Journal of Network and Computer Applications最新文献

Predictive safe delivery with machine learning and digital twins collaboration for decentralized crowdsourced systems

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-04-24 DOI: 10.1016/j.jnca.2025.104196

Feruz Elmay , Maha Kadadha , Rabeb Mizouni , Shakti Singh , Azzam Mourad , Hadi Otrok

Crowdsourced last-mile delivery leverages workers willing to complete delivery tasks posted by requesters for incentives through dedicated platforms. While this is effective and affordable, crowdsourced delivery faces significant challenges, including the workforce’s uncertain availability and capability to deliver packages safely, inadequate package monitoring, and a lack of trust among the participants. These issues have become increasingly pronounced due to the rapid growth of e-commerce, where last-mile delivery constitutes a substantial portion of overall delivery costs and delays. Existing centralized works attempt to tackle the uncertainty of workforce availability and capability by analyzing worker behavior or predicting the fulfillment success in the allocation mechanism. On the other hand, decentralized solutions introduce blockchain-based platforms for transparent and secure interaction and transaction recording to tackle the challenge of lack of trust. These existing approaches, however, overlook a critical aspect of crowdsourced delivery, where successful task completion relies not only on worker commitment but also on delivered package status. In response, this work proposes a comprehensive framework leveraging machine learning, blockchain, and digital twins for package safe and transparent delivery. The proposed approach utilizes machine learning models to predict the delivery success of packages off-chain secured using IPFS and smart contracts events. Subsequently, a task allocation mechanism hosted on a blockchain integrates the projected delivery success with the Quality of Service (QoS) metric to assign tasks to workers with an increased likelihood of successful completion. Package digital twins are designed and employed to monitor packages in real-time, providing transparent feedback on package status and delivery. The trained models demonstrate an average accuracy of 96% and an F1-score of 94%. Evaluation with real-world data revealed substantial enhancements: task success rates improved by 48%, quality of service by 41%, worker reputation by 26%, and package delivery quality by 16%.

{"title":"Predictive safe delivery with machine learning and digital twins collaboration for decentralized crowdsourced systems","authors":"Feruz Elmay , Maha Kadadha , Rabeb Mizouni , Shakti Singh , Azzam Mourad , Hadi Otrok","doi":"10.1016/j.jnca.2025.104196","DOIUrl":"10.1016/j.jnca.2025.104196","url":null,"abstract":"<div><div>Crowdsourced last-mile delivery leverages workers willing to complete delivery tasks posted by requesters for incentives through dedicated platforms. While this is effective and affordable, crowdsourced delivery faces significant challenges, including the workforce’s uncertain availability and capability to deliver packages safely, inadequate package monitoring, and a lack of trust among the participants. These issues have become increasingly pronounced due to the rapid growth of e-commerce, where last-mile delivery constitutes a substantial portion of overall delivery costs and delays. Existing centralized works attempt to tackle the uncertainty of workforce availability and capability by analyzing worker behavior or predicting the fulfillment success in the allocation mechanism. On the other hand, decentralized solutions introduce blockchain-based platforms for transparent and secure interaction and transaction recording to tackle the challenge of lack of trust. These existing approaches, however, overlook a critical aspect of crowdsourced delivery, where successful task completion relies not only on worker commitment but also on delivered package status. In response, this work proposes a comprehensive framework leveraging machine learning, blockchain, and digital twins for package safe and transparent delivery. The proposed approach utilizes machine learning models to predict the delivery success of packages off-chain secured using IPFS and smart contracts events. Subsequently, a task allocation mechanism hosted on a blockchain integrates the projected delivery success with the Quality of Service (QoS) metric to assign tasks to workers with an increased likelihood of successful completion. Package digital twins are designed and employed to monitor packages in real-time, providing transparent feedback on package status and delivery. The trained models demonstrate an average accuracy of 96% and an F1-score of 94%. Evaluation with real-world data revealed substantial enhancements: task success rates improved by 48%, quality of service by 41%, worker reputation by 26%, and package delivery quality by 16%.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"240 ","pages":"Article 104196"},"PeriodicalIF":7.7,"publicationDate":"2025-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143873940","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A security authentication and key agreement scheme for railway space-ground integrated network based on ideal lattice

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-04-21 DOI: 10.1016/j.jnca.2025.104194

Yong Chen, Zhaofeng Xin, Bingwang Zhang, Junli Jia

At present, the Global System for Mobile Communications- Railway (GSM-R) is widely used in high-speed railway, but it is a 2G narrowband system that cannot meet the needs of intelligent development of high-speed railways. In the future, space-ground integrated railway communication network will gradually become an inevitable trend of railway development. Aiming at the problems of identity non-mutual authentication, data privacy leakage and low communication efficiency in the railway space-ground integrated network, this paper proposes a space-ground integrated security authentication and key agreement scheme based on ideal lattice. Firstly, the public key cryptosystem based on ideal lattice is designed to complete the mutual authentication of identity between train, Middle Earth Orbit (BDS) satellite and Authentication Server Function/Unified Data Management (AUSF/UDM), which can effectively resist the man-in-the-middle attack and replay attacks. Secondly, a zero-knowledge proof non-interactive Schnorr protocol digital signature algorithm is proposed and a random number mechanism is added to ensure the secure transmission of authentication information and improve the communication efficiency while reducing the number of communication interactions. Then, the session key is generated using the ideal lattice key agreement mechanism and hash function, which ensures the forward and backward security of the session key. Finally, the proposed method has been analyzed for efficiency and security through ideal lattice correctness analysis, BAN logic theory proofs and Tamarin protocol simulation tool. The results show that the proposed method can not only resist DoS attacks and realize the traceability of malicious attacks, but also has low computational overhead, which can better satisfy the security requirements of next generation space-ground integrated railway communication system.

{"title":"A security authentication and key agreement scheme for railway space-ground integrated network based on ideal lattice","authors":"Yong Chen, Zhaofeng Xin, Bingwang Zhang, Junli Jia","doi":"10.1016/j.jnca.2025.104194","DOIUrl":"10.1016/j.jnca.2025.104194","url":null,"abstract":"<div><div>At present, the Global System for Mobile Communications- Railway (GSM-R) is widely used in high-speed railway, but it is a 2G narrowband system that cannot meet the needs of intelligent development of high-speed railways. In the future, space-ground integrated railway communication network will gradually become an inevitable trend of railway development. Aiming at the problems of identity non-mutual authentication, data privacy leakage and low communication efficiency in the railway space-ground integrated network, this paper proposes a space-ground integrated security authentication and key agreement scheme based on ideal lattice. Firstly, the public key cryptosystem based on ideal lattice is designed to complete the mutual authentication of identity between train, Middle Earth Orbit (BDS) satellite and Authentication Server Function/Unified Data Management (AUSF/UDM), which can effectively resist the man-in-the-middle attack and replay attacks. Secondly, a zero-knowledge proof non-interactive Schnorr protocol digital signature algorithm is proposed and a random number mechanism is added to ensure the secure transmission of authentication information and improve the communication efficiency while reducing the number of communication interactions. Then, the session key is generated using the ideal lattice key agreement mechanism and hash function, which ensures the forward and backward security of the session key. Finally, the proposed method has been analyzed for efficiency and security through ideal lattice correctness analysis, BAN logic theory proofs and Tamarin protocol simulation tool. The results show that the proposed method can not only resist DoS attacks and realize the traceability of malicious attacks, but also has low computational overhead, which can better satisfy the security requirements of next generation space-ground integrated railway communication system.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"240 ","pages":"Article 104194"},"PeriodicalIF":7.7,"publicationDate":"2025-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143870050","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

DRacv: Detecting and auto-repairing vulnerabilities in role-based access control in web application

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-04-20 DOI: 10.1016/j.jnca.2025.104191

Ke Xu , Bing Zhang , Jingyue Li , Haitao He , Rong Ren , Jiadong Ren

Traditional methods for analyzing Broken Access Control (BAC) vulnerabilities have limitations regarding low coverage of access control rules, high false positive rate (FPR). Additionally, state-of-the-art strategies for repairing BAC vulnerabilities utilizing statement-level replacement as a repair method may introduce new logical errors. To address these challenges, we propose a novel approach called DRacv (Detect and Repair Access Control Vulnerabilities) to identify and auto-repair vulnerabilities in Role-Based Access Control (RBAC) mode used in web applications. To detect vulnerabilities, DRacv first constructs a Fine-grained Global Multi-attribute Architectural Navigation Graph model (FG-MANG) for web applications through dynamic execution and static analysis, which characterizes full relationships between roles, privileges, and accessible page resources. Based on access control rules extracted from FG-MANG, DRacv generates targeted attack payloads to detect BAC vulnerabilities, significantly reducing FPR and eliminating redundant attack payloads. To auto-repair the identified vulnerabilities, DRacv first precisely extracts access control privilege parameters, validation functions, and contextual statements to construct the patch code templates. These templates generate user- and role-level verification patch codes for different users and roles. Instead of changing the vulnerable code, the patch codes behave like firewalls. They are added as separate files and invoked by the web page with vulnerability to defend against access control compromises. DRacv was evaluated on 12 popular open-source web applications in PHP and JAVA. From the applications, DRacv identified 35 vulnerabilities (11 were new) with only one false positive, achieving an FPR of 2.78%. We also compared DRacv’s detection results with state-of-the-art studies. Results show that DRacv outperforms those studies regarding the number of vulnerabilities detected and FPR. Among the 35 vulnerabilities detected, DRacv automatically repaired 34 of them, achieving a repair rate of 97.14%. The evaluation results also show that DRacv auto-fixed more vulnerabilities than the two state-of-the-art auto-repairing methods.

{"title":"DRacv: Detecting and auto-repairing vulnerabilities in role-based access control in web application","authors":"Ke Xu , Bing Zhang , Jingyue Li , Haitao He , Rong Ren , Jiadong Ren","doi":"10.1016/j.jnca.2025.104191","DOIUrl":"10.1016/j.jnca.2025.104191","url":null,"abstract":"<div><div>Traditional methods for analyzing Broken Access Control (BAC) vulnerabilities have limitations regarding low coverage of access control rules, high false positive rate (FPR). Additionally, state-of-the-art strategies for repairing BAC vulnerabilities utilizing statement-level replacement as a repair method may introduce new logical errors. To address these challenges, we propose a novel approach called DRacv (<u>D</u>etect and <u>R</u>epair <u>A</u>ccess <u>C</u>ontrol <u>V</u>ulnerabilities) to identify and auto-repair vulnerabilities in Role-Based Access Control (RBAC) mode used in web applications. To detect vulnerabilities, DRacv first constructs a Fine-grained Global Multi-attribute Architectural Navigation Graph model (<em>FG-MANG</em>) for web applications through dynamic execution and static analysis, which characterizes full relationships between roles, privileges, and accessible page resources. Based on access control rules extracted from <em>FG-MANG</em>, DRacv generates targeted attack payloads to detect BAC vulnerabilities, significantly reducing FPR and eliminating redundant attack payloads. To auto-repair the identified vulnerabilities, DRacv first precisely extracts access control privilege parameters, validation functions, and contextual statements to construct the patch code templates. These templates generate user- and role-level verification patch codes for different users and roles. Instead of changing the vulnerable code, the patch codes behave like firewalls. They are added as separate files and invoked by the web page with vulnerability to defend against access control compromises. DRacv was evaluated on 12 popular open-source web applications in PHP and JAVA. From the applications, DRacv identified 35 vulnerabilities (11 were new) with only one false positive, achieving an FPR of 2.78%. We also compared DRacv’s detection results with state-of-the-art studies. Results show that DRacv outperforms those studies regarding the number of vulnerabilities detected and FPR. Among the 35 vulnerabilities detected, DRacv automatically repaired 34 of them, achieving a repair rate of 97.14%. The evaluation results also show that DRacv auto-fixed more vulnerabilities than the two state-of-the-art auto-repairing methods.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"240 ","pages":"Article 104191"},"PeriodicalIF":7.7,"publicationDate":"2025-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143860208","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Variational Deep Clustering approaches for anomaly-based cyber-attack detection

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-04-19 DOI: 10.1016/j.jnca.2025.104182

Van Quan Nguyen , Viet Hung Nguyen , Long Thanh Ngo , Le Minh Nguyen , Nhien-An Le-Khac

Detecting network anomalies is a critical cybersecurity task, yet existing methods struggle with high-dimensional data and limited interpretability in latent space. These challenges hinder precise differentiation between normal and anomalous activities due to (i) the chaotic distribution of normal samples, (ii) the absence of constraints to optimize the normal region’s hypervolume leading to high false alarm rates, (iii) the lack of prior knowledge for estimating the probability distribution of normal data, and (iv) slow inference times.

This research introduces two innovative deep generative models: Deep Clustering Variational Auto-Encoder (DCVAE) and Deep Clustering Support Vector Data Description Variational Auto-Encoder (DC-SVDD-VAE), designed to enhance learning latent features for detecting network anomalies. Both models incorporate a clustering layer within the Encoder to discover a clustering architecture suitable for normal network data. They also leverage prior information, specifically a Gaussian probability distribution, to estimate the posterior distribution that generates normal network data. Additionally, the DC-SVDD-VAE model integrates SVDD layers, which refine the clustering structure by mapping it onto an optimally sized hypersphere before computing the posterior probability. These approaches improve the separation between normal and abnormal regions at latent space, making it easier to identify significant/distinguishing latent features.

Both models were evaluated in conjunction with seven distinct one-class anomaly detection methods to assess the efficiency of the proposed solutions and the robustness of the generated features. These detectors were assessed using well-known intrusion benchmark datasets, including NSL-KDD, UNSW-NB15, CIC-IDS-2017, CSE-CIC-IDS-2018, and CTU-13. The experimental findings revealed that both models outperformed existing baselines and state-of-the-art approaches in terms of accuracy. Furthermore, inference stage processing times showed a notable decrease.

{"title":"Variational Deep Clustering approaches for anomaly-based cyber-attack detection","authors":"Van Quan Nguyen , Viet Hung Nguyen , Long Thanh Ngo , Le Minh Nguyen , Nhien-An Le-Khac","doi":"10.1016/j.jnca.2025.104182","DOIUrl":"10.1016/j.jnca.2025.104182","url":null,"abstract":"<div><div>Detecting network anomalies is a critical cybersecurity task, yet existing methods struggle with high-dimensional data and limited interpretability in latent space. These challenges hinder precise differentiation between normal and anomalous activities due to (i) the chaotic distribution of normal samples, (ii) the absence of constraints to optimize the normal region’s hypervolume leading to high false alarm rates, (iii) the lack of prior knowledge for estimating the probability distribution of normal data, and (iv) slow inference times.</div><div>This research introduces two innovative deep generative models: Deep Clustering Variational Auto-Encoder (DCVAE) and Deep Clustering Support Vector Data Description Variational Auto-Encoder (DC-SVDD-VAE), designed to enhance learning latent features for detecting network anomalies. Both models incorporate a clustering layer within the Encoder to discover a clustering architecture suitable for normal network data. They also leverage prior information, specifically a Gaussian probability distribution, to estimate the posterior distribution that generates normal network data. Additionally, the DC-SVDD-VAE model integrates SVDD layers, which refine the clustering structure by mapping it onto an optimally sized hypersphere before computing the posterior probability. These approaches improve the separation between normal and abnormal regions at latent space, making it easier to identify significant/distinguishing latent features.</div><div>Both models were evaluated in conjunction with seven distinct one-class anomaly detection methods to assess the efficiency of the proposed solutions and the robustness of the generated features. These detectors were assessed using well-known intrusion benchmark datasets, including NSL-KDD, UNSW-NB15, CIC-IDS-2017, CSE-CIC-IDS-2018, and CTU-13. The experimental findings revealed that both models outperformed existing baselines and state-of-the-art approaches in terms of accuracy. Furthermore, inference stage processing times showed a notable decrease.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"240 ","pages":"Article 104182"},"PeriodicalIF":7.7,"publicationDate":"2025-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143863318","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Task offloading strategy of vehicle edge computing based on reinforcement learning 基于强化学习的车辆边缘计算任务卸载策略

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-04-17 DOI: 10.1016/j.jnca.2025.104195

Lingling Wang, Wenjie Zhou, Linbo Zhai

The rapid development of edge computing has an impact on the Internet of Vehicles (IoV). However, the high-speed mobility of vehicles makes the task offloading delay unstable and unreliable. Hence, this paper studies the task offloading problem to provide stable computing, communication and storage services for user vehicles in vehicle networks. The offloading problem is formulated to minimize cost consumption under the maximum delay constraint by jointly considering the positions, speeds and computation resources of vehicles. Due to the complexity of the problem, we propose the vehicle deep Q-network (V-DQN) algorithm. In V-DQN algorithm, we firstly propose a vehicle adaptive feedback (VAF) algorithm to obtain the priority setting of processing tasks for service vehicles. Then, the V-DQN algorithm is implemented based on the result of VAF to realize task offloading strategy. Specially, the interruption problem caused by the movement of the vehicle is formulated as a return function to evaluate the task offloading strategy. The simulation results show that our proposed scheme significantly reduces cost consumption.

边缘计算的快速发展对车联网（IoV）产生了影响。然而，车辆的高速流动性使得任务卸载延迟不稳定、不可靠。因此，本文研究了任务卸载问题，为车载网络中的用户车辆提供稳定的计算、通信和存储服务。通过联合考虑车辆的位置、速度和计算资源，制定了卸载问题，以在最大延迟约束下最小化成本消耗。鉴于问题的复杂性，我们提出了车辆深度 Q 网络（V-DQN）算法。在 V-DQN 算法中，我们首先提出了一种车辆自适应反馈（VAF）算法，以获得服务车辆处理任务的优先级设置。然后，根据 VAF 的结果实现 V-DQN 算法，从而实现任务卸载策略。特别是，将车辆移动造成的中断问题作为返回函数来评估任务卸载策略。仿真结果表明，我们提出的方案大大降低了成本消耗。

{"title":"Task offloading strategy of vehicle edge computing based on reinforcement learning","authors":"Lingling Wang, Wenjie Zhou, Linbo Zhai","doi":"10.1016/j.jnca.2025.104195","DOIUrl":"10.1016/j.jnca.2025.104195","url":null,"abstract":"<div><div>The rapid development of edge computing has an impact on the Internet of Vehicles (IoV). However, the high-speed mobility of vehicles makes the task offloading delay unstable and unreliable. Hence, this paper studies the task offloading problem to provide stable computing, communication and storage services for user vehicles in vehicle networks. The offloading problem is formulated to minimize cost consumption under the maximum delay constraint by jointly considering the positions, speeds and computation resources of vehicles. Due to the complexity of the problem, we propose the vehicle deep Q-network (V-DQN) algorithm. In V-DQN algorithm, we firstly propose a vehicle adaptive feedback (VAF) algorithm to obtain the priority setting of processing tasks for service vehicles. Then, the V-DQN algorithm is implemented based on the result of VAF to realize task offloading strategy. Specially, the interruption problem caused by the movement of the vehicle is formulated as a return function to evaluate the task offloading strategy. The simulation results show that our proposed scheme significantly reduces cost consumption.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"239 ","pages":"Article 104195"},"PeriodicalIF":7.7,"publicationDate":"2025-04-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143847508","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

An overview and solution for democratizing AI workflows at the network edge

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-04-11 DOI: 10.1016/j.jnca.2025.104180

Andrej Čop, Blaž Bertalanič, Carolina Fortuna

With the process of democratization of the network edge, hardware and software for networks are becoming available to the public, overcoming the confines of traditional cloud providers and network operators. This trend, coupled with the increasing importance of AI in 6G and beyond cellular networks, presents opportunities for innovative AI applications and systems at the network edge. While AI models and services are well-managed in cloud systems, achieving similar maturity for serving network needs remains an open challenge. Existing open solutions are emerging and are yet to consider democratization requirements. In this work, we identify key requirements for democratization and propose NAOMI, a solution for democratizing AI/ML workflows at the network edge designed based on those requirements. Guided by the functionality and overlap analysis of the O-RAN AI/ML workflow architecture and MLOps systems, coupled with the survey of open-source AI/ML tools, we develop a modular, scalable, and distributed hardware architecture-independent solution. NAOMI leverages state-of-the-art open-source tools and can be deployed on distributed clusters of heterogeneous devices. The results show that NAOMI performs up to 40% better in deployment time and up to 73% faster in AI/ML workflow execution for larger datasets compared to AI/ML Framework, a representative open network access solution, while performing inference and utilizing resources on par with its counterpart.

{"title":"An overview and solution for democratizing AI workflows at the network edge","authors":"Andrej Čop, Blaž Bertalanič, Carolina Fortuna","doi":"10.1016/j.jnca.2025.104180","DOIUrl":"10.1016/j.jnca.2025.104180","url":null,"abstract":"<div><div>With the process of democratization of the network edge, hardware and software for networks are becoming available to the public, overcoming the confines of traditional cloud providers and network operators. This trend, coupled with the increasing importance of AI in 6G and beyond cellular networks, presents opportunities for innovative AI applications and systems at the network edge. While AI models and services are well-managed in cloud systems, achieving similar maturity for serving network needs remains an open challenge. Existing open solutions are emerging and are yet to consider democratization requirements. In this work, we identify key requirements for democratization and propose NAOMI, a solution for democratizing AI/ML workflows at the network edge designed based on those requirements. Guided by the functionality and overlap analysis of the O-RAN AI/ML workflow architecture and MLOps systems, coupled with the survey of open-source AI/ML tools, we develop a modular, scalable, and distributed hardware architecture-independent solution. NAOMI leverages state-of-the-art open-source tools and can be deployed on distributed clusters of heterogeneous devices. The results show that NAOMI performs up to 40% better in deployment time and up to 73% faster in AI/ML workflow execution for larger datasets compared to AI/ML Framework, a representative open network access solution, while performing inference and utilizing resources on par with its counterpart.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"239 ","pages":"Article 104180"},"PeriodicalIF":7.7,"publicationDate":"2025-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143834932","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Innovative detection of IoT cyber threats using a GBiTCN-Temformer and MKOA framework 利用 GBiTCN-Temformer 和 MKOA 框架创新性地检测物联网网络威胁

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-04-11 DOI: 10.1016/j.jnca.2025.104192

Vipin Rai , Pradeep Kumar Mishra , Shivani Joshi , Rajiv Kumar , Avinash Dwivedi , Amrita

In the digital era, the Internet of Things (IoT) platform is progressively utilized in several applications due to its versatility, adaptability, and accessibility. Despite that, the lack of security protocols, improper device updates, and unauthorized access exposes the IoT environment to diverse cyber threats, which affect network security and user confidentiality. To enhance cybersecurity, various deep learning (DL) approaches have been developed, yet these techniques have struggled to detect various attacks affecting the IoT platform, often yielding imprecise results and high false positive rates. This research proposes a novel framework that leverages the Modified Kepler optimization algorithm (MKOA) based feature selection model and the Gated Bidirectional Temporal Convolutional Network (GBiTCN) based Temporal transformer (Temformer) detection model to improve the cybersecurity and integrity of the IoT devices. The MKOA technique is introduced to select optimal features from the normalized data, thereby analyzing the characteristics of attacks and reducing data dimensionality. In addition, this study introduces a hybrid detection model, which combines the Gated BiTCN and Temformer approaches. The Gated BiTCN captures the bidirectional semantic features of network traffic, while the Temformer extracts correlations among different sequences for precise cyber-attack detection. Further, the effectiveness of this proposed technique is measured by utilizing IoT attack datasets with distinct parameters and it attains a higher accuracy of 98.76 % during attack detection tasks. These results demonstrate that the proposed technique provides exceptional performance in cyber threat detection. Experimental validation shows that the model significantly contributes to cyber-attack detection and enhances the cybersecurity of IoT networks effectively.

{"title":"Innovative detection of IoT cyber threats using a GBiTCN-Temformer and MKOA framework","authors":"Vipin Rai , Pradeep Kumar Mishra , Shivani Joshi , Rajiv Kumar , Avinash Dwivedi , Amrita","doi":"10.1016/j.jnca.2025.104192","DOIUrl":"10.1016/j.jnca.2025.104192","url":null,"abstract":"<div><div>In the digital era, the Internet of Things (IoT) platform is progressively utilized in several applications due to its versatility, adaptability, and accessibility. Despite that, the lack of security protocols, improper device updates, and unauthorized access exposes the IoT environment to diverse cyber threats, which affect network security and user confidentiality. To enhance cybersecurity, various deep learning (DL) approaches have been developed, yet these techniques have struggled to detect various attacks affecting the IoT platform, often yielding imprecise results and high false positive rates. This research proposes a novel framework that leverages the Modified Kepler optimization algorithm (MKOA) based feature selection model and the Gated Bidirectional Temporal Convolutional Network (GBiTCN) based Temporal transformer (Temformer) detection model to improve the cybersecurity and integrity of the IoT devices. The MKOA technique is introduced to select optimal features from the normalized data, thereby analyzing the characteristics of attacks and reducing data dimensionality. In addition, this study introduces a hybrid detection model, which combines the Gated BiTCN and Temformer approaches. The Gated BiTCN captures the bidirectional semantic features of network traffic, while the Temformer extracts correlations among different sequences for precise cyber-attack detection. Further, the effectiveness of this proposed technique is measured by utilizing IoT attack datasets with distinct parameters and it attains a higher accuracy of 98.76 % during attack detection tasks. These results demonstrate that the proposed technique provides exceptional performance in cyber threat detection. Experimental validation shows that the model significantly contributes to cyber-attack detection and enhances the cybersecurity of IoT networks effectively.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"240 ","pages":"Article 104192"},"PeriodicalIF":7.7,"publicationDate":"2025-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143859544","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A dynamic spectrum access scheme for Internet of Things with improved federated learning

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-04-10 DOI: 10.1016/j.jnca.2025.104189

Feng Li , Junyi Yang , Kwok-Yan Lam , Bowen Shen , Hao Luo

The traditional spectrum management paradigm is no longer sufficient to meet the increasingly urgent demand for efficient utilization of spectrum resources by Internet of Things (IoT) devices. Dynamic spectrum access, as an emerging solution, allows devices to intelligently select appropriate spectrum resources based on real-time demands and environmental changes. In this paper, we propose a dynamic spectrum access scheme based on a federated deep reinforcement learning framework, incorporating federated learning, graph neural networks (GNN), and deep Q networks (DQN). In the method, the GNN undertakes the Q-value prediction task, giving full play to its ability to capture inter-device relationships and environmental features. Meanwhile, the DQN learns by interacting with the environment and continuously adapts its strategy to maximize long-term cumulative rewards. To enhance the stability and learning efficiency of the model, we also apply techniques such as empirical playback buffering and updating the target network at fixed intervals. In particular, the use of the FedAge algorithm in federated learning helps to coordinate knowledge sharing and model updates across multiple devices, further enhancing the performance and operational efficiency of the entire system. After several simulation training, the results show that the system model of this paper’s scheme is close to or even better than the traditional federated deep reinforcement learning model in terms of convergence effect and stability while maintaining the privacy-preserving advantages of federated learning. Particularly noteworthy is that in terms of operational efficiency, this paper’s scheme significantly outperforms traditional federated deep learning models.

{"title":"A dynamic spectrum access scheme for Internet of Things with improved federated learning","authors":"Feng Li , Junyi Yang , Kwok-Yan Lam , Bowen Shen , Hao Luo","doi":"10.1016/j.jnca.2025.104189","DOIUrl":"10.1016/j.jnca.2025.104189","url":null,"abstract":"<div><div>The traditional spectrum management paradigm is no longer sufficient to meet the increasingly urgent demand for efficient utilization of spectrum resources by Internet of Things (IoT) devices. Dynamic spectrum access, as an emerging solution, allows devices to intelligently select appropriate spectrum resources based on real-time demands and environmental changes. In this paper, we propose a dynamic spectrum access scheme based on a federated deep reinforcement learning framework, incorporating federated learning, graph neural networks (GNN), and deep Q networks (DQN). In the method, the GNN undertakes the Q-value prediction task, giving full play to its ability to capture inter-device relationships and environmental features. Meanwhile, the DQN learns by interacting with the environment and continuously adapts its strategy to maximize long-term cumulative rewards. To enhance the stability and learning efficiency of the model, we also apply techniques such as empirical playback buffering and updating the target network at fixed intervals. In particular, the use of the FedAge algorithm in federated learning helps to coordinate knowledge sharing and model updates across multiple devices, further enhancing the performance and operational efficiency of the entire system. After several simulation training, the results show that the system model of this paper’s scheme is close to or even better than the traditional federated deep reinforcement learning model in terms of convergence effect and stability while maintaining the privacy-preserving advantages of federated learning. Particularly noteworthy is that in terms of operational efficiency, this paper’s scheme significantly outperforms traditional federated deep learning models.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"239 ","pages":"Article 104189"},"PeriodicalIF":7.7,"publicationDate":"2025-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143829213","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A survey of secure semantic communications

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-04-06 DOI: 10.1016/j.jnca.2025.104181

Rui Meng , Song Gao , Dayu Fan , Haixiao Gao , Yining Wang , Xiaodong Xu , Bizhu Wang , Suyu Lv , Zhidi Zhang , Mengying Sun , Shujun Han , Chen Dong , Xiaofeng Tao , Ping Zhang

Semantic communication (SemCom) is regarded as a promising and revolutionary technology in 6G, aiming to transcend the constraints of “Shannon’s trap” by filtering out redundant information and extracting the core of effective data. Compared to traditional communication paradigms, SemCom offers several notable advantages, such as reducing the burden on data transmission, enhancing network management efficiency, and optimizing resource allocation. Numerous researchers have extensively explored SemCom from various perspectives, including network architecture, theoretical analysis, potential technologies, and future applications. However, as SemCom continues to evolve, a multitude of security and privacy concerns have arisen, posing threats to the confidentiality, integrity, and availability of SemCom systems. This paper presents a comprehensive survey of the technologies that can be utilized to secure SemCom. Firstly, we elaborate on the entire life cycle of SemCom, which includes the model training, model transfer, and semantic information transmission phases. Then, we identify the security and privacy issues that emerge during these three stages. Furthermore, we summarize the techniques available to mitigate these security and privacy threats, including data cleaning, robust learning, defensive strategies against backdoor attacks, adversarial training, differential privacy, cryptography, blockchain technology, model compression, and physical-layer security. Lastly, this paper outlines future research directions to guide researchers in related fields.

{"title":"A survey of secure semantic communications","authors":"Rui Meng , Song Gao , Dayu Fan , Haixiao Gao , Yining Wang , Xiaodong Xu , Bizhu Wang , Suyu Lv , Zhidi Zhang , Mengying Sun , Shujun Han , Chen Dong , Xiaofeng Tao , Ping Zhang","doi":"10.1016/j.jnca.2025.104181","DOIUrl":"10.1016/j.jnca.2025.104181","url":null,"abstract":"<div><div>Semantic communication (SemCom) is regarded as a promising and revolutionary technology in 6G, aiming to transcend the constraints of “Shannon’s trap” by filtering out redundant information and extracting the core of effective data. Compared to traditional communication paradigms, SemCom offers several notable advantages, such as reducing the burden on data transmission, enhancing network management efficiency, and optimizing resource allocation. Numerous researchers have extensively explored SemCom from various perspectives, including network architecture, theoretical analysis, potential technologies, and future applications. However, as SemCom continues to evolve, a multitude of security and privacy concerns have arisen, posing threats to the confidentiality, integrity, and availability of SemCom systems. This paper presents a comprehensive survey of the technologies that can be utilized to secure SemCom. Firstly, we elaborate on the entire life cycle of SemCom, which includes the model training, model transfer, and semantic information transmission phases. Then, we identify the security and privacy issues that emerge during these three stages. Furthermore, we summarize the techniques available to mitigate these security and privacy threats, including data cleaning, robust learning, defensive strategies against backdoor attacks, adversarial training, differential privacy, cryptography, blockchain technology, model compression, and physical-layer security. Lastly, this paper outlines future research directions to guide researchers in related fields.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"239 ","pages":"Article 104181"},"PeriodicalIF":7.7,"publicationDate":"2025-04-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143806912","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

On the network coding-based D2D collaborative recovery scheme for scalable video broadcasting

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-04-05 DOI: 10.1016/j.jnca.2025.104179

Lei Wang , Jie Sun , Liang Chen , Jun Yin

This paper examines the collaborative recovery issue for the scalable video broadcasting (SVB) system, where two proximate user nodes are able to maintain a local out-of-band device-to-device (D2D) pair to cooperatively recover their lost broadcasted packets. Traditional error protection methods, such as Forward Error Correction (FEC) and error concealment, often require the source node to dynamically adjust its broadcast content based on feedback from user nodes. However, in many practical SVB scenarios, such as mobile TV broadcasting systems and satellite-based video broadcast virtual file systems, user nodes are merely recipients of broadcast messages and cannot feasibly report their reception status back to the source node (i.e., feedback-free). To address these challenges, we propose the Network Coding based Collaborative recovery scheme for SVB, named NC

^{2}

–SVB. NC

^{2}

–SVB deviates from previous studies by employing a feedback-free transmission model, wherein the source node neither receives updates on reception status nor channel conditions from the user nodes, nor does it dynamically modify its broadcast content. By utilizing the designed coding window sliding mechanism and the collaborative video layer scheduling algorithm, each user node can independently maintain a sliding coding window, generate optimal network coded packets, and collaborate recovery for the partner in a timely manner. The theoretical bounds of reliability and decoding delay for NC

^{2}

–SVB have been analyzed. Experimental results demonstrate that NC

^{2}

–SVB, compared to existing schemes, enhances the collaboration throughput, achieves higher decoding rates, offers lower decoding delays, as well as improved video playback quality.

{"title":"On the network coding-based D2D collaborative recovery scheme for scalable video broadcasting","authors":"Lei Wang , Jie Sun , Liang Chen , Jun Yin","doi":"10.1016/j.jnca.2025.104179","DOIUrl":"10.1016/j.jnca.2025.104179","url":null,"abstract":"<div><div>This paper examines the collaborative recovery issue for the scalable video broadcasting (SVB) system, where two proximate user nodes are able to maintain a local out-of-band device-to-device (D2D) pair to cooperatively recover their lost broadcasted packets. Traditional error protection methods, such as Forward Error Correction (FEC) and error concealment, often require the source node to dynamically adjust its broadcast content based on feedback from user nodes. However, in many practical SVB scenarios, such as mobile TV broadcasting systems and satellite-based video broadcast virtual file systems, user nodes are merely recipients of broadcast messages and cannot feasibly report their reception status back to the source node (i.e., feedback-free). To address these challenges, we propose the Network Coding based Collaborative recovery scheme for SVB, named NC<span><math><msup><mrow></mrow><mrow><mn>2</mn></mrow></msup></math></span>–SVB. NC<span><math><msup><mrow></mrow><mrow><mn>2</mn></mrow></msup></math></span>–SVB deviates from previous studies by employing a feedback-free transmission model, wherein the source node neither receives updates on reception status nor channel conditions from the user nodes, nor does it dynamically modify its broadcast content. By utilizing the designed coding window sliding mechanism and the collaborative video layer scheduling algorithm, each user node can independently maintain a sliding coding window, generate optimal network coded packets, and collaborate recovery for the partner in a timely manner. The theoretical bounds of reliability and decoding delay for NC<span><math><msup><mrow></mrow><mrow><mn>2</mn></mrow></msup></math></span>–SVB have been analyzed. Experimental results demonstrate that NC<span><math><msup><mrow></mrow><mrow><mn>2</mn></mrow></msup></math></span>–SVB, compared to existing schemes, enhances the collaboration throughput, achieves higher decoding rates, offers lower decoding delays, as well as improved video playback quality.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"239 ","pages":"Article 104179"},"PeriodicalIF":7.7,"publicationDate":"2025-04-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143791890","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0