn yield more comprehensive threat models and increasingly precise penetration test plans, effectively mitigating grey-box limitations. The contribution is demonstrated through two case studies: the eWeLink IoT ecosystem, illustrating MACM’s modeling and validation capabilities, and the JetRacer autonomous vehicle platform, showcasing the full iterative methodology. Overall, the proposed approach combines a formal modeling system with a cyclic refinement process that exploits such formal guarantees to progressively enhance model completeness, ultimately strengthening threat modeling and penetration test planning.

现代IT基础设施，特别是物联网和网络物理系统，需要系统和可重复的安全评估方法。一个持续的挑战涉及到这种分析的系统模型的正确性和完整性，这直接影响到威胁建模和渗透测试计划的质量。现有的基于模型的方法支持这些活动，但是很少能确保所采用的模型在结构上是有效的，并且代表了真实的系统。本文通过引入正式的建模框架和扩展安全评估方法（eseca）来解决这一差距。其核心是多用途应用程序组合模型（MACM），这是一种带有模式和一组定义可接受模型空间的语法和语义约束的属性图形式。这些约束通过正式检查（例如，Cypher查询和Neo4j触发器）自动验证，从而在整个评估生命周期中实现模型正确性的自动验证。因此，框架所接受的任何模型都保证符合建模系统的规则。循环细化过程通过解决模型的完整性来补充这一点。渗透测试的结果被迭代地重新集成到模型中，用新发现的元素和交互来丰富模型。这产生了越来越精确的系统表示，进而产生了更全面的威胁模型和越来越精确的渗透测试计划，有效地减轻了灰盒限制。通过两个案例研究展示了MACM的贡献：eWeLink物联网生态系统，展示了MACM的建模和验证能力，以及JetRacer自动驾驶汽车平台，展示了完整的迭代方法。总的来说，提出的方法结合了一个正式的建模系统和一个循环的细化过程，利用这种正式的保证来逐步增强模型的完整性，最终加强威胁建模和渗透测试计划。

{"title":"Correct by design, complete by iteration: A graph-based framework for automated security assessment","authors":"Felice Moretta , Umberto Barbato , Massimiliano Rak , Daniele Granata","doi":"10.1016/j.iot.2025.101851","DOIUrl":"10.1016/j.iot.2025.101851","url":null,"abstract":"<div><div>Modern IT infrastructures, especially IoT and cyber-physical systems, require systematic and repeatable security assessment methods. A persistent challenge concerns the correctness and completeness of the system model underlying such analyses, which directly affect the quality of threat modeling and penetration test planning. Existing model-based approaches support these activities, but rarely ensure that the adopted model is both structurally valid and representative of the real system. This paper addresses this gap by introducing a formal modeling framework and extending a security assessment methodology (ESSecA) with a cyclical refinement process. At its core lies the Multi-purpose Application Composition Model (MACM), a property-graph formalism equipped with a schema and a set of syntactic and semantic constraints that define the space of admissible models. These constraints are automatically verified through formal checks (e.g., Cypher queries and Neo4j triggers), enabling automated verification of model correctness throughout the assessment lifecycle. As a result, any model accepted by the framework is guaranteed to comply with the rules of the modeling system. The cyclical refinement process complements this by addressing model completeness. Penetration testing results are iteratively reintegrated into the model, enriching it with newly discovered elements and interactions. This produces progressively more accurate system representations, which in turn yield more comprehensive threat models and increasingly precise penetration test plans, effectively mitigating grey-box limitations. The contribution is demonstrated through two case studies: the eWeLink IoT ecosystem, illustrating MACM’s modeling and validation capabilities, and the JetRacer autonomous vehicle platform, showcasing the full iterative methodology. Overall, the proposed approach combines a formal modeling system with a cyclic refinement process that exploits such formal guarantees to progressively enhance model completeness, ultimately strengthening threat modeling and penetration test planning.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"36 ","pages":"Article 101851"},"PeriodicalIF":7.6,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145841107","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Real-time scalable UAV condition monitoring framework with hardware-level acceleration for IoT applications 具有物联网应用硬件级加速的实时可扩展无人机状态监测框架

IF 7.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Internet of Things

Pub Date : 2026-03-01 Epub Date: 2025-12-30 DOI: 10.1016/j.iot.2025.101865

Antonios Ntib , Dimitrios Michael Manias , Abdallah Shami

Unmanned Aerial Vehicles (UAVs) are a critical component of emerging Smart Cities, supporting applications such as emergency response, transportation, environmental monitoring, and infrastructure inspection. Ensuring their reliability requires condition monitoring frameworks capable of real-time defect detection despite the UAVs’ resource-constrained nature. This work presents a real-time, scalable UAV condition monitoring framework that efficiently distributes computation between core servers and edge nodes. The novelty of this work lies in two main contributions: (i) the design and realization of a deployable framework tailored for real-time UAV monitoring with offloading capabilities to both edge and core resources, and (ii) the integration of hardware-level acceleration strategies, including OpenMP-based parallelization and AVX2 SIMD vectorization, to substantially enhance computational efficiency, scalability, and real-time feasibility. Together, these contributions position the framework as a practical solution ready for large-scale UAV swarm deployments. The overall improvements include significant reductions in processing time and enhanced resource utilization while maintaining predictive performance. A comparative evaluation across three frameworks, a baseline state-of-the-art Python framework, an intermediate C++/Cython translation, and the proposed fully optimized OpenMP/AVX2-based framework, demonstrates the framework’s readiness for integration into critical UAV-enabled IoT systems.

无人驾驶飞行器（uav）是新兴智慧城市的关键组成部分，支持应急响应，运输，环境监测和基础设施检查等应用。尽管无人机的资源有限，但确保其可靠性需要能够实时检测缺陷的状态监测框架。这项工作提出了一个实时、可扩展的无人机状态监测框架，该框架有效地在核心服务器和边缘节点之间分配计算。这项工作的新颖之处在于两个主要贡献：(i)设计和实现了为无人机实时监控定制的可部署框架，具有边缘和核心资源的卸载能力；（ii）集成了硬件级加速策略，包括基于openmp的并行化和AVX2 SIMD矢量化，以大幅提高计算效率、可扩展性和实时可行性。总之，这些贡献将该框架定位为大规模无人机群部署的实用解决方案。总体改进包括显著减少处理时间和提高资源利用率，同时保持预测性能。对三个框架的比较评估，一个最先进的基准Python框架，一个中间的c++ /Cython翻译，以及提议的完全优化的基于OpenMP/ avx2的框架，证明了该框架准备好集成到关键的无人机支持的物联网系统中。

{"title":"Real-time scalable UAV condition monitoring framework with hardware-level acceleration for IoT applications","authors":"Antonios Ntib , Dimitrios Michael Manias , Abdallah Shami","doi":"10.1016/j.iot.2025.101865","DOIUrl":"10.1016/j.iot.2025.101865","url":null,"abstract":"<div><div>Unmanned Aerial Vehicles (UAVs) are a critical component of emerging Smart Cities, supporting applications such as emergency response, transportation, environmental monitoring, and infrastructure inspection. Ensuring their reliability requires condition monitoring frameworks capable of real-time defect detection despite the UAVs’ resource-constrained nature. This work presents a real-time, scalable UAV condition monitoring framework that efficiently distributes computation between core servers and edge nodes. The novelty of this work lies in two main contributions: (i) the design and realization of a deployable framework tailored for real-time UAV monitoring with offloading capabilities to both edge and core resources, and (ii) the integration of hardware-level acceleration strategies, including OpenMP-based parallelization and AVX2 SIMD vectorization, to substantially enhance computational efficiency, scalability, and real-time feasibility. Together, these contributions position the framework as a practical solution ready for large-scale UAV swarm deployments. The overall improvements include significant reductions in processing time and enhanced resource utilization while maintaining predictive performance. A comparative evaluation across three frameworks, a baseline state-of-the-art Python framework, an intermediate C++/Cython translation, and the proposed fully optimized OpenMP/AVX2-based framework, demonstrates the framework’s readiness for integration into critical UAV-enabled IoT systems.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"36 ","pages":"Article 101865"},"PeriodicalIF":7.6,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145885162","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

HiFEL-OCKT: Hierarchical federated edge learning with objective congruence and multi-level knowledge transfer for IoT ecosystems HiFEL-OCKT：物联网生态系统中具有客观同余和多层次知识转移的分层联邦边缘学习

IF 7.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Internet of Things

Pub Date : 2026-03-01 Epub Date: 2026-01-03 DOI: 10.1016/j.iot.2025.101868

Ahmed-Rafik Baahmed, Jean-François Dollinger, Mohamed El Amine Brahmia, Mourad Zghal

The explosive growth of Internet of Things (IoT) data and the demand for real-time decisions necessitate edge intelligence to overcome the latency and bandwidth limitations of cloud-only processing. Real-world IoT ecosystems are characterized by their high heterogeneity, which results from a wide variety of devices, sensors, environments, data, tasks, and resources, posing significant communication and computation efficiency challenges, scalability issues, and privacy concerns for edge intelligence. We propose HiFEL-OCKT, a novel hierarchical federated edge learning methodology for addressing the realistic high heterogeneity of IoT ecosystems, while enabling efficient edge intelligence. The key novelty of our proposed HiFEL-OCKT methodology is the efficient and scalable deployment of temporal intelligence at the edge by exploiting the valuable knowledge flowing at this level, which we define with the learning objective evolution, to ensure robust edge personalization through objective congruent collaboration and multi-level knowledge transfer between IoT devices. Through extensive experiments on multiple IoT domains, including smart buildings and industrial IoT with heterogeneous real-world datasets, our HiFEL-OCKT approach uncovered the novel ability in collaborating various highly heterogeneous IoT devices from different ecosystem settings. Our approach demonstrates superior performance and efficiency compared to the state-of-the-art approaches, with an improvement rate as high as 87.57 % in the edge knowledge personalization, while achieving significant speedups as high as 4.38 ×  in local training.

物联网（IoT）数据的爆炸式增长和对实时决策的需求需要边缘智能来克服仅云处理的延迟和带宽限制。现实世界的物联网生态系统具有高度异质性的特点，这是由各种各样的设备、传感器、环境、数据、任务和资源造成的，对边缘智能提出了重大的通信和计算效率挑战、可扩展性问题和隐私问题。我们提出了HiFEL-OCKT，这是一种新的分层联邦边缘学习方法，用于解决物联网生态系统的现实高异质性，同时实现高效的边缘智能。我们提出的HiFEL-OCKT方法的关键新颖之处在于，通过利用这一层次上有价值的知识流动，在边缘有效和可扩展地部署时间智能，我们用学习目标进化来定义这一层次，通过客观一致的协作和物联网设备之间的多层次知识转移来确保强大的边缘个性化。通过对多个物联网领域的广泛实验，包括智能建筑和工业物联网与异构现实世界数据集，我们的HiFEL-OCKT方法揭示了协作来自不同生态系统设置的各种高度异构物联网设备的新能力。与最先进的方法相比，我们的方法表现出卓越的性能和效率，在边缘知识个性化方面的改进率高达87.57%，同时在局部训练方面实现了高达4.38 × 的显著加速。

{"title":"HiFEL-OCKT: Hierarchical federated edge learning with objective congruence and multi-level knowledge transfer for IoT ecosystems","authors":"Ahmed-Rafik Baahmed, Jean-François Dollinger, Mohamed El Amine Brahmia, Mourad Zghal","doi":"10.1016/j.iot.2025.101868","DOIUrl":"10.1016/j.iot.2025.101868","url":null,"abstract":"<div><div>The explosive growth of Internet of Things (IoT) data and the demand for real-time decisions necessitate edge intelligence to overcome the latency and bandwidth limitations of cloud-only processing. Real-world IoT ecosystems are characterized by their high heterogeneity, which results from a wide variety of devices, sensors, environments, data, tasks, and resources, posing significant communication and computation efficiency challenges, scalability issues, and privacy concerns for edge intelligence. We propose HiFEL-OCKT, a novel hierarchical federated edge learning methodology for addressing the realistic high heterogeneity of IoT ecosystems, while enabling efficient edge intelligence. The key novelty of our proposed HiFEL-OCKT methodology is the efficient and scalable deployment of temporal intelligence at the edge by exploiting the valuable knowledge flowing at this level, which we define with the learning objective evolution, to ensure robust edge personalization through objective congruent collaboration and multi-level knowledge transfer between IoT devices. Through extensive experiments on multiple IoT domains, including smart buildings and industrial IoT with heterogeneous real-world datasets, our HiFEL-OCKT approach uncovered the novel ability in collaborating various highly heterogeneous IoT devices from different ecosystem settings. Our approach demonstrates superior performance and efficiency compared to the state-of-the-art approaches, with an improvement rate as high as 87.57 % in the edge knowledge personalization, while achieving significant speedups as high as 4.38 ×  in local training.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"36 ","pages":"Article 101868"},"PeriodicalIF":7.6,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145926730","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Geometry-aware and approximation-free Dijkstra optimization for discrete and continuous pareto fronts for task offloading in edge computing 边缘计算中离散和连续pareto前沿任务卸载的几何感知和无逼近Dijkstra优化

IF 7.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Internet of Things

Pub Date : 2026-03-01 Epub Date: 2026-02-05 DOI: 10.1016/j.iot.2026.101888

Hesam Nejati SharifAldin, Farnoush NayebiPour

Energy–performance optimization has become a central challenge in edge computing, where heterogeneous devices must decide whether to execute tasks locally or offload them to nearby servers. This bi-objective trade-off between execution time and energy consumption is difficult to resolve accurately: existing methods based on mixed-integer programming, evolutionary heuristics, or deep reinforcement learning often yield approximate Pareto fronts, require extensive tuning, and fail to scale under real-time constraints.

this paper propose a geometry-aware optimization algorithm that computes exact discrete and continuous Pareto fronts without any approximation or stochastic exploration. The method reformulates task-offloading decisions in a piecewise-linear execution–energy space and extends Dijkstra’s algorithm to propagate only non-dominated cost vectors according to Pareto dominance. This extension transforms the classical shortest-path search into a dual-objective process with provable guarantees of correctness and completeness. Theoretical analysis shows a bounded complexity of

O (| E | \cdot | P |^{2})

, ensuring scalability even in dense edge networks.

Comprehensive experiments validate both accuracy and efficiency. Decision time grows near-linearly with problem size, while the average number of non-dominated vectors per node increases sub-linearly, confirming manageable computational growth. The constructed Pareto fronts remain stable under  ± 10% perturbations of input cost models and maintain consistent quality across increasing workloads, achieving the highest hypervolume (0.92) and lowest IGD (0.06) among all baselines. These results establish the proposed extended-Dijkstra formulation as a deterministic, interpretable, and scalable foundation for multi-objective task offloading in energy-constrained edge environments.

能源性能优化已成为边缘计算的核心挑战，异构设备必须决定是在本地执行任务还是将其卸载到附近的服务器上。这种执行时间和能量消耗之间的双目标权衡很难准确解决：基于混合整数规划、进化启发式或深度强化学习的现有方法通常产生近似帕累托前沿，需要大量调整，并且无法在实时约束下扩展。本文提出了一种几何感知优化算法，该算法计算精确的离散和连续帕累托前沿，而不需要任何近似或随机探索。该方法在分段线性执行能量空间中重新制定任务卸载决策，并扩展了Dijkstra算法，使其根据Pareto优势只传播非支配成本向量。此扩展将经典的最短路径搜索转换为具有可证明的正确性和完整性保证的双目标过程。理论分析表明，有界复杂度为0 (|E|·|P|2)，即使在密集边缘网络中也能确保可扩展性。综合实验验证了该方法的准确性和有效性。决策时间随着问题规模的增长呈近似线性增长，而每个节点的非主导向量的平均数量呈次线性增长，从而证实了可管理的计算增长。构建的Pareto前沿在 ± 10%的输入成本模型扰动下保持稳定，并在不断增加的工作负载中保持一致的质量，在所有基线中实现最高的hypervolume（0.92）和最低的IGD（0.06）。这些结果建立了提出的扩展dijkstra公式，作为能量受限边缘环境中多目标任务卸载的确定性，可解释和可扩展的基础。

{"title":"Geometry-aware and approximation-free Dijkstra optimization for discrete and continuous pareto fronts for task offloading in edge computing","authors":"Hesam Nejati SharifAldin, Farnoush NayebiPour","doi":"10.1016/j.iot.2026.101888","DOIUrl":"10.1016/j.iot.2026.101888","url":null,"abstract":"<div><div>Energy–performance optimization has become a central challenge in edge computing, where heterogeneous devices must decide whether to execute tasks locally or offload them to nearby servers. This bi-objective trade-off between execution time and energy consumption is difficult to resolve accurately: existing methods based on mixed-integer programming, evolutionary heuristics, or deep reinforcement learning often yield approximate Pareto fronts, require extensive tuning, and fail to scale under real-time constraints.</div><div>this paper propose a <em>geometry-aware optimization algorithm</em> that computes exact discrete and continuous Pareto fronts without any approximation or stochastic exploration. The method reformulates task-offloading decisions in a piecewise-linear execution–energy space and extends <em>Dijkstra’s</em> algorithm to propagate only non-dominated cost vectors according to Pareto dominance. This extension transforms the classical shortest-path search into a dual-objective process with provable guarantees of correctness and completeness. Theoretical analysis shows a bounded complexity of <span><math><mrow><mi>O</mi><mo>(</mo><mo>|</mo><mi>E</mi><mo>|</mo><mspace></mspace><mo>·</mo><mspace></mspace><mo>|</mo><mi>P</mi><msup><mo>|</mo><mn>2</mn></msup><mo>)</mo></mrow></math></span>, ensuring scalability even in dense edge networks.</div><div>Comprehensive experiments validate both accuracy and efficiency. Decision time grows near-linearly with problem size, while the average number of non-dominated vectors per node increases sub-linearly, confirming manageable computational growth. The constructed Pareto fronts remain stable under  ± 10% perturbations of input cost models and maintain consistent quality across increasing workloads, achieving the highest hypervolume (0.92) and lowest IGD (0.06) among all baselines. These results establish the proposed <em>extended-Dijkstra formulation</em> as a deterministic, interpretable, and scalable foundation for multi-objective task offloading in energy-constrained edge environments.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"36 ","pages":"Article 101888"},"PeriodicalIF":7.6,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146173156","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Reformed multi-source sharing (RMSS) for efficient resource distribution across edge servers 改进了多源共享（RMSS），以实现跨边缘服务器的有效资源分配

IF 7.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Internet of Things

Pub Date : 2026-03-01 Epub Date: 2025-12-08 DOI: 10.1016/j.iot.2025.101848

Kannan Srinivasan , Guman Singh Chauhan , Rahul Jadon , Rajababu Budda , Venkata Surya Teja Gollapalli , Joseph Bamidele Awotunde

Mobile Edge Computing plays a critical role in enabling real-time services across heterogeneous applications by distributing computational resources across multiple servers. However, managing service efficacy in multi-resource environments remains a challenge, particularly concerning scalability and service deficiencies. This study aims to introduce a novel method, Reformed Multi-Source Sharing (RMSS), to enhance resource distribution and improve service efficiency in MEC environments. The propose RMSS, which periodically updates resource allocations based on service density and source sharing to optimize the sharing rate. The method employs federated learning to validate previous resource allocations, ensuring optimal service distribution and minimizing deficiencies. The system was evaluated using multi-server environments and edge devices. The proposed RMSS method effectively mitigates resource allocation deficiencies, leading to significant improvements in service response times and user support. RMSS demonstrated up to 9.77 % higher service response rates, 13.88 % lower latency, and reduced service deficiency by 11.89 %, compared to existing approaches. RMSS improves scalability and resource distribution in MEC, edge devices in dense user environments. Future research will focus on incorporating virtualization-based edge slicing to further reduce latency and optimize resource distribution in increasingly complex edge networks.

移动边缘计算通过在多个服务器上分配计算资源，在跨异构应用程序实现实时服务方面发挥着关键作用。然而，在多资源环境中管理服务效率仍然是一个挑战，特别是在可伸缩性和服务缺陷方面。本研究旨在引入一种新的方法，即改进型多源共享（RMSS），以加强MEC环境下的资源分配，提高服务效率。提出了基于服务密度和资源共享的RMSS，定期更新资源分配，优化资源共享率。该方法采用联邦学习来验证以前的资源分配，确保最优的服务分配和最小化缺陷。该系统使用多服务器环境和边缘设备进行了评估。提出的RMSS方法有效地缓解了资源分配不足的问题，显著改善了服务响应时间和用户支持。与现有方法相比，RMSS的服务响应率提高了9.77%，延迟降低了13.88%，服务不足减少了11.89%。RMSS提高了MEC和密集用户环境中的边缘设备的可伸缩性和资源分配。未来的研究将集中于结合基于虚拟化的边缘切片，以进一步减少延迟并优化日益复杂的边缘网络中的资源分配。

{"title":"Reformed multi-source sharing (RMSS) for efficient resource distribution across edge servers","authors":"Kannan Srinivasan , Guman Singh Chauhan , Rahul Jadon , Rajababu Budda , Venkata Surya Teja Gollapalli , Joseph Bamidele Awotunde","doi":"10.1016/j.iot.2025.101848","DOIUrl":"10.1016/j.iot.2025.101848","url":null,"abstract":"<div><div>Mobile Edge Computing plays a critical role in enabling real-time services across heterogeneous applications by distributing computational resources across multiple servers. However, managing service efficacy in multi-resource environments remains a challenge, particularly concerning scalability and service deficiencies. This study aims to introduce a novel method, Reformed Multi-Source Sharing (RMSS), to enhance resource distribution and improve service efficiency in MEC environments. The propose RMSS, which periodically updates resource allocations based on service density and source sharing to optimize the sharing rate. The method employs federated learning to validate previous resource allocations, ensuring optimal service distribution and minimizing deficiencies. The system was evaluated using multi-server environments and edge devices. The proposed RMSS method effectively mitigates resource allocation deficiencies, leading to significant improvements in service response times and user support. RMSS demonstrated up to 9.77 % higher service response rates, 13.88 % lower latency, and reduced service deficiency by 11.89 %, compared to existing approaches. RMSS improves scalability and resource distribution in MEC, edge devices in dense user environments. Future research will focus on incorporating virtualization-based edge slicing to further reduce latency and optimize resource distribution in increasingly complex edge networks.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"36 ","pages":"Article 101848"},"PeriodicalIF":7.6,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145738839","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A domain-specific language and architecture for detecting process activities from sensor streams in IoT 一种领域特定的语言和架构，用于检测物联网中传感器流中的流程活动

IF 7.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Internet of Things

Pub Date : 2026-03-01 Epub Date: 2026-01-07 DOI: 10.1016/j.iot.2025.101870

Ronny Seiger, Daniel Locher, Marco Kaufmann, Aaron F. Kurz

Modern Internet of Things (IoT) systems are equipped with a large quantity of sensors providing real-time data about the current operations of their components, which is crucial for the systems’ internal control systems and processes. However, these data are often too fine-grained to derive useful insights into the execution of the larger processes an IoT system might be part of. Process mining has developed advanced approaches for the analysis of business processes that may also be used in the context of IoT. Bringing process mining to IoT requires an event abstraction step to lift the low-level sensor data to the business process level. In this work, we aim to enable domain experts to perform this step using a newly developed domain-specific language (DSL) called Radiant. Radiant supports the specification of patterns within the sensor data that indicate the execution of higher level process activities. These patterns are translated to complex event processing (CEP) applications to be used for detecting activity executions at runtime. We propose a corresponding software architecture that enables online event abstraction from IoT sensor streams using the CEP applications. We evaluate these applications to monitor activity executions in smart manufacturing and smart healthcare. These evaluations are useful to inform the domain expert about the quality of activity detections based on the specified patterns and potential for improvement via additional or modified patterns and sensors.

现代物联网（IoT）系统配备了大量传感器，提供有关其组件当前运行的实时数据，这对系统的内部控制系统和流程至关重要。然而，这些数据通常过于细粒度，无法获得对物联网系统可能参与的更大流程执行的有用见解。流程挖掘为分析业务流程开发了先进的方法，这些方法也可以用于物联网。将流程挖掘引入物联网需要一个事件抽象步骤，将低级传感器数据提升到业务流程级别。在这项工作中，我们的目标是使领域专家能够使用一种名为Radiant的新开发的领域特定语言（DSL）来执行这一步骤。Radiant支持传感器数据中的模式规范，这些模式指示高级流程活动的执行。这些模式被转换为复杂事件处理（CEP）应用程序，用于在运行时检测活动执行。我们提出了一个相应的软件架构，可以使用CEP应用程序从物联网传感器流中进行在线事件抽象。我们评估这些应用程序，以监控智能制造和智能医疗保健中的活动执行情况。这些评估有助于告知领域专家关于基于指定模式的活动检测的质量，以及通过附加或修改的模式和传感器进行改进的潜力。

{"title":"A domain-specific language and architecture for detecting process activities from sensor streams in IoT","authors":"Ronny Seiger, Daniel Locher, Marco Kaufmann, Aaron F. Kurz","doi":"10.1016/j.iot.2025.101870","DOIUrl":"10.1016/j.iot.2025.101870","url":null,"abstract":"<div><div>Modern Internet of Things (IoT) systems are equipped with a large quantity of sensors providing real-time data about the current operations of their components, which is crucial for the systems’ internal control systems and processes. However, these data are often too fine-grained to derive useful insights into the execution of the larger processes an IoT system might be part of. Process mining has developed advanced approaches for the analysis of business processes that may also be used in the context of IoT. Bringing process mining to IoT requires an event abstraction step to lift the low-level sensor data to the business process level. In this work, we aim to enable domain experts to perform this step using a newly developed domain-specific language (DSL) called Radiant. Radiant supports the specification of patterns within the sensor data that indicate the execution of higher level process activities. These patterns are translated to complex event processing (CEP) applications to be used for detecting activity executions at runtime. We propose a corresponding software architecture that enables online event abstraction from IoT sensor streams using the CEP applications. We evaluate these applications to monitor activity executions in smart manufacturing and smart healthcare. These evaluations are useful to inform the domain expert about the quality of activity detections based on the specified patterns and potential for improvement via additional or modified patterns and sensors.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"36 ","pages":"Article 101870"},"PeriodicalIF":7.6,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145926731","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

BPSmart-CARE: a framework for managing contextualized actions in IoT systems through the integration of business process modelling and complex event processing BPSmart-CARE：通过集成业务流程建模和复杂事件处理来管理物联网系统中情境化操作的框架

IF 7.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Internet of Things

Pub Date : 2026-03-01 Epub Date: 2026-02-09 DOI: 10.1016/j.iot.2026.101887

Adrian Bazan-Muñoz , Cesare Pautasso , Guadalupe Ortiz , Alfonso Garcia-de-Prado

The exponential growth of Internet of Things (IoT) sensors and data has led to multiple software applications which aim at collecting, monitoring, controlling, and automating decisions based on such data in several domains such as smart cities. Even though early IoT frameworks and software architectures relied on correlating data from a single application domain, missing opportunities to improve contextualisation; in the last years several Complex Event Processing (CEP)-based frameworks and applications have been provided to improve the correlation of data from heterogenous domains, facilitating context-aware decision making. However, several issues remain unsolved: on the one hand, frameworks should not only provide the means for data correlation and contextualisation, but also for the definition of customisable real-time actions based on the context. On the other hand, CEP patterns update remains static in these frameworks, while there is a need for dynamically updating CEP pattern logic to adapt to changing contexts in real time. Even more, CEP patterns logic understanding might also be a handicap for developers. To face these challenges, in this paper, we enhance an existent CEP-based framework and software architecture by incorporating Business Process Modelling (BPM) to facilitate the definition of CEP patterns rationale, manage interdependencies between patterns, define and handle contextualised user actions, and enable real-time updating of CEP pattern logic based on detected situations. The proposed approach is illustrated through a case study, assessed via usability and performance evaluations, which show improvements in comprehensibility, maintainability, and updatability of CEP-based software applications for context-aware IoT scenarios.

物联网（IoT）传感器和数据的指数级增长导致了多种软件应用程序，旨在收集、监控、控制和自动化基于智能城市等多个领域的此类数据的决策。尽管早期的物联网框架和软件架构依赖于单个应用领域的关联数据，错失了改善情境化的机会；在过去的几年里，一些基于复杂事件处理（CEP）的框架和应用程序已经被提供，以改善来自异构领域的数据的相关性，促进上下文感知决策。然而，有几个问题仍然没有解决：一方面，框架不仅应该提供数据关联和上下文化的手段，而且还应该根据上下文定义可定制的实时操作。另一方面，CEP模式更新在这些框架中保持静态，而需要动态更新CEP模式逻辑以适应实时变化的上下文。而且，CEP模式的逻辑理解也可能成为开发人员的障碍。为了应对这些挑战，在本文中，我们通过整合业务流程建模（BPM）来增强现有的基于CEP模式的框架和软件架构，以促进CEP模式基本原理的定义，管理模式之间的相互依赖关系，定义和处理上下文化的用户操作，并基于检测到的情况实现CEP模式逻辑的实时更新。本文通过一个案例研究对所提出的方法进行了说明，并通过可用性和性能评估进行了评估，该研究显示了基于cep的软件应用程序在上下文感知物联网场景中的可理解性、可维护性和可更新性方面的改进。

{"title":"BPSmart-CARE: a framework for managing contextualized actions in IoT systems through the integration of business process modelling and complex event processing","authors":"Adrian Bazan-Muñoz , Cesare Pautasso , Guadalupe Ortiz , Alfonso Garcia-de-Prado","doi":"10.1016/j.iot.2026.101887","DOIUrl":"10.1016/j.iot.2026.101887","url":null,"abstract":"<div><div>The exponential growth of Internet of Things (IoT) sensors and data has led to multiple software applications which aim at collecting, monitoring, controlling, and automating decisions based on such data in several domains such as smart cities. Even though early IoT frameworks and software architectures relied on correlating data from a single application domain, missing opportunities to improve contextualisation; in the last years several Complex Event Processing (CEP)-based frameworks and applications have been provided to improve the correlation of data from heterogenous domains, facilitating context-aware decision making. However, several issues remain unsolved: on the one hand, frameworks should not only provide the means for data correlation and contextualisation, but also for the definition of customisable real-time actions based on the context. On the other hand, CEP patterns update remains static in these frameworks, while there is a need for dynamically updating CEP pattern logic to adapt to changing contexts in real time. Even more, CEP patterns logic understanding might also be a handicap for developers. To face these challenges, in this paper, we enhance an existent CEP-based framework and software architecture by incorporating Business Process Modelling (BPM) to facilitate the definition of CEP patterns rationale, manage interdependencies between patterns, define and handle contextualised user actions, and enable real-time updating of CEP pattern logic based on detected situations. The proposed approach is illustrated through a case study, assessed via usability and performance evaluations, which show improvements in comprehensibility, maintainability, and updatability of CEP-based software applications for context-aware IoT scenarios.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"36 ","pages":"Article 101887"},"PeriodicalIF":7.6,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146173163","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Creation of AI-driven smart spaces for enhanced indoor environments – A survey 为增强室内环境创造人工智能驱动的智能空间——一项调查

IF 7.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Internet of Things

Pub Date : 2026-03-01 Epub Date: 2026-01-18 DOI: 10.1016/j.iot.2026.101876

Aygün Varol , Naser Hossein Motlagh , Mirka Leino , Sasu Tarkoma , Johanna Virkki

Smart spaces are ubiquitous computing environments that integrate diverse sensing and communication technologies to enhance functionality, optimize energy utilization, and improve user comfort and well-being. The adoption of emerging artificial intelligence (AI) methodologies has led to the development of AI-driven smart spaces, further expanding capabilities through applications such as personalized comfort settings, interactive living spaces, and automation of space systems. These advancements collectively elevate the quality of indoor experiences for users. To systematically examine these developments, we present a comprehensive survey of the foundational components of AI-driven smart spaces, including sensor technologies, data communication protocols, network management and maintenance strategies, and data collection, processing, and analytics. We investigate both traditional machine learning (ML) methods, such as deep learning (DL), and emerging approaches, including transformer networks and large language models (LLMs), highlighting their contributions and potential. We also showcase real-world applications of these technologies and provide insights to guide their continued development. Each section details relevant technologies and methodologies and concludes with an analysis of challenges and limitations, identifying directions for future research.

智能空间是一种无处不在的计算环境，它集成了各种传感和通信技术，以增强功能，优化能源利用，提高用户的舒适度和幸福感。新兴人工智能（AI）方法的采用导致了人工智能驱动的智能空间的发展，通过个性化舒适设置、交互式生活空间和空间系统自动化等应用进一步扩展了功能。这些进步共同提升了用户的室内体验质量。为了系统地研究这些发展，我们对人工智能驱动的智能空间的基本组成部分进行了全面的调查，包括传感器技术、数据通信协议、网络管理和维护策略，以及数据收集、处理和分析。我们研究了传统的机器学习（ML）方法，如深度学习（DL），以及新兴的方法，包括变压器网络和大型语言模型（llm），强调了它们的贡献和潜力。我们还展示了这些技术的实际应用，并提供了指导其持续发展的见解。每个部分详细介绍了相关的技术和方法，最后分析了挑战和局限性，确定了未来研究的方向。

{"title":"Creation of AI-driven smart spaces for enhanced indoor environments – A survey","authors":"Aygün Varol , Naser Hossein Motlagh , Mirka Leino , Sasu Tarkoma , Johanna Virkki","doi":"10.1016/j.iot.2026.101876","DOIUrl":"10.1016/j.iot.2026.101876","url":null,"abstract":"<div><div>Smart spaces are ubiquitous computing environments that integrate diverse sensing and communication technologies to enhance functionality, optimize energy utilization, and improve user comfort and well-being. The adoption of emerging artificial intelligence (AI) methodologies has led to the development of AI-driven smart spaces, further expanding capabilities through applications such as personalized comfort settings, interactive living spaces, and automation of space systems. These advancements collectively elevate the quality of indoor experiences for users. To systematically examine these developments, we present a comprehensive survey of the foundational components of AI-driven smart spaces, including sensor technologies, data communication protocols, network management and maintenance strategies, and data collection, processing, and analytics. We investigate both traditional machine learning (ML) methods, such as deep learning (DL), and emerging approaches, including transformer networks and large language models (LLMs), highlighting their contributions and potential. We also showcase real-world applications of these technologies and provide insights to guide their continued development. Each section details relevant technologies and methodologies and concludes with an analysis of challenges and limitations, identifying directions for future research.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"36 ","pages":"Article 101876"},"PeriodicalIF":7.6,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146023233","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Snip-Cache: A code snippet caching system for LLM-based command-driven IoT systems snippet - cache：用于基于llm的命令驱动物联网系统的代码片段缓存系统

IF 7.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Internet of Things

Pub Date : 2026-03-01 Epub Date: 2025-12-13 DOI: 10.1016/j.iot.2025.101852

Chiwon Song , Sooyong Kang

Large language models (LLMs) are widely used in real-time interface systems that process user commands. Despite their high output quality, the long response times and substantial operating costs undermine the practicality and sustainability of LLM-based services. Prompt caching is one of the optimization techniques introduced to mitigate the problem. It avoids redundant processing of repetitive prompts by caching and reusing the response for the same or similar prompts. However, such a static caching scheme has an intrinsic limitation, in terms of the reusability of results, due to the variety of expressions having the same semantics in real-world usage environments. In this paper, we introduce a new strategy for prompt caching, Snippet Caching, for LLM-based command-driven IoT systems to overcome the limitation. It perceives a command (prompt) as a function call with specific arguments. Instead of caching (input, output) pairs, it caches two simple code snippets that mimic LLM operations for each function. Based on the strategy, we design a novel prompt caching scheme, Snip-Cache, which generates code snippets with the help of LLMs. Experimental results show that Snip-Cache is significantly more beneficial to command-driven IoT systems than semantic caching schemes (GPTCache and vCache), in terms of response accuracy, response time, and token usage.

大型语言模型（llm）广泛应用于处理用户命令的实时接口系统中。尽管它们的输出质量很高，但响应时间长，运营成本高，破坏了llm服务的实用性和可持续性。提示缓存是为了缓解这个问题而引入的一种优化技术。它通过缓存和重用相同或类似提示的响应来避免重复提示的冗余处理。然而，就结果的可重用性而言，这种静态缓存方案具有内在的限制，因为在实际使用环境中，各种表达式具有相同的语义。在本文中，我们为基于llm的命令驱动物联网系统引入了一种新的提示缓存策略——Snippet caching，以克服这一限制。它将命令（提示符）视为带有特定参数的函数调用。它没有缓存（输入、输出）对，而是缓存两个简单的代码片段，模拟每个函数的LLM操作。基于该策略，我们设计了一种新的提示缓存方案——snippet - cache，该方案在llm的帮助下生成代码片段。实验结果表明，在响应精度、响应时间和令牌使用方面，snippet - cache明显比语义缓存方案（GPTCache和vCache）更有利于命令驱动的物联网系统。

{"title":"Snip-Cache: A code snippet caching system for LLM-based command-driven IoT systems","authors":"Chiwon Song , Sooyong Kang","doi":"10.1016/j.iot.2025.101852","DOIUrl":"10.1016/j.iot.2025.101852","url":null,"abstract":"<div><div>Large language models (LLMs) are widely used in real-time interface systems that process user commands. Despite their high output quality, the long response times and substantial operating costs undermine the practicality and sustainability of LLM-based services. Prompt caching is one of the optimization techniques introduced to mitigate the problem. It avoids redundant processing of repetitive prompts by caching and reusing the response for the same or similar prompts. However, such a static caching scheme has an intrinsic limitation, in terms of the reusability of results, due to the variety of expressions having the same semantics in real-world usage environments. In this paper, we introduce a new strategy for prompt caching, <em>Snippet Caching</em>, for LLM-based command-driven IoT systems to overcome the limitation. It perceives a command (prompt) as a function call with specific arguments. Instead of caching (input, output) pairs, it caches two simple code snippets that mimic LLM operations for each function. Based on the strategy, we design a novel prompt caching scheme, <em>Snip-Cache</em>, which generates code snippets with the help of LLMs. Experimental results show that Snip-Cache is significantly more beneficial to command-driven IoT systems than semantic caching schemes (GPTCache and vCache), in terms of response accuracy, response time, and token usage.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"36 ","pages":"Article 101852"},"PeriodicalIF":7.6,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145791860","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Graph neural networks for IoT security: A comparative study 图神经网络用于物联网安全：比较研究

IF 7.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Internet of Things

Pub Date : 2026-03-01 Epub Date: 2025-12-26 DOI: 10.1016/j.iot.2025.101863

Nicola Capuano , Vincenzo Carletti , Pasquale Foggia , Francesco Rosa , Mario Vento

The increasing deployment of IoT devices has introduced new cybersecurity vulnerabilities, as traditional defense mechanisms often fail to protect resource-constrained and highly heterogeneous environments. Network traffic analysis has emerged as a key strategy for detecting malicious activities; however, the inherent dynamism of IoT communications undermines the effectiveness of traditional security mechanisms. In this paper, we focus on detecting malicious activities in IoT networks by solving a node-classification problem in a graph-based network representation. We evaluate six Graph Neural Network methods, encompassing both static and time-dependent models, using two distinct graph representations of network traffic. Our analysis is conducted across three recent IoT traffic datasets, and considers multiple snapshot durations to understand how temporal granularity affects detection accuracy. Through extensive experiments, we assess the impact of graph structure, snapshot duration, and temporal modeling on detection performance. Results show that GNNs, especially static models, are effective at identifying anomalous nodes even in unseen environments. We find that shorter snapshot durations consistently improve model accuracy by reducing noise in node embeddings, and that simpler traffic representation often match or outperform more complex counterparts, particularly when computational efficiency is a concern. Additionally, further research is needed to draw firm conclusions about dynamic methods. Our findings provide actionable insights for selecting models, representations, and configurations in the design of GNN-based intrusion detection systems for IoT networks.

物联网设备的不断增加部署带来了新的网络安全漏洞，因为传统的防御机制往往无法保护资源受限和高度异构的环境。网络流量分析已成为检测恶意活动的关键策略；然而，物联网通信固有的动态性破坏了传统安全机制的有效性。在本文中，我们专注于通过解决基于图的网络表示中的节点分类问题来检测物联网网络中的恶意活动。我们评估了六种图神经网络方法，包括静态和时间依赖模型，使用两种不同的网络流量图表示。我们的分析是在三个最近的物联网流量数据集上进行的，并考虑了多个快照持续时间，以了解时间粒度如何影响检测准确性。通过大量的实验，我们评估了图结构、快照持续时间和时间建模对检测性能的影响。结果表明，即使在不可见的环境中，gnn，特别是静态模型，也能有效地识别异常节点。我们发现，更短的快照持续时间通过减少节点嵌入中的噪声不断提高模型的准确性，并且更简单的流量表示通常匹配或优于更复杂的对应，特别是当计算效率是一个问题时。此外，还需要进一步的研究来得出关于动态方法的确切结论。我们的研究结果为在物联网网络中基于gnn的入侵检测系统设计中选择模型、表示和配置提供了可操作的见解。

{"title":"Graph neural networks for IoT security: A comparative study","authors":"Nicola Capuano , Vincenzo Carletti , Pasquale Foggia , Francesco Rosa , Mario Vento","doi":"10.1016/j.iot.2025.101863","DOIUrl":"10.1016/j.iot.2025.101863","url":null,"abstract":"<div><div>The increasing deployment of IoT devices has introduced new cybersecurity vulnerabilities, as traditional defense mechanisms often fail to protect resource-constrained and highly heterogeneous environments. Network traffic analysis has emerged as a key strategy for detecting malicious activities; however, the inherent dynamism of IoT communications undermines the effectiveness of traditional security mechanisms. In this paper, we focus on detecting malicious activities in IoT networks by solving a node-classification problem in a graph-based network representation. We evaluate six Graph Neural Network methods, encompassing both static and time-dependent models, using two distinct graph representations of network traffic. Our analysis is conducted across three recent IoT traffic datasets, and considers multiple snapshot durations to understand how temporal granularity affects detection accuracy. Through extensive experiments, we assess the impact of graph structure, snapshot duration, and temporal modeling on detection performance. Results show that GNNs, especially static models, are effective at identifying anomalous nodes even in unseen environments. We find that shorter snapshot durations consistently improve model accuracy by reducing noise in node embeddings, and that simpler traffic representation often match or outperform more complex counterparts, particularly when computational efficiency is a concern. Additionally, further research is needed to draw firm conclusions about dynamic methods. Our findings provide actionable insights for selecting models, representations, and configurations in the design of GNN-based intrusion detection systems for IoT networks.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"36 ","pages":"Article 101863"},"PeriodicalIF":7.6,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145885161","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0