Journal of Systems Architecture最新文献_第10页

EF-IDS: An efficient intrusion detection system with enriched features for CAN bus in modern vehicles EF-IDS：针对现代车辆CAN总线的一种功能丰富的高效入侵检测系统

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-02-01 Epub Date: 2025-11-21 DOI: 10.1016/j.sysarc.2025.103646

Aya El-Fatyany , Xiaohang Wang , Li Lu , Kui Ren

The Controller Area Network (CAN) bus enables communication between electronic control units in modern vehicles but lacks security features, such as authentication or encryption, making it vulnerable to cyberattacks. Previous IDS methods perform poorly with datasets from modern cars (2022 or later) as they were trained on public dataset from pre-2020 cars whose CAN frames contain fewer data fields and features. To address this, an EF-IDS is introduced, which utilizes Enriched Features to capture spatial–temporal representation for detecting in-vehicle network intrusions. Spatial aspects, like CAN ID and payload, are captured using UNET, while LSTM learns temporal features based on sequence window size. The system’s performance was evaluated using Tesla Model 3 (2022), LeapMotor C10 (2024), and public Car-hacking datasets showed nearly 100% detection accuracy, with low false alarms (0.842%) for DoS, Fuzzy, and Spoofing attacks. EF-IDS significantly improves the detection accuracy compared to previous methods. A compressed model with reduced layers achieved similar detection capabilities while decreasing the inference time by 90 times. The EF-IDS model’s effectiveness was verified through implementation in a LeapMotor C10 (2024) test vehicle with an inference time 0.0437 ms for every 100 frames.

控制器局域网（CAN）总线使现代车辆的电子控制单元之间能够通信，但缺乏认证或加密等安全功能，使其容易受到网络攻击。以前的IDS方法在现代汽车（2022年或以后）的数据集上表现不佳，因为它们是在2020年前汽车的公共数据集上训练的，这些汽车的CAN帧包含更少的数据字段和特征。为了解决这个问题，引入了一个EF-IDS，它利用丰富的特征来捕获时空表征，以检测车载网络入侵。空间方面，如CAN ID和有效载荷，使用UNET捕获，而LSTM根据序列窗口大小学习时间特征。使用特斯拉Model 3（2022年）、LeapMotor C10（2024年）和公共汽车黑客数据集对该系统的性能进行了评估，结果显示，该系统的检测准确率接近100%，对DoS、模糊和欺骗攻击的误报率（0.842%）很低。与以往的检测方法相比，EF-IDS显著提高了检测精度。减少层数的压缩模型获得了相似的检测能力，同时将推理时间减少了90倍。通过在一辆LeapMotor C10（2024）测试车上的实现，验证了EF-IDS模型的有效性，每100帧的推理时间为0.0437 ms。

{"title":"EF-IDS: An efficient intrusion detection system with enriched features for CAN bus in modern vehicles","authors":"Aya El-Fatyany , Xiaohang Wang , Li Lu , Kui Ren","doi":"10.1016/j.sysarc.2025.103646","DOIUrl":"10.1016/j.sysarc.2025.103646","url":null,"abstract":"<div><div>The Controller Area Network (CAN) bus enables communication between electronic control units in modern vehicles but lacks security features, such as authentication or encryption, making it vulnerable to cyberattacks. Previous IDS methods perform poorly with datasets from modern cars (2022 or later) as they were trained on public dataset from pre-2020 cars whose CAN frames contain fewer data fields and features. To address this, an EF-IDS is introduced, which utilizes <u>E</u>nriched <u>F</u>eatures to capture spatial–temporal representation for detecting in-vehicle network intrusions. Spatial aspects, like CAN ID and payload, are captured using UNET, while LSTM learns temporal features based on sequence window size. The system’s performance was evaluated using Tesla Model 3 (2022), LeapMotor C10 (2024), and public Car-hacking datasets showed nearly 100% detection accuracy, with low false alarms (0.842%) for DoS, Fuzzy, and Spoofing attacks. EF-IDS significantly improves the detection accuracy compared to previous methods. A compressed model with reduced layers achieved similar detection capabilities while decreasing the inference time by 90 times. The EF-IDS model’s effectiveness was verified through implementation in a LeapMotor C10 (2024) test vehicle with an inference time 0.0437 ms for every 100 frames.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"171 ","pages":"Article 103646"},"PeriodicalIF":4.1,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145693952","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Dependency-aware microservices offloading in ICN-based edge computing testbed 基于icn边缘计算试验台的依赖感知微服务卸载

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-02-01 Epub Date: 2025-12-08 DOI: 10.1016/j.sysarc.2025.103663

Muhammad Nadeem Ali , Ihsan Ullah , Muhammad Imran , Muhammad Salah ud din , Byung-Seo Kim

Information-Centric Networking (ICN)-based edge computing has demonstrated remarkable potential in meeting ultra-low latency and reliable communication for offloading compute-intensive applications. Such applications are often composed of interdependent microservices that demand abundant communication and intensive computing resources. To avoid dependency conflict, these microservices are typically arranged in a predefined sequence prior to offloading; however, this introduces waiting time for each microservice in the sequence. This paper presents an ICN-edge computing-based testbed framework to demonstrate the practical applicability of a study named IFCNS, which proposes a unique solution to reduce the offloading time of dependent microservices compared to an existing scheme, named OTOOA. In the testbed, the IFCNS and OTOOA schemes are implemented on the Raspberry Pi devices, Named Data Network (NDN) codebase in a Python script. Furthermore, this paper outlined the comprehensive testbed development procedure, including hardware and software configuration. To evaluate the effectiveness of the IFCNS scheme, modifications are applied to the NDN naming, microservice tracking functions, and forwarding strategy. The experimental results corroborate the effectiveness of the IFCNS as compared to OTOOA, demonstrating superior performance in time consumption, average interest satisfaction delay, energy consumption, FIB table load, and average naming overhead.

基于信息中心网络（ICN）的边缘计算在满足超低延迟和可靠通信以卸载计算密集型应用方面显示出巨大的潜力。此类应用程序通常由相互依赖的微服务组成，这些微服务需要大量的通信和密集的计算资源。为了避免依赖冲突，这些微服务通常在卸载之前按照预定义的顺序排列；但是，这会引入序列中每个微服务的等待时间。本文提出了一个基于icn边缘计算的测试平台框架，以证明名为IFCNS的研究的实际适用性，该研究提出了一种独特的解决方案，与现有的名为OTOOA的方案相比，可以减少依赖微服务的卸载时间。在测试平台中，IFCNS和OTOOA方案在树莓派设备上实现，命名数据网络（NDN）代码库在Python脚本中实现。此外，本文还概述了综合试验台的开发过程，包括硬件配置和软件配置。为了评估IFCNS方案的有效性，对NDN命名、微服务跟踪功能和转发策略进行了修改。实验结果证实了IFCNS与OTOOA相比的有效性，在时间消耗、平均兴趣满足延迟、能量消耗、FIB表负载和平均命名开销方面表现出更高的性能。

{"title":"Dependency-aware microservices offloading in ICN-based edge computing testbed","authors":"Muhammad Nadeem Ali , Ihsan Ullah , Muhammad Imran , Muhammad Salah ud din , Byung-Seo Kim","doi":"10.1016/j.sysarc.2025.103663","DOIUrl":"10.1016/j.sysarc.2025.103663","url":null,"abstract":"<div><div>Information-Centric Networking (ICN)-based edge computing has demonstrated remarkable potential in meeting ultra-low latency and reliable communication for offloading compute-intensive applications. Such applications are often composed of interdependent microservices that demand abundant communication and intensive computing resources. To avoid dependency conflict, these microservices are typically arranged in a predefined sequence prior to offloading; however, this introduces waiting time for each microservice in the sequence. This paper presents an ICN-edge computing-based testbed framework to demonstrate the practical applicability of a study named IFCNS, which proposes a unique solution to reduce the offloading time of dependent microservices compared to an existing scheme, named OTOOA. In the testbed, the IFCNS and OTOOA schemes are implemented on the Raspberry Pi devices, Named Data Network (NDN) codebase in a Python script. Furthermore, this paper outlined the comprehensive testbed development procedure, including hardware and software configuration. To evaluate the effectiveness of the IFCNS scheme, modifications are applied to the NDN naming, microservice tracking functions, and forwarding strategy. The experimental results corroborate the effectiveness of the IFCNS as compared to OTOOA, demonstrating superior performance in time consumption, average interest satisfaction delay, energy consumption, FIB table load, and average naming overhead.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"171 ","pages":"Article 103663"},"PeriodicalIF":4.1,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145748386","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Stegano-ECC: Enhancing DNN fault tolerance with embedded parity for important bits 隐写- ecc：通过嵌入重要位的奇偶校验增强DNN容错性

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-02-01 Epub Date: 2025-11-28 DOI: 10.1016/j.sysarc.2025.103651

Min Jun Jo , Young Seo Lee

Recently, there has been increasing adoption of deep neural network (DNN) inference tasks directly on edge devices. These DNN inference tasks face critical reliability challenges due to increased DRAM errors caused by harsh operating conditions and resource constraints in edge environments. Though the conventional error correction codes (ECCs) mitigate DRAM errors exploiting parity bits, they incur substantial storage overhead, thereby making it challenging to deploy them on resource-constrained edge devices.

In this paper, we propose Stegano-ECC, a novel error protection scheme for DNN inference on edge devices, which provides strong DNN fault tolerance against DRAM errors without storage overhead. Stegano-ECC selectively applies single error correction (SEC) codes only to the important bits (that have a significant impact on DNN inference accuracy) of DNN weights, improving fault tolerance during DNN inference. It embeds the parity bits of SEC codes within the relatively less important bits of weights, which avoids any storage overhead while minimizing the DNN accuracy degradation. Our evaluation results show that Stegano-ECC significantly improves fault tolerance by up to 500000

\times

and 27778

\times

in FP32 format (up to 2000000

\times

and 10.0

\times

in FP16 and INT8 format, respectively), compared to the conventional systems and the state-of-the-art error protection technique for edge environments, respectively.

最近，越来越多的人直接在边缘设备上采用深度神经网络（DNN）推理任务。由于边缘环境中恶劣的操作条件和资源限制导致DRAM错误增加，这些DNN推理任务面临着严峻的可靠性挑战。虽然传统的纠错码（ecc）可以缓解利用奇偶校验位的DRAM错误，但它们会产生大量的存储开销，因此在资源受限的边缘设备上部署它们具有挑战性。在本文中，我们提出了一种新的边缘设备上DNN推理的错误保护方案Stegano-ECC，该方案在不增加存储开销的情况下对DRAM错误提供了强大的DNN容错性。Stegano-ECC仅对DNN权值的重要位（对DNN推理精度有显著影响）选择性地应用单错误校正（SEC）码，提高了DNN推理过程中的容错性。它将SEC代码的奇偶校验位嵌入到相对不太重要的权重位中，这避免了任何存储开销，同时最大限度地降低了DNN精度的降低。我们的评估结果表明，与传统系统和最先进的边缘环境错误保护技术相比，Stegano-ECC在FP32格式下的容错能力分别提高了500000x和27778 x（在FP16和INT8格式下分别提高了2000000x和10.0 x）。

{"title":"Stegano-ECC: Enhancing DNN fault tolerance with embedded parity for important bits","authors":"Min Jun Jo , Young Seo Lee","doi":"10.1016/j.sysarc.2025.103651","DOIUrl":"10.1016/j.sysarc.2025.103651","url":null,"abstract":"<div><div>Recently, there has been increasing adoption of deep neural network (DNN) inference tasks directly on edge devices. These DNN inference tasks face critical reliability challenges due to increased DRAM errors caused by harsh operating conditions and resource constraints in edge environments. Though the conventional error correction codes (ECCs) mitigate DRAM errors exploiting parity bits, they incur substantial storage overhead, thereby making it challenging to deploy them on resource-constrained edge devices.</div><div>In this paper, we propose Stegano-ECC, a novel error protection scheme for DNN inference on edge devices, which provides strong DNN fault tolerance against DRAM errors without storage overhead. Stegano-ECC selectively applies single error correction (SEC) codes only to the important bits (that have a significant impact on DNN inference accuracy) of DNN weights, improving fault tolerance during DNN inference. It embeds the parity bits of SEC codes within the relatively less important bits of weights, which avoids any storage overhead while minimizing the DNN accuracy degradation. Our evaluation results show that Stegano-ECC significantly improves fault tolerance by up to 500000<span><math><mo>×</mo></math></span> and 27778<span><math><mo>×</mo></math></span> in FP32 format (up to 2000000<span><math><mo>×</mo></math></span> and 10.0<span><math><mo>×</mo></math></span> in FP16 and INT8 format, respectively), compared to the conventional systems and the state-of-the-art error protection technique for edge environments, respectively.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"171 ","pages":"Article 103651"},"PeriodicalIF":4.1,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145693951","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

LARDM: Lightweight and aggregation-driven real-time detection and mitigation of volumetric DDoS attacks in the programmable data plane LARDM：轻量级和聚合驱动的实时检测和缓解可编程数据平面上的海量DDoS攻击

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-01-01 Epub Date: 2025-11-10 DOI: 10.1016/j.sysarc.2025.103624

Yuansheng Luo , Hao Yang , Bing Xiong , Shi Qiu

With the accelerated deployment of AIoT (artificial intelligence of things), massive edge terminals and distributed sensing introduce high concurrency and bursty network loads. Resource-constrained devices are susceptible to hijacking and can be leveraged to form botnets, significantly amplifying the risk of volumetric DDoS (distributed denial-of-service) attacks. Traditional software-based defense schemes often struggle to meet line-rate and real-time requirements under large-scale attacks due to high processing latency and substantial resource consumption. To address this, this paper proposes LARDM—a DDoS detection and mitigation framework fully deployed on the programmable data plane. The framework is based on P4-programmable switches and comprises three core components: a burst stream filter, a stream feature collector, and a decision tree module, enabling real-time detection and accurate localization of volumetric DDoS attacks. The burst stream filter utilizes hash collision and probabilistic decay mechanisms to efficiently filter mice flows and focus resources on detecting potential attack streams; the stream feature collector captures key statistical features at multiple checkpoints; and the decision tree module performs lightweight inference directly in the data plane, reporting to the controller to issue blacklists, whitelists, and mitigation rules when the confidence level exceeds the threshold. The framework innovatively introduces Gini impurity to quantify network anomalies and performs flow aggregation based on suspicious source or destination IPs when anomalies are detected, significantly enhancing the tracking and localization of distributed attack sources. Experimental results show that LARDM achieves 90 % coverage of Top-K elephant flows on BMv2 programmable switches, with a flow classification accuracy of 99.3 %, outperforming existing data plane detection methods. The system can rapidly identify anomalies and initiate mitigation within a short window after an attack, effectively reducing the impact of attack traffic on network performance. The lightweight nature of the scheme is further validated by space complexity analysis, demonstrating its suitability for resource-constrained data planes.

随着物联网（AIoT）的加速部署，海量边缘终端和分布式感知带来了高并发性和突发性的网络负载。资源受限的设备很容易被劫持，并且可以用来形成僵尸网络，这大大增加了大规模DDoS（分布式拒绝服务）攻击的风险。传统的基于软件的防御方案由于处理延迟高、资源消耗大，往往难以满足大规模攻击下的线率和实时性要求。为了解决这个问题，本文提出了lardm -一个完全部署在可编程数据平面上的DDoS检测和缓解框架。该框架基于p4可编程交换机，包括三个核心组件：突发流滤波器、流特征收集器和决策树模块，能够实时检测和准确定位容量DDoS攻击。突发流过滤器利用哈希碰撞和概率衰减机制有效过滤小鼠流，集中资源检测潜在攻击流；流特征收集器在多个检查点捕获关键统计特征；决策树模块直接在数据平面中执行轻量级推理，当置信度超过阈值时，向控制器报告以发布黑名单、白名单和缓解规则。该框架创新性地引入基尼杂质来量化网络异常，并在检测到异常时基于可疑的源ip或目的ip进行流量聚合，显著增强了对分布式攻击源的跟踪和定位。实验结果表明，LARDM在BMv2可编程交换机上对Top-K大象流的覆盖率达到90%，流分类准确率达到99.3%，优于现有的数据平面检测方法。系统可以在攻击发生后的短时间内快速识别异常并进行缓解，有效降低攻击流量对网络性能的影响。空间复杂度分析进一步验证了该方案的轻量化特性，证明了其适用于资源受限的数据平面。

{"title":"LARDM: Lightweight and aggregation-driven real-time detection and mitigation of volumetric DDoS attacks in the programmable data plane","authors":"Yuansheng Luo , Hao Yang , Bing Xiong , Shi Qiu","doi":"10.1016/j.sysarc.2025.103624","DOIUrl":"10.1016/j.sysarc.2025.103624","url":null,"abstract":"<div><div>With the accelerated deployment of AIoT (artificial intelligence of things), massive edge terminals and distributed sensing introduce high concurrency and bursty network loads. Resource-constrained devices are susceptible to hijacking and can be leveraged to form botnets, significantly amplifying the risk of volumetric DDoS (distributed denial-of-service) attacks. Traditional software-based defense schemes often struggle to meet line-rate and real-time requirements under large-scale attacks due to high processing latency and substantial resource consumption. To address this, this paper proposes LARDM—a DDoS detection and mitigation framework fully deployed on the programmable data plane. The framework is based on P4-programmable switches and comprises three core components: a burst stream filter, a stream feature collector, and a decision tree module, enabling real-time detection and accurate localization of volumetric DDoS attacks. The burst stream filter utilizes hash collision and probabilistic decay mechanisms to efficiently filter mice flows and focus resources on detecting potential attack streams; the stream feature collector captures key statistical features at multiple checkpoints; and the decision tree module performs lightweight inference directly in the data plane, reporting to the controller to issue blacklists, whitelists, and mitigation rules when the confidence level exceeds the threshold. The framework innovatively introduces Gini impurity to quantify network anomalies and performs flow aggregation based on suspicious source or destination IPs when anomalies are detected, significantly enhancing the tracking and localization of distributed attack sources. Experimental results show that LARDM achieves 90 % coverage of Top-K elephant flows on BMv2 programmable switches, with a flow classification accuracy of 99.3 %, outperforming existing data plane detection methods. The system can rapidly identify anomalies and initiate mitigation within a short window after an attack, effectively reducing the impact of attack traffic on network performance. The lightweight nature of the scheme is further validated by space complexity analysis, demonstrating its suitability for resource-constrained data planes.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"170 ","pages":"Article 103624"},"PeriodicalIF":4.1,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145569892","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Blockchain-assisted provably secure identity-based public key encryption with keyword search scheme for medical data sharing 基于区块链的可证明安全身份公钥加密关键字搜索医疗数据共享方案

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-01-01 Epub Date: 2025-10-30 DOI: 10.1016/j.sysarc.2025.103619

Sudeep Ghosh , SK Hafizul Islam , Athanasios V. Vasilakos

Cloud computing is widely used in modern healthcare to manage Electronic Medical Records (EMRs), allowing organizations to store, access, and share patient data efficiently. Storing encrypted EMRs presents challenges for secure search and access control when using untrusted third-party cloud environments. Public Key Encryption with Keyword Search (PEKS) enables searching over encrypted data but suffers from keyword guessing attacks, inefficient multi-user search, and the requirement for secure communication channels. This paper proposes a secure Identity-Based Medical Data Sharing framework (BCT-IMDS) that leverages a hybrid cloud-assisted blockchain system comprising private and consortium blockchains. In BCT-IMDS, each hospital maintains a private blockchain, where each department operates a computer that acts as a node in the private blockchain network. Multiple hospitals establish a consortium blockchain network using their respective cloud servers. BCT-IMDS eliminates the need for pre-selecting data consumers, supports secure multi-user search, and ensures ciphertext and trapdoor indistinguishability. We formally analyze the security of the BCT-IMDS scheme, verify it using the Scyther tool, and evaluate the performance of BCT-IMDS at different security levels (80, 112, 128, 192, and 256 bits). The analysis demonstrates that BCT-IMDS is highly secure with practical computational, communication, and storage efficiency, and outperforms state-of-the-art PEKS-based medical data-sharing schemes.

云计算在现代医疗保健中广泛用于管理电子医疗记录（emr），使组织能够有效地存储、访问和共享患者数据。在使用不受信任的第三方云环境时，存储加密的emr对安全搜索和访问控制提出了挑战。带关键字搜索的公钥加密（PEKS）支持对加密数据进行搜索，但存在关键字猜测攻击、低效率的多用户搜索以及对安全通信通道的要求。本文提出了一种安全的基于身份的医疗数据共享框架（BCT-IMDS），该框架利用混合云辅助区块链系统，包括私有和财团区块链。在BCT-IMDS中，每个医院维护一个私有区块链，其中每个部门操作一台计算机，充当私有区块链网络中的节点。多家医院使用各自的云服务器建立一个联盟区块链网络。BCT-IMDS消除了预先选择数据消费者的需要，支持安全的多用户搜索，并确保密文和活板门的不可区分性。我们正式分析了BCT-IMDS方案的安全性，使用Scyther工具对其进行了验证，并评估了BCT-IMDS在不同安全级别（80、112、128、192和256位）下的性能。分析表明，BCT-IMDS具有高度安全性，具有实用的计算、通信和存储效率，并且优于最先进的基于peks的医疗数据共享方案。

{"title":"Blockchain-assisted provably secure identity-based public key encryption with keyword search scheme for medical data sharing","authors":"Sudeep Ghosh , SK Hafizul Islam , Athanasios V. Vasilakos","doi":"10.1016/j.sysarc.2025.103619","DOIUrl":"10.1016/j.sysarc.2025.103619","url":null,"abstract":"<div><div>Cloud computing is widely used in modern healthcare to manage Electronic Medical Records (EMRs), allowing organizations to store, access, and share patient data efficiently. Storing encrypted EMRs presents challenges for secure search and access control when using untrusted third-party cloud environments. Public Key Encryption with Keyword Search (PEKS) enables searching over encrypted data but suffers from keyword guessing attacks, inefficient multi-user search, and the requirement for secure communication channels. This paper proposes a secure Identity-Based Medical Data Sharing framework (BCT-IMDS) that leverages a hybrid cloud-assisted blockchain system comprising private and consortium blockchains. In BCT-IMDS, each hospital maintains a private blockchain, where each department operates a computer that acts as a node in the private blockchain network. Multiple hospitals establish a consortium blockchain network using their respective cloud servers. BCT-IMDS eliminates the need for pre-selecting data consumers, supports secure multi-user search, and ensures ciphertext and trapdoor indistinguishability. We formally analyze the security of the BCT-IMDS scheme, verify it using the Scyther tool, and evaluate the performance of BCT-IMDS at different security levels (80, 112, 128, 192, and 256 bits). The analysis demonstrates that BCT-IMDS is highly secure with practical computational, communication, and storage efficiency, and outperforms state-of-the-art PEKS-based medical data-sharing schemes.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"170 ","pages":"Article 103619"},"PeriodicalIF":4.1,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145468568","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A DVFS-weakly dependent real-time scheduling for multiple parallel applications on energy-aware heterogeneous systems 能量感知异构系统上多并行应用的dvfs弱依赖实时调度

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-01-01 Epub Date: 2025-10-28 DOI: 10.1016/j.sysarc.2025.103614

Yuhong Chen , Jing Huang , Lijun Xiao , Haibo Zeng

With the computational demands of modern applications in fields such as automotive systems and robotics, the scheduling of multiple parallel applications in heterogeneous systems has become increasingly complex. In particular, when multiple applications share resources within the same system, their scheduling not only affects real-time system performance but also impacts overall energy efficiency. Balancing time constraints and energy efficiency has become a critical issue. Dynamic Voltage and Frequency Scaling (DVFS), as an energy-saving technique, can improve energy efficiency but may also incur additional delays and transient errors, potentially compromising system stability. To address this challenge, this paper proposes two energy-efficient scheduling algorithms aimed at improving energy efficiency while ensuring real-time performance. First, in the non-DVFS domain, we introduce a DVFS-independent scheduling algorithm (MDNES), which employs an energy-aware task allocation strategy that prioritizes the allocation of slack time to energy-intensive tasks and reallocates these tasks to processors with lower energy consumption. Second, in the DVFS domain, we propose a DVFS-weakly dependent scheduling algorithm (MDWES), which limits the frequent use of DVFS while significantly saving energy and ensuring time performance. Experimental results show that both algorithms outperform existing methods in terms of energy efficiency and real-time performance.

随着汽车系统和机器人等现代应用的计算需求，异构系统中多个并行应用的调度变得越来越复杂。特别是，当多个应用程序共享同一系统中的资源时，它们的调度不仅会影响实时系统性能，还会影响整体能源效率。平衡时间限制和能源效率已成为关键问题。动态电压和频率缩放（DVFS）作为一种节能技术，可以提高能源效率，但也可能导致额外的延迟和瞬态误差，潜在地影响系统的稳定性。为了解决这一挑战，本文提出了两种节能调度算法，旨在提高能源效率，同时保证实时性能。首先，在非dvfs领域，我们引入了一种与dvfs无关的调度算法（MDNES），该算法采用能量感知任务分配策略，将空闲时间优先分配给高能耗任务，并将这些任务重新分配给能耗较低的处理器。其次，在DVFS领域，我们提出了一种DVFS弱依赖调度算法（MDWES），该算法限制了DVFS的频繁使用，同时显著节省了能源和保证了时间性能。实验结果表明，两种算法在能效和实时性方面都优于现有方法。

{"title":"A DVFS-weakly dependent real-time scheduling for multiple parallel applications on energy-aware heterogeneous systems","authors":"Yuhong Chen , Jing Huang , Lijun Xiao , Haibo Zeng","doi":"10.1016/j.sysarc.2025.103614","DOIUrl":"10.1016/j.sysarc.2025.103614","url":null,"abstract":"<div><div>With the computational demands of modern applications in fields such as automotive systems and robotics, the scheduling of multiple parallel applications in heterogeneous systems has become increasingly complex. In particular, when multiple applications share resources within the same system, their scheduling not only affects real-time system performance but also impacts overall energy efficiency. Balancing time constraints and energy efficiency has become a critical issue. Dynamic Voltage and Frequency Scaling (DVFS), as an energy-saving technique, can improve energy efficiency but may also incur additional delays and transient errors, potentially compromising system stability. To address this challenge, this paper proposes two energy-efficient scheduling algorithms aimed at improving energy efficiency while ensuring real-time performance. First, in the non-DVFS domain, we introduce a DVFS-independent scheduling algorithm (MDNES), which employs an energy-aware task allocation strategy that prioritizes the allocation of slack time to energy-intensive tasks and reallocates these tasks to processors with lower energy consumption. Second, in the DVFS domain, we propose a DVFS-weakly dependent scheduling algorithm (MDWES), which limits the frequent use of DVFS while significantly saving energy and ensuring time performance. Experimental results show that both algorithms outperform existing methods in terms of energy efficiency and real-time performance.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"170 ","pages":"Article 103614"},"PeriodicalIF":4.1,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145468572","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A survey on hybrid memory systems integrating Non-Volatile Memory (NVM) and DRAM: Architectures, management techniques, and research directions 整合非易失性记忆体（NVM）与DRAM的混合记忆体系统：架构、管理技术与研究方向

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-01-01 Epub Date: 2025-10-24 DOI: 10.1016/j.sysarc.2025.103603

Jawaher Alsaket, Atheer Adel, Mazen Alwadi

The increasing demand for power-efficient and high-performance memory systems has driven the development of Hybrid Memory Systems (HMS), which combine Dynamic Random-Access Memory (DRAM) with emerging Non-Volatile Memory (NVM) technologies. DRAM provides low latency and high bandwidth but suffers from high power consumption, limited scalability, and volatility. In contrast, NVM offers higher density, near-zero idle power, and persistence, though it has higher access latency and lower write endurance. This survey reviews 63 recent articles published between 2018 and 2024 in leading computer architecture venues. We categorize the literature along four dimensions: architectural design (hardware-only, software-only, or hardware/software co-design), memory management approaches (static allocation, dynamic migration, predictive placement), intelligence techniques (rule-based vs. machine learning), and system level (Operating System, application, or firmware/controller). We provide a comparative evaluation of these studies in terms of performance, energy efficiency, lifetime, and the use of machine learning. Finally, we highlight key open challenges and outline future research directions, including deep learning-based memory optimization, secure hybrid designs, and sustainability-aware memory policies.

对节能和高性能存储系统日益增长的需求推动了混合存储系统（HMS）的发展，它将动态随机存取存储器（DRAM）与新兴的非易失性存储器（NVM）技术相结合。DRAM提供低延迟和高带宽，但存在高功耗、有限的可伸缩性和波动性。相比之下，NVM提供了更高的密度、接近于零的空闲功率和持久性，尽管它具有更高的访问延迟和更低的写持久性。本调查回顾了2018年至2024年间在领先的计算机架构场所发表的63篇最新文章。我们沿着四个维度对文献进行分类：架构设计（纯硬件、纯软件或硬件/软件协同设计）、内存管理方法（静态分配、动态迁移、预测放置）、智能技术（基于规则的vs.机器学习）和系统级别（操作系统、应用程序或固件/控制器）。我们从性能、能源效率、寿命和机器学习的使用等方面对这些研究进行了比较评估。最后，我们强调了关键的开放挑战并概述了未来的研究方向，包括基于深度学习的内存优化，安全混合设计和可持续性感知的内存策略。

{"title":"A survey on hybrid memory systems integrating Non-Volatile Memory (NVM) and DRAM: Architectures, management techniques, and research directions","authors":"Jawaher Alsaket, Atheer Adel, Mazen Alwadi","doi":"10.1016/j.sysarc.2025.103603","DOIUrl":"10.1016/j.sysarc.2025.103603","url":null,"abstract":"<div><div>The increasing demand for power-efficient and high-performance memory systems has driven the development of Hybrid Memory Systems (HMS), which combine Dynamic Random-Access Memory (DRAM) with emerging Non-Volatile Memory (NVM) technologies. DRAM provides low latency and high bandwidth but suffers from high power consumption, limited scalability, and volatility. In contrast, NVM offers higher density, near-zero idle power, and persistence, though it has higher access latency and lower write endurance. This survey reviews 63 recent articles published between 2018 and 2024 in leading computer architecture venues. We categorize the literature along four dimensions: architectural design (hardware-only, software-only, or hardware/software co-design), memory management approaches (static allocation, dynamic migration, predictive placement), intelligence techniques (rule-based vs. machine learning), and system level (Operating System, application, or firmware/controller). We provide a comparative evaluation of these studies in terms of performance, energy efficiency, lifetime, and the use of machine learning. Finally, we highlight key open challenges and outline future research directions, including deep learning-based memory optimization, secure hybrid designs, and sustainability-aware memory policies.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"170 ","pages":"Article 103603"},"PeriodicalIF":4.1,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145374558","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A reliable and effective authentication mechanism for vehicular digital twin networks 一种可靠有效的车载数字孪生网络认证机制

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-01-01 Epub Date: 2025-10-27 DOI: 10.1016/j.sysarc.2025.103601

Vinod Kumar , Fauzia Hassan , Rabi Narayan Kar , Anil Kumar Nishad

Digital twin (DT) technology has received considerable attention due to its widespread application in manufacturing, healthcare, agriculture, the automotive industry, and academia. Virtual representations of physical vehicles, known as vehicular digital twins (VDTs), enable the simulation and forecasting of their behavior. There are many conceivable applications for VDT, from aiding in the creation of new automotive systems and technology designed to drive vehicles fully autonomously to fine-tuning and increasing machine and human performance. The way people travel and interact with cars could be drastically altered by automotive data stations. However, it is important to address these security and privacy issues. This paper describes a new method of user authentication that meets the specific security requirements of DT network systems. We offer a thorough justification and assessment of this suggested approach. Both formal and informal approaches are provided to guarantee the security of the proposed system. Using Burrows-Abadi-Needham logic, a random oracle model, we offer formal security analysis. We also perform security verification using the Scyther tool. We evaluate it using the same performance measures as other similar schemes and the protocol itself. According to our study, the suggested structure fully complied with the required security criteria and enhanced effective communication.

数字孪生（DT）技术由于其在制造业、医疗保健、农业、汽车工业和学术界的广泛应用而受到了相当大的关注。物理车辆的虚拟表示，被称为车辆数字双胞胎（vdt），可以模拟和预测它们的行为。VDT有许多可想象的应用，从帮助创建新的汽车系统和技术，旨在完全自主驾驶车辆，微调和提高机器和人类的性能。汽车数据站可能会彻底改变人们出行和与汽车互动的方式。然而，解决这些安全和隐私问题非常重要。本文介绍了一种满足DT网络系统特定安全要求的用户认证新方法。我们提供了一个彻底的理由和评估这一建议的方法。提供了正式和非正式的方法来保证拟议系统的安全性。使用Burrows-Abadi-Needham逻辑，随机oracle模型，我们提供形式化的安全性分析。我们还使用Scyther工具执行安全验证。我们使用与其他类似方案和协议本身相同的性能度量来评估它。根据我们的研究，建议的结构完全符合所需的安全标准，并增强了有效的沟通。

{"title":"A reliable and effective authentication mechanism for vehicular digital twin networks","authors":"Vinod Kumar , Fauzia Hassan , Rabi Narayan Kar , Anil Kumar Nishad","doi":"10.1016/j.sysarc.2025.103601","DOIUrl":"10.1016/j.sysarc.2025.103601","url":null,"abstract":"<div><div>Digital twin (DT) technology has received considerable attention due to its widespread application in manufacturing, healthcare, agriculture, the automotive industry, and academia. Virtual representations of physical vehicles, known as vehicular digital twins (VDTs), enable the simulation and forecasting of their behavior. There are many conceivable applications for VDT, from aiding in the creation of new automotive systems and technology designed to drive vehicles fully autonomously to fine-tuning and increasing machine and human performance. The way people travel and interact with cars could be drastically altered by automotive data stations. However, it is important to address these security and privacy issues. This paper describes a new method of user authentication that meets the specific security requirements of DT network systems. We offer a thorough justification and assessment of this suggested approach. Both formal and informal approaches are provided to guarantee the security of the proposed system. Using Burrows-Abadi-Needham logic, a random oracle model, we offer formal security analysis. We also perform security verification using the Scyther tool. We evaluate it using the same performance measures as other similar schemes and the protocol itself. According to our study, the suggested structure fully complied with the required security criteria and enhanced effective communication.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"170 ","pages":"Article 103601"},"PeriodicalIF":4.1,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145419558","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

MedHST: Secure spatiotemporal EHR analytics with fine-grained access control for IoMT MedHST：安全的时空EHR分析，为IoMT提供细粒度访问控制

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-01-01 Epub Date: 2025-10-31 DOI: 10.1016/j.sysarc.2025.103606

Yuxi Li , Jingjing Chen , Dong Ji , Qingxu Deng

Within the Internet of Medical Things (IoMT), wearables and edge sensors continuously stream physiological data with precise spatiotemporal labels, producing spatiotemporal electronic health records (EHRs) at scale. Offloading raw telemetry to the cloud burdens analytics and storage and raises compliance and profiling risks. We present MedHST, an edge-first framework that secures the IoMT analytics pipeline end-to-end with fine-grained access control. Each timestamp–grid block is protected with labeled additive homomorphic encryption (LabHE) for encrypted range aggregation. Per-dimension first-difference masking with constrained pseudorandom function (cPRF)-derived seeds enables constant-time verify-then-decrypt for axis-aligned windows. A hierarchical quadtree-dyadic index together with a homomorphic MAC (HoMAC) binds each answer to a fresh nonce and its query context, providing end-to-end integrity. Least-privilege sharing uses ciphertext-policy attribute-based encryption (CP-ABE)-wrapped range seeds to support epoch-bounded revocation and logarithmic-size authorization headers, without exposing plaintext indices. On a gateway-class platform, MedHST returns constant-size answers and maintains

O (1)

client verify-then-decrypt work; cryptographic paths run in the

μ s

regime with a predictable

\approx 2 \times

integrity overhead; end-to-end latency remains

1 - 2 ms

across window sizes; and ingest scales to tens of millions of blocks. Collectively, these properties establish MedHST as a practical, scalable, and verifiable security layer for privacy-preserving IoMT analytics from device to cloud.

在医疗物联网（IoMT）中，可穿戴设备和边缘传感器不断传输具有精确时空标签的生理数据，从而大规模生成时空电子健康记录（EHRs）。将原始遥测数据转移到云端会增加分析和存储的负担，并增加合规性和分析风险。我们提出MedHST，这是一个边缘优先的框架，通过细粒度的访问控制来保护IoMT分析管道的端到端。每个时间戳网格块都使用标记加性同态加密（LabHE）进行加密范围聚合。使用约束伪随机函数（cPRF）衍生种子的每维一差掩码可以为轴对齐窗口实现恒定时间的先验证后解密。分层四叉树双进索引与同态MAC （HoMAC）一起将每个答案绑定到一个新的随机数及其查询上下文，从而提供端到端的完整性。最小权限共享使用密文策略基于属性的加密（CP-ABE）包装的范围种子来支持有时间限制的撤销和对数大小的授权头，而不暴露明文索引。在网关类平台上，MedHST返回固定大小的答案，并维护O(1)客户端验证-然后解密工作；加密路径在μs范围内运行，具有可预测的≈2x完整性开销；端到端延迟保持1 - 2ms跨窗口大小；摄取量可达数千万块。总的来说，这些属性使MedHST成为一个实用的、可扩展的、可验证的安全层，用于从设备到云的隐私保护IoMT分析。

{"title":"MedHST: Secure spatiotemporal EHR analytics with fine-grained access control for IoMT","authors":"Yuxi Li , Jingjing Chen , Dong Ji , Qingxu Deng","doi":"10.1016/j.sysarc.2025.103606","DOIUrl":"10.1016/j.sysarc.2025.103606","url":null,"abstract":"<div><div>Within the Internet of Medical Things (IoMT), wearables and edge sensors continuously stream physiological data with precise spatiotemporal labels, producing spatiotemporal electronic health records (EHRs) at scale. Offloading raw telemetry to the cloud burdens analytics and storage and raises compliance and profiling risks. We present <span>MedHST</span>, an edge-first framework that secures the IoMT analytics pipeline end-to-end with fine-grained access control. Each timestamp–grid block is protected with labeled additive homomorphic encryption (LabHE) for encrypted range aggregation. Per-dimension first-difference masking with constrained pseudorandom function (cPRF)-derived seeds enables constant-time verify-then-decrypt for axis-aligned windows. A hierarchical quadtree-dyadic index together with a homomorphic MAC (HoMAC) binds each answer to a fresh nonce and its query context, providing end-to-end integrity. Least-privilege sharing uses ciphertext-policy attribute-based encryption (CP-ABE)-wrapped range seeds to support epoch-bounded revocation and logarithmic-size authorization headers, without exposing plaintext indices. On a gateway-class platform, <span>MedHST</span> returns constant-size answers and maintains <span><math><mrow><mi>O</mi><mrow><mo>(</mo><mn>1</mn><mo>)</mo></mrow></mrow></math></span> client verify-then-decrypt work; cryptographic paths run in the <span><math><mrow><mi>μ</mi><mi>s</mi></mrow></math></span> regime with a predictable <span><math><mrow><mo>≈</mo><mspace></mspace><mn>2</mn><mo>×</mo></mrow></math></span> integrity overhead; end-to-end latency remains <span><math><mrow><mn>1</mn><mspace></mspace><mo>−</mo><mspace></mspace><mn>2</mn><mspace></mspace><mi>ms</mi></mrow></math></span> across window sizes; and ingest scales to tens of millions of blocks. Collectively, these properties establish <span>MedHST</span> as a practical, scalable, and verifiable security layer for privacy-preserving IoMT analytics from device to cloud.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"170 ","pages":"Article 103606"},"PeriodicalIF":4.1,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145468569","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Multi-agent reinforcement learning for resource allocation in NOMA-enhanced aerial edge computing networks 基于多智能体强化学习的noma增强空中边缘计算网络资源分配

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2026-01-01 Epub Date: 2025-11-17 DOI: 10.1016/j.sysarc.2025.103634

Longxin Zhang , Xiaotong Lu , Jing Liu , Yanfen Zhang , Jianguo Chen , Buqing Cao , Keqin Li

The advantages of unmanned aerial vehicles (UAVs) in terms of maneuverability and line-of-sight communication have made aerial edge computing (AEC) a promising solution for processing computationally intensive tasks. However, the constrained computational resources of UAVs and the complexity of multi-UAV coordination pose significant challenges in designing efficient trajectory optimization and power allocation strategies to enhance user service quality. To address this issue, we construct an AEC architecture assisted by non-orthogonal multiple access (NOMA) and a deep reinforcement learning (DRL) algorithm based on dynamic Gaussian mixture and sharing networks (DRL-DGSN). By leveraging the successive interference cancellation technology of NOMA, DRL-DGSN simultaneously optimizes user association, UAV power allocation, and trajectory design to maximize system throughput. First, DRL-DGSN employs a dynamic user association algorithm based on Gaussian mixture model, achieving capacity-aware uniform clustering through probabilistic modeling combined with cluster capacity constraints, effectively preventing UAV overload. Second, DRL-DGSN utilizes a multi-agent DRL framework with a dueling network architecture and double deep Q-network. By integrating a shared network, agents can efficiently share experiences, enabling simultaneous optimization of multi-UAV cooperative trajectories and power allocation, while reducing Q-value overestimation and enhancing training efficiency. Finally, extensive experiments validate the superiority and effectiveness of DRL-DGSN across various scenarios.

无人机（uav）在机动性和视距通信方面的优势使得空中边缘计算（AEC）成为处理计算密集型任务的有前途的解决方案。然而，无人机计算资源的有限性和多无人机协同的复杂性对设计有效的轨迹优化和功率分配策略以提高用户服务质量提出了重大挑战。为了解决这个问题，我们构建了一个非正交多址（NOMA）辅助的AEC架构和一个基于动态高斯混合和共享网络（DRL- dgsn）的深度强化学习（DRL）算法。通过利用NOMA的连续干扰消除技术，DRL-DGSN同时优化用户关联、无人机功率分配和轨迹设计，以最大限度地提高系统吞吐量。首先，DRL-DGSN采用基于高斯混合模型的动态用户关联算法，结合集群容量约束，通过概率建模实现容量感知的均匀聚类，有效防止无人机过载。其次，DRL- dgsn采用多智能体DRL框架，采用决斗网络架构和双深度q网络。通过集成共享网络，智能体可以高效地共享经验，实现多无人机协同轨迹优化和功率分配，同时减少q值高估，提高训练效率。最后，通过大量的实验验证了DRL-DGSN在各种场景下的优越性和有效性。

{"title":"Multi-agent reinforcement learning for resource allocation in NOMA-enhanced aerial edge computing networks","authors":"Longxin Zhang , Xiaotong Lu , Jing Liu , Yanfen Zhang , Jianguo Chen , Buqing Cao , Keqin Li","doi":"10.1016/j.sysarc.2025.103634","DOIUrl":"10.1016/j.sysarc.2025.103634","url":null,"abstract":"<div><div>The advantages of unmanned aerial vehicles (UAVs) in terms of maneuverability and line-of-sight communication have made aerial edge computing (AEC) a promising solution for processing computationally intensive tasks. However, the constrained computational resources of UAVs and the complexity of multi-UAV coordination pose significant challenges in designing efficient trajectory optimization and power allocation strategies to enhance user service quality. To address this issue, we construct an AEC architecture assisted by non-orthogonal multiple access (NOMA) and a deep reinforcement learning (DRL) algorithm based on dynamic Gaussian mixture and sharing networks (DRL-DGSN). By leveraging the successive interference cancellation technology of NOMA, DRL-DGSN simultaneously optimizes user association, UAV power allocation, and trajectory design to maximize system throughput. First, DRL-DGSN employs a dynamic user association algorithm based on Gaussian mixture model, achieving capacity-aware uniform clustering through probabilistic modeling combined with cluster capacity constraints, effectively preventing UAV overload. Second, DRL-DGSN utilizes a multi-agent DRL framework with a dueling network architecture and double deep Q-network. By integrating a shared network, agents can efficiently share experiences, enabling simultaneous optimization of multi-UAV cooperative trajectories and power allocation, while reducing Q-value overestimation and enhancing training efficiency. Finally, extensive experiments validate the superiority and effectiveness of DRL-DGSN across various scenarios.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"170 ","pages":"Article 103634"},"PeriodicalIF":4.1,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145569400","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0