TNSM Searchable Index

Author(s)	Title	Year	Publication	Keywords
Lion Steger, Liming Kuang, Johannes Zirngibl, Georg Carle, Oliver Gasser	Still on Target? An Evaluation of IPv6 Target Generation Algorithms	2026	Early Access		Internet measurements are a crucial foundation of IPv6-related research. Due to the infeasibility of full address space scans for IPv6 however, those measurements rely on collections of reliably responsive, unbiased addresses, as provided e.g., by the IPv6 Hitlist service. Although used for various use cases, the hitlist provides an unfiltered list of responsive addresses, the hosts behind which can come from a range of different networks and devices, such as web servers, customer-premises equipment (CPE) devices, and Internet infrastructure. In this paper, we demonstrate the importance of tailoring hitlists in accordance with the research goal in question. By using PeeringDB we classify hitlist addresses into six different network categories, uncovering that 42% of hitlist addresses are in ISP networks. Moreover, we show the different behavior of those addresses depending on their respective category, e.g., ISP addresses exhibiting a relatively low lifetime. Furthermore, we analyze different Target Generation Algorithms (TGAs), which are used to increase the coverage of IPv6 measurements by generating new responsive targets for scans. We use seed sets, e.g., based on the categorized Hitlist. We evaluate the performance of TGAs under various conditions and find generated addresses to show vastly differing responsiveness levels for different TGAs. Furthermore, we evaluate of algorithm run times and differences between multiple TGA runs.	10.1109/TNSM.2026.3705935
Ibirisol Fontes Ferreira, Eiji Oki	Forestall: A Prefetching Scheme for Domain Name System Resolver Cache Services	2026	Early Access	Prefetching Timing Servers	The domain name system (DNS) is crucial to accessing Internet services by playing an essential role in facilitating this process for Internet users. Still, it affects the quality of experience within the Internet service chain. This impact includes the role of the resolver component, which can negatively influence the final user experience when consuming services. Some studies have developed strategies to reduce resolution time within the DNS resolver ecosystem by incorporating components into users’ devices to trigger resolution in advance, changing DNS service and cache algorithm implementation, or utilizing a complex and expensive service architecture that is not scalable for local DNS resolvers in edge deployments. This paper proposes a dynamic prefetching scheme called Forestall to reduce misses, including those caused by expired domain translation data, and to improve the overall performance of the resolver cache component. We model the prefetching scheme for DNS resolvers using DNS transactional information. We define a prefetching advising routine that advises on possible domains by observing past request patterns. We introduce two prefetching routines for efficient domain tracking and advising. We introduce miss-based metrics to measure the efficiency of the prefetching scheme and the potential resource trade-off associated with its deployment. The numerical results indicate that the prefetching scheme improves the performance of the DNS resolver cache component compared to well-deployed prefetching solutions on the Internet. Forestall reduces the miss ratio by more than 50%, depending on the dataset. In a specific workload, Forestall’s results with adjusted parameter combinations yield a decrease in the miss ratio of more than 16%, accompanied by a reasonable increase in additional fetches of around 35%. In terms of service latency that users perceive, Forestall achieves a reduction varying between 20% and 49%.	10.1109/TNSM.2026.3704549
Ibirisol Fontes Ferreira, Cassio Vinicius Serafim Prazeres, Maycon Leone Maciel Peixoto, Eiji Oki, Gustavo Bittencourt Figueiredo	Narrow: A Fair Routing Multicast Algorithm for Distributed Interactive Applications in Edge Networks	2026	Early Access	Delays Algorithms Timing	Recent research in networking has increasingly focused on addressing the challenges of edge network services. A crucial issue in this context is routing, which must account for quality-of-service requirements. In particular, multicast routing provides optimized network services for groups of people using the same application, which is advantageous for operators and application providers. However, latency-constrained routing poses challenges when integrating diverse requirements into the routing computation, particularly when fairness among users is required. This work addresses the fairness requirement in multicast-overlaid and virtualized networks by presenting a solution that improves the equity of group interactions in the routing service. Our proposal, named Narrow, achieves fairer group interaction by selecting improved path options for multicast routing in edge networks. We compared Narrow with the Fair Shortest Path Tree (FSPT) and Chains algorithms from related studies on delay-constrained routing. Simulations indicated that Narrow reduced the inter-destination delay deviation by up to 84% and 49% relative to FSPT and Chains, respectively, across topologies of varying sizes. Similarly, Narrow improved by more than 99% against FSPT and by 70% against Chains across topologies with varying node degrees. Depending on the number of allowed alternative paths, Narrow reduced the inter-destination delay deviation by more than 99% compared with FSPT and by 38% compared with Chains. In emulated distributed interactive application session experiments, Narrow delivered the fairest response time, reducing it by 89% and 86% relative to FSPT and Chains, respectively. Furthermore, fairness in players’ scores improved by 20% and 16%, respectively, yielding more equitable group interaction from the application’s perspective.	10.1109/TNSM.2026.3704927
Emilio Paolini, Andrea Pinto, Luca Valcarenghi, Flavio Esposito	Programmable In-Network Aggregation for Communication-Aware Federated Learning in 5G RANs	2026	Early Access	Modeling Timing Training	Federated Learning (FL) enables collaborative model training without sharing raw data, making it attractive for privacy-preserving applications at the wireless edge. However, when executed over real 5G networks, FL performance degrades due to uplink congestion, heterogeneous client capabilities, and intermittent connectivity. Most existing approaches attempt to mitigate these issues indirectly by optimizing clients (through adaptive participation, local training, or selection strategies) or by optimizing models (via pruning, quantization, or compression), but they ignore potential network bottlenecks. This paper introduces FLAG, an FL architecture that embeds innetwork aggregation directly into 5G gNodeBs, transforming the network into an active participant in the learning process. In particular, FLAG performs parameter aggregation at line rate within the 5G Service Data Adaptation Protocol layer and incorporates three mechanisms: Partial-Contribution Correction for loss-tolerant averaging, a timer-driven pipeline for real-time scheduling, and a deadline-based grouping strategy to mitigate stragglers. Experiments with realistic wireless emulation show that FLAG achieves up to 5.1× faster time-to-accuracy and maintains accuracy within 0.8% of a loss-free baseline, while reducing gNB-to-server bandwidth by aggregating pergNB rather than per-client. FLAG requires no modifications to clients or the parameter server, demonstrating how 5G-aware system design can make federated learning scalable, efficient, and resilient under real-world wireless conditions.	10.1109/TNSM.2026.3697723
Jing Zhang, Chao Luo, Rui Shao	MTG-GAN: A Masked Temporal Graph Generative Adversarial Network for Cross-Domain System Log Anomaly Detection	2026	Early Access	Anomaly detection Adaptation models Generative adversarial networks	Anomaly detection of system logs is crucial for the service management of large-scale information systems. Nowadays, log anomaly detection faces two main challenges: 1) capturing evolving temporal dependencies between log events to adaptively tackle with emerging anomaly patterns, 2) and maintaining high detection capabilities across varies data distributions. Existing methods rely heavily on domain-specific data features, making it challenging to handle the heterogeneity and temporal dynamics of log data. This limitation restricts the deployment of anomaly detection systems in practical environments. In this article, a novel framework, Masked Temporal Graph Generative Adversarial Network (MTG-GAN), is proposed for both conventional and cross-domain log anomaly detection. The model enhances the detection capability for emerging abnormal patterns in system log data by introducing an adaptive masking mechanism that combines generative adversarial networks with graph contrastive learning. Additionally, MTG-GAN reduces dependency on specific data distribution and improves model generalization by using diffused graph adjacency information deriving from temporal relevance of event sequence, which can be conducive to improve cross-domain detection performance. Experimental results demonstrate that MTG-GAN outperforms existing methods on multiple real-world datasets in both conventional and cross-domain log anomaly detection.	10.1109/TNSM.2026.3654642
Weina Meng, Jiawen Shi, Xiaoqun Chen, Weinan Liu, Jiangjun Yuan	Time Period Selected Aggregation for Providing Hierarchical and Differentiated Services in Mobile Sensing	2026	Early Access	Modeling Timing Protocols	With the advancement of smart terminals and wireless networking technologies, mobile sensing has gained increasing popularity. A myriad of applications have emerged based on mobile sensing, with particular attention being drawn to data aggregation applications. Over the years, numerous studies have been conducted, ranging from initial approaches that did not address the issue of untrusted aggregators to more recent solutions capable of handling such challenges. In this paper, we introduce two novel types of data aggregation applications designed to offer hierarchical and differentiated services, alongside proposing two corresponding protocols equipped with privacy-preserving capabilities. These protocols ensure the protection of mobile users’ privacy concerning their sensed data in the presence of an untrusted aggregator, and are resilient against collusion attacks. Our protocols achieve constant key storage overhead (only 1 key per user), in stark contrast to other state-of-the-art schemes where the overhead grows linearly with the number of service levels. We perform a performance analysis of the proposed protocols using the building block protocol as a benchmark, which demonstrates their efficiency: each mobile user incurs a total energy cost of approximately 62.0 mJ per reporting round, with an average end-to-end aggregation latency of less than 10 milliseconds, demonstrating that the proposed protocols can be used in practical settings. While the proposed protocols rely on a trusted authority, a common assumption in existing privacy-preserving aggregation schemes, future work will explore decentralized key management to support fully trustless environments.	10.1109/TNSM.2026.3704409
Ishu Gupta, Ashutosh Kumar Singh	Statistical Analysis Driven Prediction Model for Malicious Entity Detection in Cloud Environment	2026	Early Access	Modeling Signal detection Clouds	Data sharing across distinct entities, including clouds, has become a necessity to enhance the performance of enterprises; however, it leads to data protection challenges. In this paper, a novel model aimed at data protection is presented when multiple untrusted parties are involved in the system. The proposed model enables secure data sharing and effective data distribution among the involved entities while minimizing the risk associated with data exposure. It enables the identification of malicious entities responsible for data leakage with high confidence. To this end, an efficient distribution strategy based on object and user selection, incorporating an operative access control mechanism, is proposed. Furthermore, algorithms are designed for the selection of data to be distributed among users. Experimental results demonstrate that the proposed model achieves significant improvements of 31%, 97%, and 64% in success rate, detection rate, and assessment rate, respectively, compared to prior works. Moreover, it reduces data leakage by up to 75% and lowers the error rate by up to 83% for malicious entity detection, while simultaneously enhancing detection performance and capability by up to 32% and 40%, respectively, over existing approaches.	10.1109/TNSM.2026.3704450
Deemah H. Tashman, Soumaya Cherkaoui	Trustworthy AI-Driven Dynamic Hybrid RIS: Joint Optimization and Reward Poisoning-Resilient Control in Cognitive MISO Networks	2026	Early Access	Reconfigurable intelligent surfaces Reliability Optimization	Cognitive radio networks (CRNs) are a key mechanism for alleviating spectrum scarcity by enabling secondary users (SUs) to opportunistically access licensed frequency bands without harmful interference to primary users (PUs). To address unreliable direct SU links and energy constraints common in next-generation wireless networks, this work introduces an adaptive, energy-aware hybrid reconfigurable intelligent surface (RIS) for underlay multiple-input single-output (MISO) CRNs. Distinct from prior approaches relying on static RIS architectures, our proposed RIS dynamically alternates between passive and active operation modes in real time according to harvested energy availability. We also model our scenario under practical hardware impairments and cascaded fading channels. We formulate and solve a joint transmit beamforming and RIS phase optimization problem via the soft actor-critic (SAC) deep reinforcement learning (DRL) method, leveraging its robustness in continuous and highly dynamic environments. Notably, we conduct the first systematic study of reward poisoning attacks on DRL agents in RIS-enhanced CRNs, and propose a lightweight, real-time defense based on reward clipping and statistical anomaly filtering. Numerical results demonstrate that the SAC-based approach consistently outperforms established DRL base-lines, and that the dynamic hybrid RIS strikes a superior trade-off between throughput and energy consumption compared to fully passive and fully active alternatives. We further show the effectiveness of our defense in maintaining SU performance even under adversarial conditions. Our results advance the practical and secure deployment of RIS-assisted CRNs, and highlight crucial design insights for energy-constrained wireless systems.	10.1109/TNSM.2026.3660728
Mansoor Davoodi, Setareh Maghsudi	Efficient Resource Allocation under Adversary Attacks: A Decomposition-Based Approach	2026	Early Access	Resource management Optimization Modeling	We address the problem of allocating limited resources in a network under persistent yet statistically unknown adversarial attacks. Each node in the network may be degraded, but not fully disabled, depending on its available defensive resources. The objective is twofold: to minimize total system damage and to reduce cumulative resource allocation and transfer costs over time. We model this challenge as a bi-objective optimization problem and propose a decomposition-based solution that integrates chance-constrained programming with network flow optimization. The framework separates the problem into two interrelated subproblems: determining optimal node-level allocations across time slots, and computing efficient inter-node resource transfers. We theoretically prove the convergence of our method to the optimal solution that would be obtained with full statistical knowledge of the adversary. We further establish an O(√T log(nT)) regret bound, showing that the average per-round performance gap shrinks as O(1/√T). Extensive simulations demonstrate that our method efficiently learns the adversarial patterns and achieves substantial gains in minimizing both damage and operational costs, comparing three benchmark strategies under various parameter settings.	10.1109/TNSM.2026.3703620
Kunpeng Zheng, Huibin Zhang, Yongli Zhao, Yuan Cao, Wei Wang, Xin Li, Zhuangzhuang Ma, Lihan Zhao, Jie Zhang	Sun-Outage-Aware Topology Modeling and Adaptive Routing for Optical Satellite Networks	2026	Early Access	Sun Interrupters Joining processes	Optical satellite networks, supported by optical inter-satellite links (OISLs), provide reliable and low-latency optical connectivity. However, periodic and predictable sun outage events significantly compromise OISL availability, leading to frequent OISL interruptions and reduced network reliability. Existing routing algorithms often overlook the regularity of sun outage-induced interrupts and their differentiated impacts on services, resulting in degraded service performance. To address this challenge, this paper proposes a sun outage-enhanced time discretization OISL model and introduces a sun outage link-aware routing (SOLR) algorithm. By incorporating joint awareness of sun outage patterns and service requirements, SOLR employs an adaptive optimization mechanism to dynamically adjust routing decisions within temporal windows. Experimental results demonstrate that SOLR extends stable path durations by 39.9%, reduces interruption rates by 28.5%, and decreases blocking rates by 36.4%, significantly outperforming link-state-based routing algorithms. By effectively mitigating the impact of sun outages, SOLR ensures continuous optical service connections. This interruption-tolerant framework bridges network modeling and service provisioning, offering a robust solution for mission-critical service in optical satellite networks.	10.1109/TNSM.2026.3697856
Heng Xu, Chengze Du, Zhiwei Yu, Letian Li, Ying Zhou, Bo Liu, Jialong Li	Distributed Flow Control for Efficient DNN Training Scheduling	2026	Early Access	Schedules Scheduling Training	Distributed Deep Neural Network (DNN) training generates periodic, long-lived, and interdependent flows that contrast sharply with the short, bursty, and independent flows typical of traditional cloud services. Existing flow scheduling methods, optimized for cloud traffic, struggle to handle the structured communication of DNN workloads, while static schedulers remain brittle under the computation jitter and stochasticity inherent in multi-tenant AI clusters. We propose a distributed traffic control and scheduling framework called PQ, which shifts from fragile global synchronization to a token-based queuing concept. PQ utilizes standard priority queues in commercial switches as elastic buffers, dynamically mapping task urgency to traffic priorities based on specific scheduling policies, such as minimizing waiting time, thereby accelerating efficiency. Results show that PQ achieves stable communication interleaving 3.6× to 8.8× faster than reactive baselines like MLTCP and FQ. Furthermore, it significantly optimizes performance by reducing average iteration time by up to 29.2% while maintaining higher link utilization.	10.1109/TNSM.2026.3704403
Liang Chen, Xiaoding Wang, Limei Lin, Yanze Huang, Siwei Zheng	Defense in Depth: Architectural Homology for Adversarially Robust Semantic Communication	2026	Early Access		Semantic communication framework based on deep encoder–decoder architectures are increasingly vulnerable to adversarial attacks, wherein imperceptible input perturbations can induce significant misclassifications, posing critical risks to next-generation communication networks. To address this challenge, we introduce TopAliSC-KG, a holistic robust learning framework designed to fortify semantic communication against adversarial threats through a multi-layered defense strategy. Our approach integrates two complementary mechanisms: a homology graph-aligned adversarial training module that embeds topological constraints into the model optimization process to promote structural invariance, and a knowledge-guided semantic consistency module that utilizes auxiliary models to inject stable, high-level semantic information into the training loop. Together, these components establish a defense-in-depth architecture that enhances resilience across data, feature, and model levels. Extensive evaluations across diverse channel conditions, signal-to-noise ratios, and adversarial attack scenarios show that TopAliSC-KG consistently improves adversarial accuracy by 0.32%–3.39%, with the knowledge guidance mechanism contributing a further 0.11%–0.21% gain. This work provides a validated, multi-framework defense strategy suitable for securing semantic communication in mission-critical applications, advancing both the security and reliability of intelligent communication systems.	10.1109/TNSM.2026.3705940
Dhiraj Bhattacharjee, Pablo G. Madoery, Abhishek Naik, Halim Yanikomerglu, Güneş Karabulut Kurt, Stéphane Martel	SQ-ROQ: A Scalable Framework for QoS-Aware Joint Routing and Queue Management in Satellite Mega-Constellations	2026	Early Access		The modern Internet accommodates a wide range of applications with heterogeneous quality of service (QoS) requirements across multiple network performance metrics. Low Earth orbit (LEO) satellite constellations have emerged as a promising solution to support these diverse services, not only in rural and remote areas but also in urban environments as a complement to terrestrial networks. Ensuring QoS compliance in such networks necessitates the joint optimization of routing and queue management, as effective traffic handling is critical to maintaining performance guarantees across multiple flows. In this paper, we formulate a joint routing and queue management problem in which QoS requirements are treated as soft constraints, with the objective of maximizing end-user experience while maintaining fairness among competing traffic flows. Given the combinatorial and NP-hard nature of the problem, we propose SQ-ROQ, a computationally efficient framework that decomposes the network into multiple domains and employs a Monte Carlo tree search (MCTS)-based optimization strategy to jointly determine routing and queue management decisions. Using the Starlink Phase 1 Version 2 constellation as a case study, we conduct a comparative analysis of end-user experience and fairness. The proposed algorithm shows higher and stable end-user experience and fairness served to multiple traffic flows as compared to the benchmarks. Building on this, we further investigate the inherent trade-off between optimizing user experience and ensuring fairness, as well as the impact of varying traffic loads on the proposed algorithm and the benchmark schemes. Finally, we demonstrate the scalability of SQ-ROQ through a comparative evaluation of both theoretical time complexity and measured average computation time.	10.1109/TNSM.2026.3705946
Kai Chen, Guangjie Liu, Jiangtao Zhai, Weiwei Liu, Yuewei Dai	SSH-CAM: Fine-Grained SSH Behavior Identification in Encrypted Tunnel Traffic using Curriculum-Adaptive Mixup	2026	Early Access		Encrypted tunneling mechanisms are widely deployed for privacy protection and secure communication, while also obscuring application-layer semantics, making fine-grained traffic analysis more challenging. When Secure Shell (SSH) traffic is encapsulated within encrypted tunnels, multiple internal behaviors can coexist within a tunneled flow, such that traffic captured at a tunnel observation point rarely corresponds to a single behavior. Existing tunnel analysis methods focus on protocol- or application-level identification and are not designed for fine-grained SSH behavior identification under complex tunnel scenarios. We present SSH-CAM, a curriculum-guided framework for inferring the dominant SSH behavior at encrypted tunnel observation points, robust to the presence of coexisting interfering behaviors within the captured traffic. SSH-CAM constructs packet-level representations that capture both structural attributes and temporal information, followed by sequence-level feature extraction. A Curriculum-Adaptive Mixup mechanism is introduced to gradually increase training difficulty through controlled structural interpolation. The framework also imposes a learnable Gaussian prototype constraint on the latent representations, fostering intra-class compactness and greater inter-class separation under significant interference. Experiments conducted on a dataset constructed from six widely used tunneling protocols demonstrate that SSH-CAM consistently outperforms existing baselines across varying interference levels, showing robustness in highly mixed tunnel traffic scenarios.	10.1109/TNSM.2026.3705758
Mohamed Seliem, Utz Roedig, Cormac Sreenan, Dirk Pesch	M-FRER: A Multi-Connectivity Framework for Reliable and Deterministic 5G–TSN Integration	2026	Early Access		Achieving ultra-reliable communication under strict end-to-end latency constraints in integrated 5G–TSN systems requires fault-tolerant mechanisms that extend beyond single-leg wireless transmission. Existing approaches that extend IEEE 802.1CB Frame Replication and Elimination for Reliability (FRER) to 5G through redundant PDU sessions or dual connectivity remain restricted to two-leg redundancy, lack correlation awareness, and operate under static replication policies. This paper proposes M-FRER, a multi-connectivity extension of FRER that enables replication and elimination across M heterogeneous connectivity legs, including multi-RAT, multi-PDU session, and non-3GPP access. M-FRER introduces (i) a correlation-aware reliability model that captures shared-risk dependencies between legs, and (ii) an adaptive replication controller that selects the active replication set while minimizing bandwidth, energy, and control overhead. Evaluations combining trace-based latency modeling with analytical reliability bounds under correlation show that M-FRER achieves five-nines on-time reliability (≥99.999%) with only a modest bandwidth increase relative to dual-connectivity replication, while maintaining bounded jitter through controlled elimination windows. These results indicate that deadline-compliant communication over stochastic wireless media is achievable when redundancy and control are jointly optimized, positioning M-FRER as a scalable foundation for TSN-integrated industrial 5G deployments.	10.1109/TNSM.2026.3705859
Daishi Kondo, Yuya Shibuya, Rie S. Yamaguchi, Tomohiro Ishihara, Yuji Sekiya, Toshiyuki Nakata, Tohru Asami	Assessing the Adoption of Email Security Measures After Google’s New Sender Guidelines	2026	Early Access		The email sender guidelines introduced by Google on October 3, 2023, mandate authentication protocols like Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC) to enhance email security. However, how such platform-driven policies can effectively promote the adoption of security measures across the global email ecosystem remains unclear. In this measurement study, we analyze the impact of these guidelines by examining the adoption of email security measures across globally popular domains and country-specific subsets. Our results show that the adoption of SPF, DKIM, and DMARC has not yet achieved widespread uptake and exhibits significant regional disparities. In particular, domains associated with China, South Korea, and Japan exhibit consistently low adoption rates. While low adoption in China and South Korea can be partially explained by Gmail’s limited influence in these countries, Japan presents a striking contradiction, with low adoption persisting despite Google’s dominance. Focusing on Japanese-stock market-listed companies, we observe a significant increase in DMARC adoption following the introduction of the guidelines; however, a substantial proportion of entities remain non-compliant. These findings suggest that platform-driven policies alone are insufficient to achieve widespread security adoption and highlight the need for broader, ecosystem-level, multi-stakeholder initiatives.	10.1109/TNSM.2026.3707567
Masoumeh Safkhani, Mohammad Reza Servati, Fatemeh Rezaei	HEIoT: A Novel Three-Factor Authentication Protocol for Enhanced Security in IoT and Next-Generation Networks	2026	Early Access	Authentication Internet of Things Protocols	The Internet has a significant impact on contemporary society, enabling a wide range of applications, including advanced cellular networks such as 4G, 5G, and 6G. Since these communications occur over shared or open channels, ensuring secure data exchange is of critical importance, as any weakness in the communication infrastructure may compromise system reliability. Device authentication in the Internet of Things (IoT) and user authentication in smart environments, such as smart homes, remain fundamental security challenges. As the first line of defense, authentication mechanisms must be robust, since vulnerabilities at this stage can expose the entire system to serious threats. To address these challenges, numerous authentication schemes based on cryptographic primitives, including Elliptic Curve Cryptography (ECC), have been proposed. In this paper, we present a comprehensive security analysis of an ECC-based three-factor authentication protocol proposed by Yuan et al. Our analysis shows that the protocol is vulnerable to desynchronization, user impersonation, traceability, and insider attacks, all of which succeed with probability 1 by exploiting at most two protocol phases. To mitigate these weaknesses, we propose an improved authentication scheme, called HEIoT. The proposed scheme is formally analyzed under the Real-or-Random (RoR) model to establish session-key security and is further verified using the Scyther tool. Moreover, a Python-based implementation is provided to demonstrate the practicality of the proposed protocol. Comparative results indicate that HEIoT achieves stronger security while maintaining acceptable communication, computational, and storage overhead.	10.1109/TNSM.2026.3702041
Huijuan Zhu, Chenhao Zheng, Zhongyuan Liu, Yuan Zhang	Reliable Interpretations of Deep Learning-based Malware Detectors via Deep Q-Networks	2026	Early Access	Malware Signal detection Modeling	Deep learning has become widely used in Android malware detection, but its black-box nature raises trust concerns, limiting its use in critical security areas. To address this, various interpretation methods have been proposed. Unfortunately, these solutions often suffer from inconsistent results and poor adaptability to model updates. In this work, we propose XDQNMal, a Deep Q-Networks (DQN)-based global interpretation framework designed to uncover the critical features that drive decisions in deep learning-based malware detectors. To enhance the reliability of interpretation, XDQNMal captures API call frequency features derived from the runtime behavior of each application (App). Then, it unites a DQN model with the TabPFN detection model to work collaboratively, using variations in detection results as reward signals. These signals guide the DQN model to gradually identify the most impactful features as interpretations for the detection model’s decisions. Our experimental evaluation on real-world datasets demonstrates that the proposed XDQNMal framework generates reliable interpretation for deep learning-based malware detection models. For instance, suppressing the critical features identified by XDQNMal leads to an average decrease of 20.30% in the probability that the malicious sample is predicted as malicious, highlighting the pivotal role these features play in the model’s decision-making.	10.1109/TNSM.2026.3699408
Wenying Wang, Mohammad S. Obaidat, Xuxun Liu, Kuei-Fang Hsiao	Node-Differentiated Resource Allocation for Media Access Control in Wireless Body Area Networks	2026	Early Access	Timing Resource management Media Access Control	Medium access control (MAC) is crucial for resource allocation in wireless body area networks (WBANs). However, existing MAC protocols often suffer from transmission conflicts and inefficient channel utilization. To address these issues, this paper proposes a Node-Differentiated Resource Scheduling (NDRS) MAC protocol, which dynamically allocates access resources based on node-specific requirements. This protocol employs a superframe structure consisting of a contention-based phase and a contention-free phase for data transmission. A Mamdani fuzzy inference system is utilized to calculate continuous node priorities. These priorities achieve fine-grained differentiation of node importance and thus serve as the foundation for transmission conflict minimization. During the contention-based phase, continuous and differentiated backoff times are assigned to nodes based on their priorities. These backoff times effectively reduce transmission collisions and enhance channel utilization. In the contention-free phase, time slots are preferentially allocated to nodes with higher priority, better channel utilization, and greater transmission reliability. This allocation thereby enhances channel usage efficiency and reduce transmission delays. This protocol is characterized by three key features: precise node prioritization, low transmission collisions, and high channel utilization. Extensive experimental results demonstrate that NDRS outperforms existing protocols in terms of average delay, throughput, packet loss ratio, and average energy consumption.	10.1109/TNSM.2026.3700262
Jeffrey Redondo, Nauman Aslam, Juan Zhang, Zhenhui Yuan	Optimising QoS in HD Map Updates: Cross-Layer Multi-Agent with Multi-task and Mixed-Dependence (MTMD)	2026	Early Access	Optimization Timing High definition video	High-definition (HD) maps generated from autonomous vehicle (AV) sensor data are essential for enabling high levels of driving automation. However, offloading large volumes of raw sensory data to edge servers in dense vehicular ad hoc networks (VANETs) introduces significant latency due to network congestion and packet collisions. Existing solutions primarily focus on dynamically adjusting the minimum contention window (CWmin), while additional MAC-layer parameters — including the maximum contention window (CWmax) and interframe space number (IFSn) — remain largely underexplored. To address this, we propose a cross-layer multi-agent reinforcement learning (MARL) framework that jointly optimises CWmin–CWmax, IFSn, and transmission waiting time within IEEE 802.11p-compliant bounds. The proposed multi-task mixed-dependence (MTMD) framework decomposes the optimisation problem into specialised subtasks handled by selectively coupled agents, balancing coordination and scalability while avoiding the overhead of fully symmetric MARL or centralised hierarchical controllers. A lightweight orchestration layer coordinates agent interaction with the simulation environment via secure message exchange. Evaluated against standard EDCA and representative RL baselines, MTMD achieves latency reductions of 31%, 49%, 87.3%, and 64% for Voice, Video, HD Map, and Best-Effort traffic, respectively, confirming the effectiveness of structured multi-parameter optimisation for latency-critical vehicular applications.	10.1109/TNSM.2026.3705270