Journal of Network and Computer Applications最新文献_第6页

Privacy-preserving trajectory data publication: A distributed approach without trusted servers 保护隐私的轨迹数据发布：没有可信服务器的分布式方法

IF 8 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2026-01-01 Epub Date: 2025-11-14 DOI: 10.1016/j.jnca.2025.104388

Jong Wook Kim , Beakcheol Jang

The widespread adoption of mobile devices, coupled with the rapid advancement of GPS and positioning technologies, has led to a significant increase in the collection of trajectory data. This trajectory data serves as a critical resource for numerous applications, leading to an increasing demand for its sharing and publication. However, the sensitive nature of trajectory data poses significant privacy risks, necessitating the development of privacy-preserving publication schemes. Differential privacy (DP) has emerged as a leading approach for protecting individual trajectories during data publication, but many existing approaches rely on a trusted central server, an assumption that is unrealistic in practical settings. In this paper, we present DistTraj, a novel distributed framework for privacy-preserving trajectory data publishing that eliminates the need for a trusted central server. The proposed framework leverages a distributed clustering scheme to generalize trajectories without relying on a centralized trusted server. To improve the effectiveness of DP in this decentralized setting, we propose a method to establish a tighter bound on the global sensitivity of the DP mechanism within the clustering process. Through extensive experiments on real-world datasets, we demonstrate that the proposed DistTraj framework, even without relying on a trusted central server, achieves performance comparable to state-of-the-art central server-based methods. These results show that DistTraj successfully balances privacy preservation and data utility in decentralized environments, where trusting a central server is impractical or infeasible.

移动设备的广泛采用，加上GPS和定位技术的快速发展，导致了轨道数据收集的显著增加。这些轨迹数据是许多应用程序的关键资源，导致对其共享和发布的需求不断增加。然而，轨迹数据的敏感性带来了重大的隐私风险，需要开发保护隐私的发布方案。差分隐私（DP）已成为数据发布期间保护个人轨迹的主要方法，但许多现有方法依赖于可信的中央服务器，这一假设在实际设置中是不现实的。在本文中，我们提出了DistTraj，这是一种新颖的分布式框架，用于保护隐私的轨迹数据发布，消除了对可信中央服务器的需求。提出的框架利用分布式集群方案来泛化轨迹，而不依赖于集中式可信服务器。为了提高这种分散环境下DP的有效性，我们提出了一种在聚类过程中对DP机制的全局敏感性建立更严格约束的方法。通过对真实世界数据集的广泛实验，我们证明了所提出的DistTraj框架，即使不依赖于可信的中央服务器，也可以实现与最先进的基于中央服务器的方法相当的性能。这些结果表明，DistTraj在去中心化环境中成功地平衡了隐私保护和数据效用，在去中心化环境中，信任中央服务器是不切实际或不可行的。

{"title":"Privacy-preserving trajectory data publication: A distributed approach without trusted servers","authors":"Jong Wook Kim , Beakcheol Jang","doi":"10.1016/j.jnca.2025.104388","DOIUrl":"10.1016/j.jnca.2025.104388","url":null,"abstract":"<div><div>The widespread adoption of mobile devices, coupled with the rapid advancement of GPS and positioning technologies, has led to a significant increase in the collection of trajectory data. This trajectory data serves as a critical resource for numerous applications, leading to an increasing demand for its sharing and publication. However, the sensitive nature of trajectory data poses significant privacy risks, necessitating the development of privacy-preserving publication schemes. Differential privacy (DP) has emerged as a leading approach for protecting individual trajectories during data publication, but many existing approaches rely on a trusted central server, an assumption that is unrealistic in practical settings. In this paper, we present DistTraj, a novel distributed framework for privacy-preserving trajectory data publishing that eliminates the need for a trusted central server. The proposed framework leverages a distributed clustering scheme to generalize trajectories without relying on a centralized trusted server. To improve the effectiveness of DP in this decentralized setting, we propose a method to establish a tighter bound on the global sensitivity of the DP mechanism within the clustering process. Through extensive experiments on real-world datasets, we demonstrate that the proposed DistTraj framework, even without relying on a trusted central server, achieves performance comparable to state-of-the-art central server-based methods. These results show that DistTraj successfully balances privacy preservation and data utility in decentralized environments, where trusting a central server is impractical or infeasible.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"245 ","pages":"Article 104388"},"PeriodicalIF":8.0,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145531184","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

LiteWTAKA: Authenticating UAV-GCS and UAV–UAV communication using secure and lightweight mechanism based on PUF LiteWTAKA：使用基于PUF的安全和轻量级机制验证无人机- gcs和无人机-无人机通信

IF 8 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2026-01-01 Epub Date: 2025-10-30 DOI: 10.1016/j.jnca.2025.104372

Naveen Kumar, Ankit Chaudhary

The adoption of Unmanned Aerial Vehicles (UAVs) or Drone technology is increasing from miliary to civilian domains because of its effectiveness in performing difficult operations. UAV communicates with Ground Control Station (GCS) in presence of open wireless channel which is insecure. The communication is susceptible to various security attacks because of open nature of wireless channel. A number of traditional cryptographic solutions are provided to mitigate these attacks, but there is need of large amount of computational resources. The UAVs are equipped with limited resources, so a lightweight mechanism is required. So, in this paper, a lightweight authentication and key agreement protocol is proposed that makes use of Physical Unclonable Function (PUF) technology along with the hash function and XOR operations to secure the communication. The proposed scheme ensures the robust authentication along with session key update mechanism. The security of proposed mechanism is validated and verified by formal security analysis using Scyther simulation tool, Burrows-Abadi-Needham (BAN) logic and Real-or-Random (ROR) model. The comprehensive analysis demonstrates that the scheme effectively mitigates known security attacks. The efficiency of proposed protocol is demonstrated by performing the experiments and by comparing it with the state-of-the-art schemes in terms of computation cost, communication cost, energy consumption and security requirements.

无人驾驶飞行器（uav）或无人机技术的采用正在从军事领域增加到民用领域，因为它可以有效地执行困难的操作。无人机与地面控制站（GCS）在开放无线信道存在的情况下进行通信是不安全的。由于无线信道的开放性，通信容易受到各种安全攻击。传统的加密解决方案可以缓解这些攻击，但需要大量的计算资源。无人机装备的资源有限，因此需要一种轻量级的机制。因此，本文提出了一种轻量级的身份验证和密钥协议，该协议利用物理不可克隆功能（PUF）技术以及哈希函数和异或操作来保护通信。该方案保证了认证的鲁棒性和会话密钥更新机制。利用Scyther仿真工具、Burrows-Abadi-Needham （BAN）逻辑和Real-or-Random （ROR）模型对所提出机制的安全性进行了形式化的安全性分析和验证。综合分析表明，该方案能够有效缓解已知的安全攻击。通过实验验证了该协议的有效性，并将其与现有协议在计算成本、通信成本、能耗和安全要求等方面进行了比较。

{"title":"LiteWTAKA: Authenticating UAV-GCS and UAV–UAV communication using secure and lightweight mechanism based on PUF","authors":"Naveen Kumar, Ankit Chaudhary","doi":"10.1016/j.jnca.2025.104372","DOIUrl":"10.1016/j.jnca.2025.104372","url":null,"abstract":"<div><div>The adoption of Unmanned Aerial Vehicles (UAVs) or Drone technology is increasing from miliary to civilian domains because of its effectiveness in performing difficult operations. UAV communicates with Ground Control Station (GCS) in presence of open wireless channel which is insecure. The communication is susceptible to various security attacks because of open nature of wireless channel. A number of traditional cryptographic solutions are provided to mitigate these attacks, but there is need of large amount of computational resources. The UAVs are equipped with limited resources, so a lightweight mechanism is required. So, in this paper, a lightweight authentication and key agreement protocol is proposed that makes use of Physical Unclonable Function (PUF) technology along with the hash function and XOR operations to secure the communication. The proposed scheme ensures the robust authentication along with session key update mechanism. The security of proposed mechanism is validated and verified by formal security analysis using Scyther simulation tool, Burrows-Abadi-Needham (BAN) logic and Real-or-Random (ROR) model. The comprehensive analysis demonstrates that the scheme effectively mitigates known security attacks. The efficiency of proposed protocol is demonstrated by performing the experiments and by comparing it with the state-of-the-art schemes in terms of computation cost, communication cost, energy consumption and security requirements.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"245 ","pages":"Article 104372"},"PeriodicalIF":8.0,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145382976","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Securing edge based smart city networks with software defined Networking and zero trust architecture 通过软件定义网络和零信任架构保护基于边缘的智能城市网络

IF 8 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-12-01 Epub Date: 2025-09-25 DOI: 10.1016/j.jnca.2025.104341

Abeer Iftikhar , Faisal Bashir Hussain , Kashif Naseer Qureshi , Muhammad Shiraz , Mehdi Sookhak

Smart cities are rapidly evolving by adopting Internet of Things (IoT) devices, edge and cloud computing, and mobile connectivity. While these advancements enhance urban efficiency and connectivity, they also significantly increase the risk of cyber threats targeting critical infrastructure. Modern interdependent systems require flexible resilience, allowing them to adapt to changing conditions while maintaining core functions. Smart city networks, however, face unique security vulnerabilities due to their scale and heterogeneity. Altered to industry expectations and requirements, traditional security models are generally restrictive. With its "never trust, always verify' motto, the Zero Trust (ZT) security model starkly differs from traditional models. ZT builds on network design by mandating real time identity verification, giving minimum access permission and mandating respect for the principle of least privilege. Software Defined Networking (SDN) extends one step further by offering central control over the network, policy based autonomous application and immediate response to anomalies. To address these challenges, our proposed Trust-based Resilient Edge Networks (TREN) framework integrates ZT principles to enhance smart city security. Under the umbrella of SDN controllers, SPP, the underpinning component of TREN, performs real time trust analysis and autonomous policy enforcement, for instance, applying high level threat defense mechanisms. TREN dynamically defends against advanced threats like DDoS and Sybil attacks by isolating malicious nodes and adapting defense tactics based on real-time trust and traffic analysis. Trust analysis and policy control modules provide dynamic adaptive coverage, permitting effective proactive defense. Mininet-based simulations demonstrate TREN's efficacy, achieving 95 % detection accuracy, a 20 % latency reduction, and a 25 % increase in data throughput when compared to baseline models.

通过采用物联网（IoT）设备、边缘和云计算以及移动连接，智慧城市正在迅速发展。虽然这些进步提高了城市效率和连通性，但也显著增加了针对关键基础设施的网络威胁的风险。现代相互依存的系统需要灵活的弹性，使它们能够适应不断变化的条件，同时保持核心功能。然而，由于其规模和异质性，智慧城市网络面临着独特的安全漏洞。随着行业期望和需求的改变，传统的安全模型通常是限制性的。零信任（Zero trust， ZT）安全模型以“永不信任，始终验证”为座右铭，与传统模型截然不同。ZT建立在网络设计的基础上，通过强制实时身份验证，提供最小访问权限和强制遵守最小特权原则。软件定义网络（SDN）通过提供对网络的集中控制，基于策略的自治应用和对异常的即时响应，进一步扩展了一步。为了应对这些挑战，我们提出的基于信任的弹性边缘网络（TREN）框架整合了ZT原则，以增强智慧城市安全。在SDN控制器的保护伞下，TREN的基础组件SPP执行实时信任分析和自主策略实施，例如，应用高级威胁防御机制。TREN通过隔离恶意节点，并根据实时信任和流量分析调整防御策略，动态防御DDoS和Sybil攻击等高级威胁。信任分析和策略控制模块提供动态自适应覆盖，实现有效的主动防御。与基线模型相比，基于miniet的仿真证明了TREN的有效性，实现了95%的检测精度，减少了20%的延迟，并增加了25%的数据吞吐量。

{"title":"Securing edge based smart city networks with software defined Networking and zero trust architecture","authors":"Abeer Iftikhar , Faisal Bashir Hussain , Kashif Naseer Qureshi , Muhammad Shiraz , Mehdi Sookhak","doi":"10.1016/j.jnca.2025.104341","DOIUrl":"10.1016/j.jnca.2025.104341","url":null,"abstract":"<div><div>Smart cities are rapidly evolving by adopting Internet of Things (IoT) devices, edge and cloud computing, and mobile connectivity. While these advancements enhance urban efficiency and connectivity, they also significantly increase the risk of cyber threats targeting critical infrastructure. Modern interdependent systems require flexible resilience, allowing them to adapt to changing conditions while maintaining core functions. Smart city networks, however, face unique security vulnerabilities due to their scale and heterogeneity. Altered to industry expectations and requirements, traditional security models are generally restrictive. With its \"never trust, always verify' motto, the Zero Trust (ZT) security model starkly differs from traditional models. ZT builds on network design by mandating real time identity verification, giving minimum access permission and mandating respect for the principle of least privilege. Software Defined Networking (SDN) extends one step further by offering central control over the network, policy based autonomous application and immediate response to anomalies. To address these challenges, our proposed Trust-based Resilient Edge Networks (TREN) framework integrates ZT principles to enhance smart city security. Under the umbrella of SDN controllers, SPP, the underpinning component of TREN, performs real time trust analysis and autonomous policy enforcement, for instance, applying high level threat defense mechanisms. TREN dynamically defends against advanced threats like DDoS and Sybil attacks by isolating malicious nodes and adapting defense tactics based on real-time trust and traffic analysis. Trust analysis and policy control modules provide dynamic adaptive coverage, permitting effective proactive defense. Mininet-based simulations demonstrate TREN's efficacy, achieving 95 % detection accuracy, a 20 % latency reduction, and a 25 % increase in data throughput when compared to baseline models.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"244 ","pages":"Article 104341"},"PeriodicalIF":8.0,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145254748","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Elastic RAN slicing technology with multi-timescale SLA assurances for heterogeneous services provision in 6G 具有多时间尺度SLA保证的6G异构业务弹性RAN切片技术

IF 8 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-12-01 Epub Date: 2025-09-24 DOI: 10.1016/j.jnca.2025.104330

Yamin Shen , Ping Wang , Chiou-Jye Huang , Shenxu Kuang , Song Li , Zihan Li

Digital transformation brings diverse applications along with varying Quality of Service (QoS) and isolation requirements. Network slicing, a key 5G technology anticipated to persist in 6G, aims to meet these heterogeneous requirements. However, due to conflicting usage of scarce resources among services, especially with multi-timescale Service Level Agreement (SLA) requirements including QoS and isolation, implementing slicing in the Radio Access Network (RAN) domain is a significant challenge. Therefore, this paper formulates the radio resource allocation problem posed by the coexistence of multiple URLLC (Ultra-Reliable and Low-Latency Communications) with varying delay requirements and eMBB (Enhanced Mobile Broadband) as a multi-timescale optimization problem. Consequently, a novel MPC (Model Predictive Control)-based RAN slicing resource allocation model called MPC-RSS is proposed. Specifically, MPC-RSS ensures elastic QoS through delay-tracking mechanism and far-sighted schemes. Meanwhile, it maintains elastic isolation by introducing logical and physical isolation constraint terms. Compared with the existing state-of-the-art approaches, simulation results show that MPC-RSS can achieve better and more elastic SLA performance. Our proposal provides a choice for 6G RAN to empower vertical industries achieving digital upgrades.

数字转换带来了不同的应用程序以及不同的服务质量（QoS）和隔离要求。网络切片是5G的一项关键技术，预计将在6G中持续存在，旨在满足这些异构需求。然而，由于服务之间对稀缺资源的冲突使用，特别是在包括QoS和隔离在内的多时间尺度服务水平协议（SLA）要求下，在无线接入网（RAN）域中实现切片是一个重大挑战。因此，本文将多个具有不同延迟需求的URLLC （Ultra-Reliable and Low-Latency Communications）和eMBB （Enhanced Mobile Broadband）共存所带来的无线电资源分配问题表述为一个多时标优化问题。因此，提出了一种新的基于模型预测控制（MPC）的RAN切片资源分配模型MPC- rss。具体来说，MPC-RSS通过延迟跟踪机制和前瞻性方案来保证弹性QoS。同时，通过引入逻辑隔离约束项和物理隔离约束项来保持弹性隔离。仿真结果表明，MPC-RSS可以获得更好的弹性SLA性能。我们的提案为6G RAN提供了一种选择，使垂直行业能够实现数字升级。

{"title":"Elastic RAN slicing technology with multi-timescale SLA assurances for heterogeneous services provision in 6G","authors":"Yamin Shen , Ping Wang , Chiou-Jye Huang , Shenxu Kuang , Song Li , Zihan Li","doi":"10.1016/j.jnca.2025.104330","DOIUrl":"10.1016/j.jnca.2025.104330","url":null,"abstract":"<div><div>Digital transformation brings diverse applications along with varying Quality of Service (QoS) and isolation requirements. Network slicing, a key 5G technology anticipated to persist in 6G, aims to meet these heterogeneous requirements. However, due to conflicting usage of scarce resources among services, especially with multi-timescale Service Level Agreement (SLA) requirements including QoS and isolation, implementing slicing in the Radio Access Network (RAN) domain is a significant challenge. Therefore, this paper formulates the radio resource allocation problem posed by the coexistence of multiple URLLC (Ultra-Reliable and Low-Latency Communications) with varying delay requirements and eMBB (Enhanced Mobile Broadband) as a multi-timescale optimization problem. Consequently, a novel MPC (Model Predictive Control)-based RAN slicing resource allocation model called MPC-RSS is proposed. Specifically, MPC-RSS ensures elastic QoS through delay-tracking mechanism and far-sighted schemes. Meanwhile, it maintains elastic isolation by introducing logical and physical isolation constraint terms. Compared with the existing state-of-the-art approaches, simulation results show that MPC-RSS can achieve better and more elastic SLA performance. Our proposal provides a choice for 6G RAN to empower vertical industries achieving digital upgrades.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"244 ","pages":"Article 104330"},"PeriodicalIF":8.0,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145223446","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

FlowTracker: A refined and versatile data plane measurement approach FlowTracker：一种精炼和通用的数据平面测量方法

IF 8 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-12-01 Epub Date: 2025-09-16 DOI: 10.1016/j.jnca.2025.104334

Xinyue Jiang , Chunming Wu , Zhengyan Zhou , Di Wang , Dezhang Kong , Muhammad Khurram Khan , Xuan Liu

To acquire per-hop flow level information, existing works have made significant contributions to offloading network measurement onto data center switches. Despite this, they still pose challenges due to increasingly complex measurement tasks and massive network traffic. In this paper, we introduce FlowTracker, a flow measurement primitive in the data plane. Our key innovation is a hash-based data structure with constant size and collision resolution, which allows fine-grained and real-time monitoring of various flow statistics. We have fully implemented a FlowTracker prototype on a testbed and used real-world packet traces to evaluate its performance. The results demonstrate FlowTracker’s efficiency under different measurement tasks. For example, with

\sim

0.5 MB of memory, FlowTracker can accurately estimate 98% heavy hitter out of 25K flows, with an average relative error of 1.28%. It also achieves 92.27% higher accuracy in packet delay estimation and 121.83% higher flow set coverage compared to competitors with only 64 KB of memory. Furthermore, FlowTracker imposes minimal overhead, requiring just

\sim

0.04% extra bandwidth for large-scale network processing. With these capabilities, FlowTracker can provide network operators with deep insights and efficient flow control of their networks.

为了获取每跳流量级别信息，现有的工作对将网络测量转移到数据中心交换机上做出了重大贡献。尽管如此，由于日益复杂的测量任务和庞大的网络流量，它们仍然带来了挑战。本文介绍了数据平面上的流量测量原语FlowTracker。我们的关键创新是基于哈希的数据结构，具有恒定的大小和冲突分辨率，可以对各种流量统计进行细粒度和实时监控。我们已经在测试平台上完全实现了FlowTracker原型，并使用真实的数据包跟踪来评估其性能。结果证明了FlowTracker在不同测量任务下的效率。例如，使用~ 0.5 MB的内存，FlowTracker可以准确地估计出25K流中98%的重磅攻击，平均相对误差为1.28%。与只有64 KB内存的竞争对手相比，它在数据包延迟估计方面的准确率提高了92.27%，流集覆盖率提高了121.83%。此外，FlowTracker施加最小的开销，只需要~ 0.04%的额外带宽用于大规模网络处理。有了这些功能，FlowTracker可以为网络运营商提供深入的见解和有效的网络流量控制。

{"title":"FlowTracker: A refined and versatile data plane measurement approach","authors":"Xinyue Jiang , Chunming Wu , Zhengyan Zhou , Di Wang , Dezhang Kong , Muhammad Khurram Khan , Xuan Liu","doi":"10.1016/j.jnca.2025.104334","DOIUrl":"10.1016/j.jnca.2025.104334","url":null,"abstract":"<div><div>To acquire per-hop flow level information, existing works have made significant contributions to offloading network measurement onto data center switches. Despite this, they still pose challenges due to increasingly complex measurement tasks and massive network traffic. In this paper, we introduce FlowTracker, a flow measurement primitive in the data plane. Our key innovation is a hash-based data structure with constant size and collision resolution, which allows fine-grained and real-time monitoring of various flow statistics. We have fully implemented a FlowTracker prototype on a testbed and used real-world packet traces to evaluate its performance. The results demonstrate FlowTracker’s efficiency under different measurement tasks. For example, with <span><math><mo>∼</mo></math></span>0.5 MB of memory, FlowTracker can accurately estimate 98% heavy hitter out of 25K flows, with an average relative error of 1.28%. It also achieves 92.27% higher accuracy in packet delay estimation and 121.83% higher flow set coverage compared to competitors with only 64 KB of memory. Furthermore, FlowTracker imposes minimal overhead, requiring just <span><math><mo>∼</mo></math></span>0.04% extra bandwidth for large-scale network processing. With these capabilities, FlowTracker can provide network operators with deep insights and efficient flow control of their networks.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"244 ","pages":"Article 104334"},"PeriodicalIF":8.0,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145134833","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A resilient fog-enabled IoV architecture: Adaptive post-quantum security framework with generalized signcryption and blockchain-enhanced trust management 一个有弹性的雾支持的车联网架构：具有广义签名加密和区块链增强信任管理的自适应后量子安全框架

IF 8 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-12-01 Epub Date: 2025-10-20 DOI: 10.1016/j.jnca.2025.104367

Junhao Li, Qiang Nong, Ziyu Liu

Vehicular Fog Computing (VFC) extends the fog computing paradigms to empower the Internet of Vehicles (IoV) by delivering ubiquitous computing and ultra-low latency-features critical to applications such as autonomous driving and collision avoidance. However, the dynamic and open nature of this architecture presents significant challenges in implementing robust security measures, ensuring the integrity of data, and safeguarding user privacy. Furthermore, most existing solutions fail to adequately prioritize the distinct requirements of safety-critical and non-safety-critical IoV services, thereby limiting their adaptability across heterogeneous application scenarios. Consequently, there is a growing need to develop flexible and resilient dynamic security mechanisms that optimize resource utilization in latency-sensitive and computationally intensive IoV systems. Additionally, IoVs systems must be equipped with defenses against evolving threats, including the emerging risk of quantum computing attacks. To address these challenges, this paper proposes a Quantum-resistant Blockchain-Assisted Generalized Signcryption (QBGS) protocol for vehicular fog computing. It synergizes post-quantum cryptography with adaptive trust orchestration, tailored specifically for next-generation IoV systems that require decentralized trust management and service-differentiated security. Unlike conventional static security methods, QBGS dynamically adjusts cryptographic operations such as encryption, signature, and signcryption to evolving environmental factors such as traffic density and threat severity. This enables context-aware security adjustments that enhance both efficiency and resilience. Moreover, QBGS incorporates a blockchain-integrated fog layer that supports lightweight protocols designed to curb the dissemination of false information. Through extensive theoretical analysis and systematic simulations based on an urban traffic case study, we demonstrate the practicality of QBGS for post-quantum secure IoV.

车辆雾计算（VFC）扩展了雾计算范式，通过提供无处不在的计算和超低延迟（对自动驾驶和避撞等应用至关重要的功能）来增强车联网（IoV）。然而，这种体系结构的动态性和开放性在实现健壮的安全措施、确保数据完整性和保护用户隐私方面提出了重大挑战。此外，大多数现有解决方案未能充分区分安全关键型和非安全关键型车联网服务的不同需求，从而限制了它们在异构应用场景中的适应性。因此，越来越需要开发灵活和有弹性的动态安全机制，以优化延迟敏感和计算密集型车联网系统的资源利用。此外，iov系统必须具备防御不断发展的威胁的能力，包括新兴的量子计算攻击风险。为了解决这些挑战，本文提出了一种用于车载雾计算的抗量子区块链辅助广义签名加密（QBGS）协议。它将后量子加密与自适应信任编排相结合，专门为需要分散信任管理和服务差异化安全性的下一代车联网系统量身定制。与传统的静态安全方法不同，QBGS可以根据流量密度、威胁严重程度等不断变化的环境因素动态调整加密、签名、签名加密等加密操作。这支持上下文感知的安全调整，从而提高效率和弹性。此外，QBGS集成了一个区块链集成雾层，支持旨在遏制虚假信息传播的轻量级协议。通过广泛的理论分析和基于城市交通案例研究的系统模拟，我们证明了QBGS在后量子安全车联网中的实用性。

{"title":"A resilient fog-enabled IoV architecture: Adaptive post-quantum security framework with generalized signcryption and blockchain-enhanced trust management","authors":"Junhao Li, Qiang Nong, Ziyu Liu","doi":"10.1016/j.jnca.2025.104367","DOIUrl":"10.1016/j.jnca.2025.104367","url":null,"abstract":"<div><div>Vehicular Fog Computing (VFC) extends the fog computing paradigms to empower the Internet of Vehicles (IoV) by delivering ubiquitous computing and ultra-low latency-features critical to applications such as autonomous driving and collision avoidance. However, the dynamic and open nature of this architecture presents significant challenges in implementing robust security measures, ensuring the integrity of data, and safeguarding user privacy. Furthermore, most existing solutions fail to adequately prioritize the distinct requirements of safety-critical and non-safety-critical IoV services, thereby limiting their adaptability across heterogeneous application scenarios. Consequently, there is a growing need to develop flexible and resilient dynamic security mechanisms that optimize resource utilization in latency-sensitive and computationally intensive IoV systems. Additionally, IoVs systems must be equipped with defenses against evolving threats, including the emerging risk of quantum computing attacks. To address these challenges, this paper proposes a Quantum-resistant Blockchain-Assisted Generalized Signcryption (QBGS) protocol for vehicular fog computing. It synergizes post-quantum cryptography with adaptive trust orchestration, tailored specifically for next-generation IoV systems that require decentralized trust management and service-differentiated security. Unlike conventional static security methods, QBGS dynamically adjusts cryptographic operations such as encryption, signature, and signcryption to evolving environmental factors such as traffic density and threat severity. This enables context-aware security adjustments that enhance both efficiency and resilience. Moreover, QBGS incorporates a blockchain-integrated fog layer that supports lightweight protocols designed to curb the dissemination of false information. Through extensive theoretical analysis and systematic simulations based on an urban traffic case study, we demonstrate the practicality of QBGS for post-quantum secure IoV.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"244 ","pages":"Article 104367"},"PeriodicalIF":8.0,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145364128","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

HERALD: Hybrid Ensemble Approach for Robust Anomaly Detection in encrypted DNS traffic 基于混合集成的加密DNS流量鲁棒异常检测方法

IF 8 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-12-01 Epub Date: 2025-09-28 DOI: 10.1016/j.jnca.2025.104342

Umar Sa’ad , Demeke Shumeye Lakew , Nhu-Ngoc Dao , Sungrae Cho

The proliferation of encrypted Domain Name System (DNS) traffic through protocols like DNS over Hypertext Transfer Protocol Secure presents significant privacy advantages but creates new challenges for anomaly detection. Traditional security mechanisms that rely on payload inspection become ineffective, necessitating advanced strategies capable of detecting threats in encrypted traffic. This study introduces the Hybrid Ensemble Approach for Robust Anomaly Detection (HERALD), a novel framework designed to detect anomalies in encrypted DNS traffic. HERALD combines unsupervised base detectors, including Isolation Forest (IF), One-Class Support Vector Machine (OCSVM), and Local Outlier Factor (LOF), with a supervised Random Forest meta-model, leveraging the strengths of both paradigms. Our comprehensive evaluation demonstrates HERALD’s exceptional performance, achieving 99.99 percent accuracy, precision, recall, and F1-score on the CIRA-CIC-DoHBrw-2020 dataset, while maintaining competitive computational efficiency with 110s training time and 2.2ms inference time. HERALD also demonstrates superior generalization capabilities on cross-dataset evaluations, exhibiting minimal performance degradation of only 2-4 percent when tested on previously unseen attack patterns, outperforming purely supervised models, which showed 5-8 percent degradation. The interpretability analysis, incorporating feature importance, accumulated local effects, and local interpretable model-agnostic explanations, provides insights into the relative contributions of each base detector, with OCSVM emerging as the most influential component, followed by IF and LOF. This study advances the field of network security by offering a robust, interpretable, and adaptable solution for detecting anomalies in encrypted DNS traffic that balances a high detection rate with a low false-positive rate.

加密域名系统（DNS）流量的激增通过超文本传输协议安全DNS等协议提供了显著的隐私优势，但也为异常检测带来了新的挑战。依赖于有效负载检查的传统安全机制变得无效，需要能够检测加密流量中的威胁的高级策略。本研究介绍了用于鲁棒异常检测的混合集成方法（HERALD），这是一种用于检测加密DNS流量异常的新框架。HERALD将无监督基础检测器（包括隔离森林（IF）、一类支持向量机（OCSVM）和局部离群因子（LOF））与监督随机森林元模型相结合，利用了两种范式的优势。我们的综合评估证明了HERALD的卓越性能，在CIRA-CIC-DoHBrw-2020数据集上实现了99.99%的正确率、精密度、召回率和f1分数，同时保持了具有竞争力的计算效率，训练时间为110秒，推理时间为2.2毫秒。HERALD还在跨数据集评估中展示了卓越的泛化能力，在以前未见过的攻击模式上测试时，仅显示出最小的性能下降2- 4%，优于纯监督模型，后者显示出5- 8%的下降。可解释性分析，结合特征重要性、累积局部效应和局部可解释模型不可知的解释，提供了对每个基础检测器的相对贡献的见解，其中OCSVM成为最具影响力的组成部分，其次是IF和LOF。本研究通过提供一个健壮的、可解释的、适应性强的解决方案来检测加密DNS流量中的异常，从而在高检测率和低误报率之间取得平衡，从而推动了网络安全领域的发展。

{"title":"HERALD: Hybrid Ensemble Approach for Robust Anomaly Detection in encrypted DNS traffic","authors":"Umar Sa’ad , Demeke Shumeye Lakew , Nhu-Ngoc Dao , Sungrae Cho","doi":"10.1016/j.jnca.2025.104342","DOIUrl":"10.1016/j.jnca.2025.104342","url":null,"abstract":"<div><div>The proliferation of encrypted Domain Name System (DNS) traffic through protocols like DNS over Hypertext Transfer Protocol Secure presents significant privacy advantages but creates new challenges for anomaly detection. Traditional security mechanisms that rely on payload inspection become ineffective, necessitating advanced strategies capable of detecting threats in encrypted traffic. This study introduces the Hybrid Ensemble Approach for Robust Anomaly Detection (HERALD), a novel framework designed to detect anomalies in encrypted DNS traffic. HERALD combines unsupervised base detectors, including Isolation Forest (IF), One-Class Support Vector Machine (OCSVM), and Local Outlier Factor (LOF), with a supervised Random Forest meta-model, leveraging the strengths of both paradigms. Our comprehensive evaluation demonstrates HERALD’s exceptional performance, achieving 99.99 percent accuracy, precision, recall, and F1-score on the CIRA-CIC-DoHBrw-2020 dataset, while maintaining competitive computational efficiency with 110s training time and 2.2ms inference time. HERALD also demonstrates superior generalization capabilities on cross-dataset evaluations, exhibiting minimal performance degradation of only 2-4 percent when tested on previously unseen attack patterns, outperforming purely supervised models, which showed 5-8 percent degradation. The interpretability analysis, incorporating feature importance, accumulated local effects, and local interpretable model-agnostic explanations, provides insights into the relative contributions of each base detector, with OCSVM emerging as the most influential component, followed by IF and LOF. This study advances the field of network security by offering a robust, interpretable, and adaptable solution for detecting anomalies in encrypted DNS traffic that balances a high detection rate with a low false-positive rate.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"244 ","pages":"Article 104342"},"PeriodicalIF":8.0,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145223445","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A profit-effective function service pricing approach for serverless edge computing function offloading 无服务器边缘计算功能卸载的盈利函数服务定价方法

IF 8 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-12-01 Epub Date: 2025-09-25 DOI: 10.1016/j.jnca.2025.104338

Siyuan Liu , Li Pan , Shijun Liu

In recent years, edge computing services have continued to develop and have been better integrated with serverless computing, leading to the improvement of the performance and concurrent request handling capabilities of edge servers. Therefore, an increasing number of IoT devices are willing to pay a certain amount of service processing fees to offload some computing tasks to edge servers for execution, with the aim of meeting their latency requirements. However, the computing capacity and storage space of edge servers at a single base station are still limited. Therefore, base stations must decide which task images to cache for future execution and price these computing services to control the computing offloading of IoT devices, so as to maximize their expected profit under the constraints of limited computing capacity and memory space. In this paper, we stand from the perspective of base stations and formulate the caching and pricing of function images at a base station, as well as the function offloading process of IoT devices, as a Markov Decision Process (MDP). We adopt a Proximal Policy Optimization (PPO)-based function service pricing adjustment algorithm to optimize the profit of base stations. Finally, we evaluate our approach through simulation experiments and compare it with baseline methods. The results show that our approach can significantly improve base stations’ expected profit in various scenarios.

近年来，边缘计算服务不断发展，并与无服务器计算更好地集成在一起，使得边缘服务器的性能和并发请求处理能力不断提高。因此，越来越多的物联网设备愿意支付一定的服务处理费，将一些计算任务卸载给边缘服务器执行，以满足其延迟需求。但是，单个基站的边缘服务器的计算能力和存储空间仍然是有限的。因此，基站必须决定缓存哪些任务映像以供未来执行，并对这些计算服务进行定价，以控制物联网设备的计算卸载，从而在有限的计算能力和内存空间约束下实现预期利润最大化。本文从基站的角度出发，将基站功能映像的缓存和定价以及物联网设备的功能卸载过程表述为马尔可夫决策过程（Markov Decision process， MDP）。采用一种基于近端策略优化（PPO）的函数服务定价调整算法来优化基站的利润。最后，我们通过模拟实验来评估我们的方法，并将其与基线方法进行比较。结果表明，该方法可以显著提高基站在各种场景下的预期利润。

{"title":"A profit-effective function service pricing approach for serverless edge computing function offloading","authors":"Siyuan Liu , Li Pan , Shijun Liu","doi":"10.1016/j.jnca.2025.104338","DOIUrl":"10.1016/j.jnca.2025.104338","url":null,"abstract":"<div><div>In recent years, edge computing services have continued to develop and have been better integrated with serverless computing, leading to the improvement of the performance and concurrent request handling capabilities of edge servers. Therefore, an increasing number of IoT devices are willing to pay a certain amount of service processing fees to offload some computing tasks to edge servers for execution, with the aim of meeting their latency requirements. However, the computing capacity and storage space of edge servers at a single base station are still limited. Therefore, base stations must decide which task images to cache for future execution and price these computing services to control the computing offloading of IoT devices, so as to maximize their expected profit under the constraints of limited computing capacity and memory space. In this paper, we stand from the perspective of base stations and formulate the caching and pricing of function images at a base station, as well as the function offloading process of IoT devices, as a Markov Decision Process (MDP). We adopt a Proximal Policy Optimization (PPO)-based function service pricing adjustment algorithm to optimize the profit of base stations. Finally, we evaluate our approach through simulation experiments and compare it with baseline methods. The results show that our approach can significantly improve base stations’ expected profit in various scenarios.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"244 ","pages":"Article 104338"},"PeriodicalIF":8.0,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145160067","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

DS-RAM: A dynamic sharding and reputation-based auditing mechanisms for blockchain consensus in IIoT DS-RAM：用于工业物联网区块链共识的动态分片和基于声誉的审计机制

IF 8 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-12-01 Epub Date: 2025-10-10 DOI: 10.1016/j.jnca.2025.104362

Jiali Zheng, Jinhui Chen, Shuainan Liu

Sharding is an effective strategy to improve the scalability of blockchain, especially in the context of massive data processing in Industrial Internet of Things (IIoT) scenarios. However, existing sharding schemes often overlook factors such as node reputation, resource capacity, and historical behavior, leading to imbalanced resource allocation, which in turn causes delays in real-time data processing and compromises system security. The blockchain consensus mechanism determines how nodes reach consensus, serving as the core of system efficiency and security. However, traditional consensus mechanisms lack effective detection of malicious nodes and insufficient supervision of consensus nodes, making the system vulnerable to attacks and malicious actions. To address these issues, this paper proposes DS-RAM (Dynamic Sharding and Reputation-based Auditing Mechanism), a dynamic sharding mechanism based on the weighted K-Medoids and Canopy algorithms. It comprehensively considers factors such as node geographical location, reputation, interaction frequency, and historical behavior to optimize node allocation, ensuring balanced distribution of sharding resources, thus improving system throughput and security. Additionally, DS-RAM introduces an auditing node module, which provides additional supervision of consensus nodes based on the reputation mechanism, enabling timely detection and isolation of potential malicious nodes, thereby effectively enhancing the fault tolerance of the consensus mechanism and system security. Simulation results demonstrate that, compared to traditional sharding schemes and reputation-based blockchains, the proposed method can effectively improve sharding security and blockchain sharding performance.

分片是提高区块链可扩展性的有效策略，特别是在工业物联网（IIoT）场景下的海量数据处理。然而，现有的分片方案往往忽略了节点信誉、资源容量和历史行为等因素，导致资源分配不均衡，从而导致实时数据处理延迟，影响系统安全性。区块链共识机制决定了节点如何达成共识，是系统效率和安全性的核心。然而，传统的共识机制缺乏对恶意节点的有效检测和对共识节点的监督，使得系统容易受到攻击和恶意行为的攻击。为了解决这些问题，本文提出了一种基于加权k - mediids和Canopy算法的动态分片机制DS-RAM （Dynamic Sharding and Reputation-based Auditing Mechanism）。它综合考虑节点的地理位置、声誉、交互频率、历史行为等因素，优化节点分配，保证分片资源的均衡分配，从而提高系统吞吐量和安全性。此外，DS-RAM还引入了审计节点模块，基于信誉机制对共识节点进行额外监督，及时发现和隔离潜在的恶意节点，从而有效增强共识机制的容错能力和系统安全性。仿真结果表明，与传统的分片方案和基于信誉的区块链相比，本文提出的方法能够有效提高分片安全性和区块链分片性能。

{"title":"DS-RAM: A dynamic sharding and reputation-based auditing mechanisms for blockchain consensus in IIoT","authors":"Jiali Zheng, Jinhui Chen, Shuainan Liu","doi":"10.1016/j.jnca.2025.104362","DOIUrl":"10.1016/j.jnca.2025.104362","url":null,"abstract":"<div><div>Sharding is an effective strategy to improve the scalability of blockchain, especially in the context of massive data processing in Industrial Internet of Things (IIoT) scenarios. However, existing sharding schemes often overlook factors such as node reputation, resource capacity, and historical behavior, leading to imbalanced resource allocation, which in turn causes delays in real-time data processing and compromises system security. The blockchain consensus mechanism determines how nodes reach consensus, serving as the core of system efficiency and security. However, traditional consensus mechanisms lack effective detection of malicious nodes and insufficient supervision of consensus nodes, making the system vulnerable to attacks and malicious actions. To address these issues, this paper proposes DS-RAM (Dynamic Sharding and Reputation-based Auditing Mechanism), a dynamic sharding mechanism based on the weighted K-Medoids and Canopy algorithms. It comprehensively considers factors such as node geographical location, reputation, interaction frequency, and historical behavior to optimize node allocation, ensuring balanced distribution of sharding resources, thus improving system throughput and security. Additionally, DS-RAM introduces an auditing node module, which provides additional supervision of consensus nodes based on the reputation mechanism, enabling timely detection and isolation of potential malicious nodes, thereby effectively enhancing the fault tolerance of the consensus mechanism and system security. Simulation results demonstrate that, compared to traditional sharding schemes and reputation-based blockchains, the proposed method can effectively improve sharding security and blockchain sharding performance.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"244 ","pages":"Article 104362"},"PeriodicalIF":8.0,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145261939","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

3D UAV path planning based on an improved TD3 deep reinforcement learning for data collection in an urban environment 城市环境下基于改进TD3深度强化学习的无人机路径规划

IF 8 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications

Pub Date : 2025-12-01 Epub Date: 2025-09-23 DOI: 10.1016/j.jnca.2025.104336

Mohammad Nazemi Jenabi, Hadi Asharioun, Mahdi Pourgholi

With the rapid growth in the number of users and services in communication networks, unmanned aerial vehicles (UAVs) are expected to play a significant role in future wireless communication systems. One of the key applications of UAVs is data collection in Internet of Things (IoT) networks. This paper addresses a three-dimensional (3D) UAV path planning optimization problem aimed at minimizing the completion time of data collection in urban environments, taking into account real-world constraints such as frequent communication link blockages between UAVs and sensors caused by buildings. To tackle this challenge, we propose an improved Deep Reinforcement Learning (DRL) algorithm, referred to as the Dropout-Based Prioritized TD3 Algorithm (DPTD3). This method integrates the TD3 algorithm with the Prioritized Experience Replay Buffer (PER) strategy and introduces a new Actor network architecture incorporating the Dropout technique. Simulation results demonstrate that the proposed 3D UAV path planning approach reduces both data collection time and UAV energy consumption compared to a two-dimensional (2D) path planning method. Furthermore, the results indicate that during training, the DPTD3 algorithm outperforms other state-of-the-art DRL approaches in terms of both stability and performance.

随着通信网络用户数量和业务的快速增长，无人驾驶飞行器（uav）有望在未来的无线通信系统中发挥重要作用。无人机的关键应用之一是物联网（IoT）网络中的数据采集。本文研究了一个三维（3D）无人机路径规划优化问题，该问题旨在最大限度地减少城市环境中数据收集的完成时间，同时考虑到现实世界的约束，如建筑物引起的无人机与传感器之间频繁的通信链路阻塞。为了应对这一挑战，我们提出了一种改进的深度强化学习（DRL）算法，称为基于辍学的优先TD3算法（DPTD3）。该方法将TD3算法与优先体验重放缓冲（PER）策略集成在一起，并引入了一种结合Dropout技术的新的Actor网络架构。仿真结果表明，与二维路径规划方法相比，所提出的无人机三维路径规划方法减少了数据收集时间和无人机能耗。此外，结果表明，在训练期间，DPTD3算法在稳定性和性能方面优于其他最先进的DRL方法。

{"title":"3D UAV path planning based on an improved TD3 deep reinforcement learning for data collection in an urban environment","authors":"Mohammad Nazemi Jenabi, Hadi Asharioun, Mahdi Pourgholi","doi":"10.1016/j.jnca.2025.104336","DOIUrl":"10.1016/j.jnca.2025.104336","url":null,"abstract":"<div><div>With the rapid growth in the number of users and services in communication networks, unmanned aerial vehicles (UAVs) are expected to play a significant role in future wireless communication systems. One of the key applications of UAVs is data collection in Internet of Things (IoT) networks. This paper addresses a three-dimensional (3D) UAV path planning optimization problem aimed at minimizing the completion time of data collection in urban environments, taking into account real-world constraints such as frequent communication link blockages between UAVs and sensors caused by buildings. To tackle this challenge, we propose an improved Deep Reinforcement Learning (DRL) algorithm, referred to as the Dropout-Based Prioritized TD3 Algorithm (DPTD3). This method integrates the TD3 algorithm with the Prioritized Experience Replay Buffer (PER) strategy and introduces a new Actor network architecture incorporating the Dropout technique. Simulation results demonstrate that the proposed 3D UAV path planning approach reduces both data collection time and UAV energy consumption compared to a two-dimensional (2D) path planning method. Furthermore, the results indicate that during training, the DPTD3 algorithm outperforms other state-of-the-art DRL approaches in terms of both stability and performance.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"244 ","pages":"Article 104336"},"PeriodicalIF":8.0,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145160068","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0