Pub Date : 2025-04-16DOI: 10.1109/JSAC.2025.3560285
Małgorzata Wasilewska;Hanna Bogucka
Federated-Learning (FL) based Spectrum Sensing (SS) method is considered for the application in future cognitive radio communication systems due to its supreme performance in changing radio environments as compared to classic cooperative or non-cooperative SS. It also avoids transferring large training datasets with high-resolution localization data. The FL algorithm is the subject of poisoning attacks that can be random or coordinated. In this paper, we first evaluate the impact of such attacks on the FL-based SS performance. Next, we propose a zero-trust method based on continuous monitoring and classification of the sensors’ models to detect attacked models. These models are then eliminated from the global model construction in FL. Our method is semi-blind, i.e., it does not require an apriori knowledge of who are the genuine actors participating in FL. Simulation results of the system under various attacks (random or coordinated, moderate or very aggressive, deliberately increasing or decreasing the spectrum occupancy) show that our method decreases the SS probability of false alarms by 89 % and increases the SS probability of detection by 16 % in case of the most severe targeted attacks in the most critical SNR ranges.
{"title":"Protection Against Poisoning Attacks on Federated Learning-Based Spectrum Sensing $$ $ lg $$ $ }} ?>","authors":"Małgorzata Wasilewska;Hanna Bogucka","doi":"10.1109/JSAC.2025.3560285","DOIUrl":"10.1109/JSAC.2025.3560285","url":null,"abstract":"Federated-Learning (FL) based Spectrum Sensing (SS) method is considered for the application in future cognitive radio communication systems due to its supreme performance in changing radio environments as compared to classic cooperative or non-cooperative SS. It also avoids transferring large training datasets with high-resolution localization data. The FL algorithm is the subject of poisoning attacks that can be random or coordinated. In this paper, we first evaluate the impact of such attacks on the FL-based SS performance. Next, we propose a zero-trust method based on continuous monitoring and classification of the sensors’ models to detect attacked models. These models are then eliminated from the global model construction in FL. Our method is semi-blind, i.e., it does not require an apriori knowledge of who are the genuine actors participating in FL. Simulation results of the system under various attacks (random or coordinated, moderate or very aggressive, deliberately increasing or decreasing the spectrum occupancy) show that our method decreases the SS probability of false alarms by 89 % and increases the SS probability of detection by 16 % in case of the most severe targeted attacks in the most critical SNR ranges.","PeriodicalId":73294,"journal":{"name":"IEEE journal on selected areas in communications : a publication of the IEEE Communications Society","volume":"43 6","pages":"2042-2055"},"PeriodicalIF":0.0,"publicationDate":"2025-04-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10966417","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143841643","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-04-16DOI: 10.1109/JSAC.2025.3560008
Mehreen Tahir;Tanjila Mawla;Feras Awaysheh;Sadi Alawadi;Maanak Gupta;Muhammad Intizar Ali
Federated Learning (FL) enables decentralized learning while preserving data privacy. However, ensuring security and optimizing resource utilization in FL remains challenging, particularly in untrusted environments. To address this, we propose SecureFedPROM, a novel zero-trust FL framework that integrates Attribute-Based Access Control (ABAC) for secure client authorization and Preference Ranking Organization Method for Enrichment of Evaluations (PROMETHEE) for dynamic, multi-criteria client selection. Unlike traditional FL client selection methods that prioritize security or efficiency, SecureFedPROM optimizes trustworthiness, computational efficiency, and performance, ensuring robust participation in each training round. We evaluate SecureFedPROM across multiple real-world datasets, demonstrating its superiority over state-of-the-art client selection protocols. Our results show that SecureFedPROM achieves a 7.19% improvement in model accuracy, accelerates convergence, and reduces the number of training rounds. Additionally, it minimizes wall-clock time and computational overhead, making it highly scalable for edge AI environments. These findings highlight the importance of integrating zero-trust security principles with multi-criteria decision-making to enhance security and efficiency in FL.
{"title":"SecureFedPROM: A Zero-Trust Federated Learning Approach With Multi-Criteria Client Selection","authors":"Mehreen Tahir;Tanjila Mawla;Feras Awaysheh;Sadi Alawadi;Maanak Gupta;Muhammad Intizar Ali","doi":"10.1109/JSAC.2025.3560008","DOIUrl":"10.1109/JSAC.2025.3560008","url":null,"abstract":"Federated Learning (FL) enables decentralized learning while preserving data privacy. However, ensuring security and optimizing resource utilization in FL remains challenging, particularly in untrusted environments. To address this, we propose SecureFedPROM, a novel zero-trust FL framework that integrates Attribute-Based Access Control (ABAC) for secure client authorization and Preference Ranking Organization Method for Enrichment of Evaluations (PROMETHEE) for dynamic, multi-criteria client selection. Unlike traditional FL client selection methods that prioritize security or efficiency, SecureFedPROM optimizes trustworthiness, computational efficiency, and performance, ensuring robust participation in each training round. We evaluate SecureFedPROM across multiple real-world datasets, demonstrating its superiority over state-of-the-art client selection protocols. Our results show that SecureFedPROM achieves a 7.19% improvement in model accuracy, accelerates convergence, and reduces the number of training rounds. Additionally, it minimizes wall-clock time and computational overhead, making it highly scalable for edge AI environments. These findings highlight the importance of integrating zero-trust security principles with multi-criteria decision-making to enhance security and efficiency in FL.","PeriodicalId":73294,"journal":{"name":"IEEE journal on selected areas in communications : a publication of the IEEE Communications Society","volume":"43 6","pages":"2025-2041"},"PeriodicalIF":0.0,"publicationDate":"2025-04-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10966024","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143898246","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-04-15DOI: 10.1109/JSAC.2025.3560046
Jiacheng Yao;Wei Shi;Wei Xu;Zhaohui Yang;A. Lee Swindlehurst;Dusit Niyato
Over-the-air computation (AirComp) has emerged as an essential approach for enabling communication-efficient federated learning (FL) over wireless networks. Nonetheless, the inherent analog transmission mechanism in AirComp-based FL (AirFL) intensifies challenges posed by potential Byzantine attacks. In this paper, we propose a novel Byzantine-robust FL paradigm for over-the-air transmissions, referred to as federated learning with secure adaptive clustering (FedSAC). FedSAC aims to protect a portion of the devices from attacks through zero trust architecture (ZTA) based Byzantine identification and adaptive device clustering. By conducting a one-step convergence analysis, we theoretically characterize the convergence behavior with different device clustering mechanisms and uneven aggregation weighting factors for each device. Building upon our analytical results, we formulate a joint optimization problem for the clustering and weighting factors in each communication round. To facilitate the targeted optimization, we propose a dynamic Byzantine identification method using historical reputation based on ZTA. Furthermore, we introduce a sequential clustering method, transforming the joint optimization into a weighting optimization problem without sacrificing the optimality. To optimize the weighting, we capitalize on the penalty convex-concave procedure (P-CCP) to obtain a stationary solution. Numerical results substantiate the superiority of the proposed FedSAC over existing methods in terms of both test accuracy and convergence rate.
{"title":"Byzantine-Resilient Over-the-Air Federated Learning Under Zero-Trust Architecture","authors":"Jiacheng Yao;Wei Shi;Wei Xu;Zhaohui Yang;A. Lee Swindlehurst;Dusit Niyato","doi":"10.1109/JSAC.2025.3560046","DOIUrl":"10.1109/JSAC.2025.3560046","url":null,"abstract":"Over-the-air computation (AirComp) has emerged as an essential approach for enabling communication-efficient federated learning (FL) over wireless networks. Nonetheless, the inherent analog transmission mechanism in AirComp-based FL (AirFL) intensifies challenges posed by potential Byzantine attacks. In this paper, we propose a novel Byzantine-robust FL paradigm for over-the-air transmissions, referred to as federated learning with secure adaptive clustering (FedSAC). FedSAC aims to protect a portion of the devices from attacks through zero trust architecture (ZTA) based Byzantine identification and adaptive device clustering. By conducting a one-step convergence analysis, we theoretically characterize the convergence behavior with different device clustering mechanisms and uneven aggregation weighting factors for each device. Building upon our analytical results, we formulate a joint optimization problem for the clustering and weighting factors in each communication round. To facilitate the targeted optimization, we propose a dynamic Byzantine identification method using historical reputation based on ZTA. Furthermore, we introduce a sequential clustering method, transforming the joint optimization into a weighting optimization problem without sacrificing the optimality. To optimize the weighting, we capitalize on the penalty convex-concave procedure (P-CCP) to obtain a stationary solution. Numerical results substantiate the superiority of the proposed FedSAC over existing methods in terms of both test accuracy and convergence rate.","PeriodicalId":73294,"journal":{"name":"IEEE journal on selected areas in communications : a publication of the IEEE Communications Society","volume":"43 6","pages":"1954-1969"},"PeriodicalIF":0.0,"publicationDate":"2025-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143836712","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With the popularity of encryption protocols, machine learning (ML)-based traffic analysis technologies have attracted widespread attention. To adapt to modern high-speed bandwidth, recent research is dedicated to advancing zero-trust intrusion detection by offloading feature extraction and model inference into the network dataplane. Especially, with the rise of programmable switches, achieving line-speed ML inference becomes promising. However, existing research only considers a single switch node as a relay to conduct evaluation. This is far from real-world deployments involving multiple switches (given that zero-trust security assumes that threats can originate from anywhere, including within the network), particularly the multipath routing phenomenon that exists in practice. In this paper, we reveal practical challenges in the context of enabling line-speed model inference in the network dataplane. Furthermore, we propose FCPlane, the forwarding and computing integrated dataplane for zero-trust intrusion detection that aims to enable efficient load balancing while providing reliable traffic analysis results, even against multipath routing. The core idea is to reconcile forwarding and computation to the flowlet level, for which a tailor-made Markov chain model is designed. Based on two public traffic datasets, we evaluate seven state-of-the-art in-network traffic analysis models deployed in four types of topologies (three with multipath routing and one without) to explore performance impact and demonstrate the effectiveness of our proposal.
{"title":"Verify All Traffic: Towards Zero-Trust In-Network Intrusion Detection Against Multipath Routing","authors":"Ziming Zhao;Zhaoxuan Li;Xiaofei Xie;Zhipeng Liu;Tingting Li;Jiongchi Yu;Fan Zhang;Binbin Chen","doi":"10.1109/JSAC.2025.3560045","DOIUrl":"10.1109/JSAC.2025.3560045","url":null,"abstract":"With the popularity of encryption protocols, machine learning (ML)-based traffic analysis technologies have attracted widespread attention. To adapt to modern high-speed bandwidth, recent research is dedicated to advancing zero-trust intrusion detection by offloading feature extraction and model inference into the network dataplane. Especially, with the rise of programmable switches, achieving line-speed ML inference becomes promising. However, existing research only considers a single switch node as a relay to conduct evaluation. This is far from real-world deployments involving multiple switches (given that zero-trust security assumes that threats can originate from anywhere, including within the network), particularly the multipath routing phenomenon that exists in practice. In this paper, we reveal practical challenges in the context of enabling line-speed model inference in the network dataplane. Furthermore, we propose FCPlane, the forwarding and computing integrated dataplane for zero-trust intrusion detection that aims to enable efficient load balancing while providing reliable traffic analysis results, even against multipath routing. The core idea is to reconcile forwarding and computation to the flowlet level, for which a tailor-made Markov chain model is designed. Based on two public traffic datasets, we evaluate seven state-of-the-art in-network traffic analysis models deployed in four types of topologies (three with multipath routing and one without) to explore performance impact and demonstrate the effectiveness of our proposal.","PeriodicalId":73294,"journal":{"name":"IEEE journal on selected areas in communications : a publication of the IEEE Communications Society","volume":"43 6","pages":"2155-2171"},"PeriodicalIF":0.0,"publicationDate":"2025-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143836710","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-04-15DOI: 10.1109/JSAC.2025.3560359
Jun Chen;Yong Fang;Ashish Khisti;Ayfer Özgür;Nir Shlezinger
This survey article focuses on the emerging connections between machine learning and data compression. While the fundamental limits of classical (lossy) data compression are well-established through rate-distortion theory, recent advancements have uncovered new theoretical analyses and application areas inspired by machine learning. We review recent works on task-based and goal-oriented compression, rate-distortion-perception theory, and compression for estimation and inference. Deep learning-based approaches have provided natural, data-driven methods for compression. Accordingly, we survey recent efforts in applying deep learning techniques to task-based or goal-oriented compression, as well as image/video compression and transmission. Additionally, we discuss the potential use of large language models for text compression. Finally, we outline future research directions in this promising field.
{"title":"Information Compression in the AI Era: Recent Advances and Future Challenges","authors":"Jun Chen;Yong Fang;Ashish Khisti;Ayfer Özgür;Nir Shlezinger","doi":"10.1109/JSAC.2025.3560359","DOIUrl":"10.1109/JSAC.2025.3560359","url":null,"abstract":"This survey article focuses on the emerging connections between machine learning and data compression. While the fundamental limits of classical (lossy) data compression are well-established through rate-distortion theory, recent advancements have uncovered new theoretical analyses and application areas inspired by machine learning. We review recent works on task-based and goal-oriented compression, rate-distortion-perception theory, and compression for estimation and inference. Deep learning-based approaches have provided natural, data-driven methods for compression. Accordingly, we survey recent efforts in applying deep learning techniques to task-based or goal-oriented compression, as well as image/video compression and transmission. Additionally, we discuss the potential use of large language models for text compression. Finally, we outline future research directions in this promising field.","PeriodicalId":73294,"journal":{"name":"IEEE journal on selected areas in communications : a publication of the IEEE Communications Society","volume":"43 7","pages":"2333-2348"},"PeriodicalIF":0.0,"publicationDate":"2025-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143836717","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Permissioned blockchain is a promising methodology to build zero-trust storage foundation with trusted data storage and sharing for the zero-trust network. However, the inherent full-backup feature of the permissioned blockchain poses potential data privacy risks and substantial storage costs, hindering its usage as a storage medium. These issues necessitate the usage of secure data deduplication technology to mitigate them. Unfortunately, current secure data deduplication schemes are predominantly designed with centralized cloud servers in mind and are not suitable for distributed blockchain systems. The reason is that the full backup feature of the permissioned blockchain renders a wide attack surface to offline brute-force and frequency analysis attacks. In response, we propose DedupChain, a secure blockchain-enabled storage system with deduplication for zero-trust networks. DedupChain employs a trusted execution environment (i.e., Inter SGX enclave) in conjunction with Oblivious RAM (ORAM) to offer a novel security guarantee named oblivious data deduplication, which empowers DedupChain with the ability to defend offline brute-force and frequency analysis attacks. DedupChain also proposes several novel techniques to address the security and efficiency issues raised by the SGX enclave. We implemented a system prototype of DedupChain and evaluated its performance metrics. Our experimental results show that DedupChain exhibits satisfactory operational delays, throughput, and storage overhead. Security analysis shows that DedupChain is robust enough to withstand several types of attacks. To the best of our knowledge, we are the first to apply secure data deduplication techniques to address data privacy and storage cost issues raised by permissioned blockchain when used as a zero-trust storage medium.
{"title":"DedupChain: A Secure Blockchain-Enabled Storage System With Deduplication for Zero-Trust Network","authors":"Saiyu Qi;Qiuhao Wang;Wei Wei;Xu Yang;Hongguang Zhao;Yuhao Liu;Xu Yang;Yong Qi","doi":"10.1109/JSAC.2025.3560043","DOIUrl":"10.1109/JSAC.2025.3560043","url":null,"abstract":"Permissioned blockchain is a promising methodology to build zero-trust storage foundation with trusted data storage and sharing for the zero-trust network. However, the inherent full-backup feature of the permissioned blockchain poses potential data privacy risks and substantial storage costs, hindering its usage as a storage medium. These issues necessitate the usage of secure data deduplication technology to mitigate them. Unfortunately, current secure data deduplication schemes are predominantly designed with centralized cloud servers in mind and are not suitable for distributed blockchain systems. The reason is that the full backup feature of the permissioned blockchain renders a wide attack surface to offline brute-force and frequency analysis attacks. In response, we propose DedupChain, a secure blockchain-enabled storage system with deduplication for zero-trust networks. DedupChain employs a trusted execution environment (i.e., Inter SGX enclave) in conjunction with Oblivious RAM (ORAM) to offer a novel security guarantee named oblivious data deduplication, which empowers DedupChain with the ability to defend offline brute-force and frequency analysis attacks. DedupChain also proposes several novel techniques to address the security and efficiency issues raised by the SGX enclave. We implemented a system prototype of DedupChain and evaluated its performance metrics. Our experimental results show that DedupChain exhibits satisfactory operational delays, throughput, and storage overhead. Security analysis shows that DedupChain is robust enough to withstand several types of attacks. To the best of our knowledge, we are the first to apply secure data deduplication techniques to address data privacy and storage cost issues raised by permissioned blockchain when used as a zero-trust storage medium.","PeriodicalId":73294,"journal":{"name":"IEEE journal on selected areas in communications : a publication of the IEEE Communications Society","volume":"43 6","pages":"2070-2086"},"PeriodicalIF":0.0,"publicationDate":"2025-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143836711","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-04-15DOI: 10.1109/JSAC.2025.3560000
Xin Wang;Bo Yi;Qing Li;Shahid Mumtaz;Jianhui Lv
With the rapid advancement of technologies such as B5G/6G and edge computing, network scenarios are becoming increasingly complex and diverse, leading to the emergence of slicing networks. Virtualizing applications into distinct categories and establishing corresponding network slices ensures performance to a certain extent. However, the challenges posed by the complex slicing environment demand more fine-grained routing control and higher costs to locate requested content or services, areas where current state-of-the-art methods fall short. To address these challenges, this work introduces a system framework that integrates the principles of Segment Routing over IPv6 (SRv6). An SRv6 optimization layer is created between the control and infrastructure layers to manage slices effectively and enhance routing control. Additionally, we propose a novel policy routing method based on zero-trust and Graph Convolutional Network (GCN) technology. This method transforms actions into policies that can be flexibly deployed on SRv6 nodes, segment by segment. These actions encompass both routing and security measures, allowing for dynamic and flexible deployment of policies on each segment to achieve the desired goals. This integration of segment routing and zero-trust principles simplifies implementation and enhances security. Comprehensive experiments were conducted to evaluate the proposed method. The results demonstrate significant improvements over state-of-the-art methods, including a higher service acceptance rate, better resource utilization, and reduced average latency and packet loss rate.
{"title":"SRv6 and Zero-Trust Policy Enabled Graph Convolutional Neural Networks for Slicing Network Optimization","authors":"Xin Wang;Bo Yi;Qing Li;Shahid Mumtaz;Jianhui Lv","doi":"10.1109/JSAC.2025.3560000","DOIUrl":"10.1109/JSAC.2025.3560000","url":null,"abstract":"With the rapid advancement of technologies such as B5G/6G and edge computing, network scenarios are becoming increasingly complex and diverse, leading to the emergence of slicing networks. Virtualizing applications into distinct categories and establishing corresponding network slices ensures performance to a certain extent. However, the challenges posed by the complex slicing environment demand more fine-grained routing control and higher costs to locate requested content or services, areas where current state-of-the-art methods fall short. To address these challenges, this work introduces a system framework that integrates the principles of Segment Routing over IPv6 (SRv6). An SRv6 optimization layer is created between the control and infrastructure layers to manage slices effectively and enhance routing control. Additionally, we propose a novel policy routing method based on zero-trust and Graph Convolutional Network (GCN) technology. This method transforms actions into policies that can be flexibly deployed on SRv6 nodes, segment by segment. These actions encompass both routing and security measures, allowing for dynamic and flexible deployment of policies on each segment to achieve the desired goals. This integration of segment routing and zero-trust principles simplifies implementation and enhances security. Comprehensive experiments were conducted to evaluate the proposed method. The results demonstrate significant improvements over state-of-the-art methods, including a higher service acceptance rate, better resource utilization, and reduced average latency and packet loss rate.","PeriodicalId":73294,"journal":{"name":"IEEE journal on selected areas in communications : a publication of the IEEE Communications Society","volume":"43 6","pages":"2279-2292"},"PeriodicalIF":0.0,"publicationDate":"2025-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143836720","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-04-15DOI: 10.1109/JSAC.2025.3559116
Hongru Li;Jiawei Shao;Hengtao He;Shenghui Song;Jun Zhang;Khaled B. Letaief
Task-oriented communication aims to extract and transmit task-relevant information to significantly reduce the communication overhead and transmission latency. However, the unpredictable distribution shifts between training and test data, including domain shift and semantic shift, can dramatically undermine the system performance. In order to tackle these challenges, it is crucial to ensure that the encoded features can generalize to domain-shifted data and detect semantic-shifted data, while remaining compact for transmission. In this paper, we propose a novel approach based on the information bottleneck (IB) principle and invariant risk minimization (IRM) framework. The proposed method aims to extract compact and informative features that possess high capability for effective domain-shift generalization and accurate semantic-shift detection without any knowledge of the test data during training. Specifically, we propose an invariant feature encoding approach based on the IB principle and IRM framework for domain-shift generalization, which aims to find the causal relationship between the input data and task result by minimizing the complexity and domain dependence of the encoded feature. Furthermore, we enhance the task-oriented communication with the label-dependent feature encoding approach for semantic-shift detection which achieves joint gains in IB optimization and detection performance. To avoid the intractable computation of the IB-based objective, we leverage variational approximation to derive a tractable upper bound for optimization. Extensive simulation results on image classification tasks demonstrate that the proposed scheme outperforms state-of-the-art approaches and achieves a better rate-distortion tradeoff.
{"title":"Tackling Distribution Shifts in Task-Oriented Communication With Information Bottleneck","authors":"Hongru Li;Jiawei Shao;Hengtao He;Shenghui Song;Jun Zhang;Khaled B. Letaief","doi":"10.1109/JSAC.2025.3559116","DOIUrl":"10.1109/JSAC.2025.3559116","url":null,"abstract":"Task-oriented communication aims to extract and transmit task-relevant information to significantly reduce the communication overhead and transmission latency. However, the <italic>unpredictable</i> distribution shifts between training and test data, including <italic>domain shift</i> and <italic>semantic shift</i>, can dramatically undermine the system performance. In order to tackle these challenges, it is crucial to ensure that the encoded features can generalize to <italic>domain-shifted</i> data and detect <italic>semantic-shifted</i> data, while remaining compact for transmission. In this paper, we propose a novel approach based on the information bottleneck (IB) principle and invariant risk minimization (IRM) framework. The proposed method aims to extract compact and informative features that possess high capability for effective <italic>domain-shift generalization</i> and accurate <italic>semantic-shift detection</i> without any knowledge of the test data during training. Specifically, we propose an invariant feature encoding approach based on the IB principle and IRM framework for <italic>domain-shift</i> generalization, which aims to find the causal relationship between the input data and task result by minimizing the complexity and domain dependence of the encoded feature. Furthermore, we enhance the task-oriented communication with the label-dependent feature encoding approach for <italic>semantic-shift detection</i> which achieves joint gains in IB optimization and detection performance. To avoid the intractable computation of the IB-based objective, we leverage variational approximation to derive a tractable upper bound for optimization. Extensive simulation results on image classification tasks demonstrate that the proposed scheme outperforms state-of-the-art approaches and achieves a better rate-distortion tradeoff.","PeriodicalId":73294,"journal":{"name":"IEEE journal on selected areas in communications : a publication of the IEEE Communications Society","volume":"43 7","pages":"2667-2683"},"PeriodicalIF":0.0,"publicationDate":"2025-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10964522","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143836716","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-04-15DOI: 10.1109/JSAC.2025.3560012
Xiaokang Zhou;Wei Liang;Kevin I-Kai Wang;Katsutoshi Yada;Laurence T. Yang;Jianhua Ma;Qun Jin
The rapid development and usage of digital technologies in modern intelligent systems and applications bring critical challenges on data security and privacy. It is essential to allow cross-organizational data sharing to achieve smart service provisioning, while preventing unauthorized access and data leak to ensure end users’ efficient and secure collaborations. Federated Learning (FL) offers a promising pathway to enable innovative collaboration across multiple organizations. However, more stringent security policies are needed to ensure authenticity of participating entities, safeguard data during communication, and prevent malicious activities. In this paper, we propose a Decentralized Federated Graph Learning (FGL) with Lightweight Zero Trust Architecture (ZTA) model, named DFGL-LZTA, to provide context-aware security with dynamic defense policy update, while maintaining computational and communication efficiency in resource-constrained environments, for highly distributed and heterogeneous systems in next-generation networking. Specifically, with a re-designed lightweight ZTA, which leverages adaptive privacy preservation and reputation-based aggregation together to tackle multi-level security threats (e.g., data-level, model-level, and identity-level attacks), a Proximal Policy Optimization (PPO) based Deep Reinforcement Learning (DRL) agent is introduced to enable the real-time and adaptive security policy update and optimization based on contextual features. A hierarchical Graph Attention Network (GAT) mechanism is then improved and applied to facilitate the dynamic subgraph learning in local training with a layer-wise architecture, while a so-called sparse global aggregation scheme is developed to balance the communication efficiency and model robustness in a P2P manner. Experiments and evaluations conducted based on two open-source datasets and one synthetic dataset demonstrate the usefulness of our proposed model in terms of training performance, computational and communication efficiency, and model accuracy, compared with other four state-of-the-art methods for next-generation networking security in modern distributed learning systems.
{"title":"Decentralized Federated Graph Learning With Lightweight Zero Trust Architecture for Next-Generation Networking Security","authors":"Xiaokang Zhou;Wei Liang;Kevin I-Kai Wang;Katsutoshi Yada;Laurence T. Yang;Jianhua Ma;Qun Jin","doi":"10.1109/JSAC.2025.3560012","DOIUrl":"10.1109/JSAC.2025.3560012","url":null,"abstract":"The rapid development and usage of digital technologies in modern intelligent systems and applications bring critical challenges on data security and privacy. It is essential to allow cross-organizational data sharing to achieve smart service provisioning, while preventing unauthorized access and data leak to ensure end users’ efficient and secure collaborations. Federated Learning (FL) offers a promising pathway to enable innovative collaboration across multiple organizations. However, more stringent security policies are needed to ensure authenticity of participating entities, safeguard data during communication, and prevent malicious activities. In this paper, we propose a Decentralized Federated Graph Learning (FGL) with Lightweight Zero Trust Architecture (ZTA) model, named DFGL-LZTA, to provide context-aware security with dynamic defense policy update, while maintaining computational and communication efficiency in resource-constrained environments, for highly distributed and heterogeneous systems in next-generation networking. Specifically, with a re-designed lightweight ZTA, which leverages adaptive privacy preservation and reputation-based aggregation together to tackle multi-level security threats (e.g., data-level, model-level, and identity-level attacks), a Proximal Policy Optimization (PPO) based Deep Reinforcement Learning (DRL) agent is introduced to enable the real-time and adaptive security policy update and optimization based on contextual features. A hierarchical Graph Attention Network (GAT) mechanism is then improved and applied to facilitate the dynamic subgraph learning in local training with a layer-wise architecture, while a so-called sparse global aggregation scheme is developed to balance the communication efficiency and model robustness in a P2P manner. Experiments and evaluations conducted based on two open-source datasets and one synthetic dataset demonstrate the usefulness of our proposed model in terms of training performance, computational and communication efficiency, and model accuracy, compared with other four state-of-the-art methods for next-generation networking security in modern distributed learning systems.","PeriodicalId":73294,"journal":{"name":"IEEE journal on selected areas in communications : a publication of the IEEE Communications Society","volume":"43 6","pages":"1908-1922"},"PeriodicalIF":0.0,"publicationDate":"2025-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143836715","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-04-15DOI: 10.1109/JSAC.2025.3560036
Xiang Wu;Baowen Zou;Chuanchuan Lu;Lili Wang;Yongting Zhang;Huanhuan Wang
With a growing security threat in wireless communication networks, a promising method for secure next-generation networks is a zero-trust framework focusing on authentication schemes. How to analyze the risks involved in authentication is a challenge. This study quantifies authentication risks within the zero-trust framework and introduces a privacy domain prevention-control theory. The theory encompasses dynamic privacy risk assessment, intelligent risk classification, and automated selection of privacy protection schemes. First, a dynamic privacy risk assessment method, based on physical entity relationships, is proposed to evaluate all privacy risks. Second, a five-category risk classification method is designed to categorize privacy risks, facilitating the selection of prevention-control schemes, with its rationality mathematically validated. Additionally, an Analytical Hierarchy Process (AHP)-based method is introduced to guide the optimal selection of prevention-control schemes for various scenarios. Finally, the practical application of the theory in medicine multi-modal computing scene of wireless body area networks demonstrates its effectiveness. The experimental results also show the superiority and feasibility of the proposed methods.
{"title":"Dynamic Security Computing Framework With Zero Trust Based on Privacy Domain Prevention and Control Theory","authors":"Xiang Wu;Baowen Zou;Chuanchuan Lu;Lili Wang;Yongting Zhang;Huanhuan Wang","doi":"10.1109/JSAC.2025.3560036","DOIUrl":"10.1109/JSAC.2025.3560036","url":null,"abstract":"With a growing security threat in wireless communication networks, a promising method for secure next-generation networks is a zero-trust framework focusing on authentication schemes. How to analyze the risks involved in authentication is a challenge. This study quantifies authentication risks within the zero-trust framework and introduces a privacy domain prevention-control theory. The theory encompasses dynamic privacy risk assessment, intelligent risk classification, and automated selection of privacy protection schemes. First, a dynamic privacy risk assessment method, based on physical entity relationships, is proposed to evaluate all privacy risks. Second, a five-category risk classification method is designed to categorize privacy risks, facilitating the selection of prevention-control schemes, with its rationality mathematically validated. Additionally, an Analytical Hierarchy Process (AHP)-based method is introduced to guide the optimal selection of prevention-control schemes for various scenarios. Finally, the practical application of the theory in medicine multi-modal computing scene of wireless body area networks demonstrates its effectiveness. The experimental results also show the superiority and feasibility of the proposed methods.","PeriodicalId":73294,"journal":{"name":"IEEE journal on selected areas in communications : a publication of the IEEE Communications Society","volume":"43 6","pages":"2266-2278"},"PeriodicalIF":0.0,"publicationDate":"2025-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143836721","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: