Last updated: 2026-07-09 05:01 UTC
All documents
Number of pages: 168
| Author(s) | Title | Year | Publication | Keywords | ||
|---|---|---|---|---|---|---|
| Shuang Zheng, Xing Zhang, Michael Sheng, Haixu Wang, Wenbo Wang | Beam Hopping Low Earth Orbit Satellite Resource Allocation for Differentiated Services and Robustness Analysis under Model Attacks | 2026 | Early Access | Beams Satellites Resource management Modeling Optimization Schedules Scheduling Low earth orbit satellites Algorithms Bridges LEO satellite communications deep reinforcement learning digital twin resource allocation adversarial attack | Beam hopping (BH)-enabled Low Earth Orbit (LEO) satellites play a pivotal role in next-generation communication networks, providing global coverage, improving spectrum efficiency, and supporting flexible adaptation to heterogeneous service demands. To fully exploit these capabilities, artificial intelligence (AI) techniques are increasingly employed for dynamic resource allocation and power management. However, limited onboard resources and potential adversarial perturbations pose challenges to both efficiency and robustness. To address these issues, we leverage digital twin technology to accurately capture the spatio-temporal dynamics of user–satellite visibility, providing precise state information for decision-making. Building on this, we formulate a joint optimization framework for BH scheduling and power allocation as a Markov Decision Process and propose the BRIDGE—BH with Reinforcement learning incorporating Integrated Dirichlet and Gumbel-TopK Exploration—which integrates a quality of service (QoS)-driven subchannel scheduling mechanism to ensure efficient and differentiated resource allocation. The model’s robustness is systematically evaluated under three classical adversarial attacks. Simulation results demonstrate that our approach achieves superior energy efficiency, service throughput, and fairness, while the robustness analysis shows stable performance under the considered bounded adversarial perturbations. | 10.1109/TNSM.2026.3710750 |
| Yiyang Li, Wei Wang, Yibo Wang, Qiaojun Hu, Weiliang Zhang, Yongli Zhao, Xiaoyu Wang, Jie Zhang | Computing-State Driven Proactive Congestion Control for AI Cluster Interconnect Networks | 2026 | Early Access | Timing Modeling Fluid flow Information rates Throughput Switches Training Data centers Conferences Joining processes large language model remote direct memory access congestion control algorithms distributed training | The rapid upgrade of computing power and the prosperity of large language model (LLM) in data center networks (DCNs) lead to a rigorous demand for ultra-low latency and high throughput. To mitigate the overhead of collective communication during distributed training (DT), Remote Direct Memory Access (RDMA) has been widely adopted in DCNs. Particularly, congestion control algorithms (CCAs) designed for RDMA have attracted much attention to mitigate performance deterioration under network congestion. However, through comprehensive analysis, we investigate that, due to sluggish end-to-end reaction and slow rate convergence, existing widely used reactive CCAs have several limitations in handling bursty traffic (e.g., AllReduce). Specifically, excessive packets are transmitted before senders activate the reaction and converge to the fair rate, which builds up a deep queue and may incur subsequent significant throughput loss. In this paper, we propose a computing-state driven proactive congestion control (CSPCC) with easy deployability. CSPCC consists of the congestion prediction module and the active congestion response module. It leverages current computing state to predict network congestion time and inform corresponding sources in advance. We provide a detailed introduction to the implementation of CSPCC. Then, we conducted small-scale hardware tests and large-scale simulations to evaluate the performance of CSPCC. On our testbed, under NCCL-TESTs, CSPCC improves throughput by 1.67%–13.35% and decreases switch queue occupancy by 28.33%–58.33% compared to DCQCN. Furthermore, under concurrent multi-job LLaMA training, it reduces end-to-end job completion time (JCT) by 5.3%–9.0%. | 10.1109/TNSM.2026.3705429 |
| Yongqiang Dong, Jiangnan Sun, Jiawen Li, Yongbo Liu | Learning to Configure Like Engineers: Manual Guided Network Configuration Sketch Generation | 2026 | Early Access | Modeling Syntactics Large language models Manuals Retrieval augmented generation Optimization Generators Grounding Design methodology Joining processes Network Configuration Automation Intent-Based Networking Large Language Models Retrieval-Augmented Generation | Network configuration automation is a key component of intelligent network operations aiming to transform user intents into executable device configurations. Most existing approaches take a paradigm of parameter filling within predefined sketches, where the sketches have to be crafted manually by engineers and user intents are expressed in a specific format. Other studies follow a routine of synthesizing configurations directly from natural-language intents, taking advantage of large language models (LLMs) and retrieval augmented generation techniques. The results are yet far from satisfactory in practice due to the complexity of the network configuration requirements. A recently proposed example-driven configuration synthesis method (CEGS), attempts to learn from configuration examples provided by vendors. However, its effectiveness is bounded by example coverage, and the method struggles to generalize to new scenarios. To address this, we present LCLE, an end-to-end sketch generation framework that learns how to configure networks from device configuration guides and command references, much as human engineers do. Specifically, LCLE automatically generates configuration sketches from natural-language intents by LLMs with a structured device configuration model (DCM) extracted from vendor manuals. The DCM organizes configuration workflows, command syntax, and view hierarchies into a unified knowledge base that supports LCLE’s retrieval-augmented generation through a three-stage pipeline of intent parsing, sketch generation, and sketch optimization. Extensive experiments on Huawei and Cisco devices show that LCLE significantly improves the semantic completeness and syntactic correctness of the generated configuration sketches. In addition, the framework can be easily extended to new devices and protocols through DCM updates, promising a scalable solution for automated network configuration. | 10.1109/TNSM.2026.3710600 |
| Heewon Kim, Hochan Lee, Chanbin Bae, Haneul Ko, Sangheon Pack | Traffic- and Multi-Tenancy-Aware In-Network Aggregation Placement for Distributed Machine Learning | 2026 | Early Access | Memory Magnesium Modeling Algorithms Telecommunication traffic Timing Delays Switches Fluid flow Educational institutions In-Network Aggregation Distributed Machine Learning Programmable Data Plane P4 | Distributed machine learning is an effective method to alleviate the intensive computation costs of training; however, it suffers from network bottlenecks while collecting local results. The recent advent of programmable data planes has opened a new avenue, in-network aggregation, which executes gradient aggregations in the middle of the network, resolving network bottlenecks, and further accelerates distributed machine learning. However, due to resource-constrained features of current programmable data planes, deploying in-network aggregation functionalities throughout the network would impose an unacceptable burden, posing a need for sophisticated deployment. In this paper, a problem of deploying in-network aggregation functionalities is studied to minimize the total network traffic in multi-tenant distributed machine learning. We formulate the problem as an integer linear programming (ILP) problem and prove its NP-hardness. Since finding the optimal solution using the brute-force method is extremely complicated, we propose a traffic-aware in-network aggregation placement algorithm based on a two-stage many-to-one matching game (denoted TAPINA-MG). The simulation results demonstrate that TAPINA-MG shows nearoptimal performance with low complexity, achieving up to 22.5%, 38.9%, and 96.0% reduction for network traffic, maximum link utilization, and communication time, respectively, compared to state of the art, and effectively handles dynamic situations with minimal migration delay and comparable traffic performance. | 10.1109/TNSM.2026.3709103 |
| Daishi Kondo, Yuya Shibuya, Rie S. Yamaguchi, Tomohiro Ishihara, Yuji Sekiya, Toshiyuki Nakata, Tohru Asami | Assessing the Adoption of Email Security Measures After Google’s New Sender Guidelines | 2026 | Early Access | Electronic mail Security Modeling Internet Search engines Companies Guidelines Recording Educational institutions Business DKIM DMARC Email authentication Internet measurements Security protocol adoption SPF | The email sender guidelines introduced by Google on October 3, 2023, mandate authentication protocols like Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC) to enhance email security. However, how such platform-driven policies can effectively promote the adoption of security measures across the global email ecosystem remains unclear. In this measurement study, we analyze the impact of these guidelines by examining the adoption of email security measures across globally popular domains and country-specific subsets. Our results show that the adoption of SPF, DKIM, and DMARC has not yet achieved widespread uptake and exhibits significant regional disparities. In particular, domains associated with China, South Korea, and Japan exhibit consistently low adoption rates. While low adoption in China and South Korea can be partially explained by Gmail’s limited influence in these countries, Japan presents a striking contradiction, with low adoption persisting despite Google’s dominance. Focusing on Japanese-stock market-listed companies, we observe a significant increase in DMARC adoption following the introduction of the guidelines; however, a substantial proportion of entities remain non-compliant. These findings suggest that platform-driven policies alone are insufficient to achieve widespread security adoption and highlight the need for broader, ecosystem-level, multi-stakeholder initiatives. | 10.1109/TNSM.2026.3707567 |
| Yahuza Bello, Ahmed Refaey, Ping Yang | Secure Multi-Timescale Orchestration for Zero-Trust Cross-Datacenter Networks | 2026 | Early Access | Authentication Optimization Resource management Modeling Costing Costs Timing Data centers Learning (artificial intelligence) Security Zero trust architecture hierarchical deep reinforcement learning cross-datacenter networks multi-timescale optimization resource management | The widespread deployment of geographically distributed Data Centers (DCs) has intensified the need for scalable and secure access control mechanisms across Cross-Datacenter Networks (CDNs). Zero Trust Architecture (ZTA) addresses this need by enforcing continuous authentication and authorization through Policy Decision Points (PDPs); however, determining where to deploy PDPs and how to dynamically assign authentication requests in the CDNs remains a challenging and NP-hard problem. This challenge arises from the tight coupling between long-term placement decisions and short-term, stochastic authentication workloads. In this paper, we formulate a joint PDP placement and authentication assignment problem for zero-trust-enabled CDNs that minimizes deployment cost, authentication assignment cost, bandwidth consumption, and the number of active PDP instances under resource constraints. To efficiently solve the problem, we propose a Hybrid Hierarchical Deep Reinforcement Learning (HHDRL) framework that decomposes decision-making across multiple time scales. A high-level Double Deep Q-Network (DDQN) agent learns long-term PDP placement policies, while multiple low-level Asynchronous Advantage Actor–Critic (A3C) agents perform real-time authentication assignment within each DC. Extensive simulations demonstrate that the proposed DDQN–A3C framework converges reliably and consistently outperforms benchmark schemes, including DDQN–A2C, a single-agent DDQN approach, and a greedy baseline, achieving lower overall system cost and improved scalability with modest computational overhead. | 10.1109/TNSM.2026.3707392 |
| Xiwen Liao, Supeng Leng, Ke Zhang, Yao Sun, Muhammad Ali Imran | Spatiotemporal Resource Orchestration for LLM Inference in Vehicular-Edge Networks | 2026 | Early Access | Modeling Large language models Vehicles Servers Timing Optimization Joining processes Resource management Educational institutions Vehicular ad hoc networks Large language model task orchestration resource allocation vehicular-edge networks | Large Language Models (LLMs) have been increasingly applied to intelligent vehicular systems for tasks such as scene understanding, intent reasoning, and natural language interaction. However, their inference demands exceed onboard processing capabilities, making low-latency on-vehicle inference impractical. Although edge computing can partially offload computation, the prolonged nature of LLM inference often causes execution to exceed the residence time of vehicles within edge coverage areas, leading to frequent service interruption. To address these challenges, we propose a collaborative spatiotemporal resource orchestration architecture for LLM inference in vehicular-edge networks (CoInfer). CoInfer exploits the intrinsic decomposability of LLM inference by modeling each request as a Directed Acyclic Graph (DAG) of interdependent subtasks, which are then scheduled, migrated, and aggregated along the road network to preserve end-to-end inference continuity. To improve latency and resource efficiency, CoInfer integrates multi-agent reinforcement learning for coarse-grained task orchestration with a reactive scheduler for fine-grained resource adaptation, forming a closed-loop service optimization under dynamic resource conditions. The simulation results demonstrate that CoInfer achieves a task success ratio of up to 96.0% and reduces the end-to-end inference latency by 35.7% compared to representative baselines. | 10.1109/TNSM.2026.3710972 |
| Manish Bansal, J. Harshan | Low-Latency Spatial-Provenance Recovery Methods for Privacy-Constrained Vehicular Networks | 2026 | Early Access | Privacy Vehicles Delays Probability Protocols Filtering Filters Modeling Sequences Sequential analysis Localization Bloom filters joint data-and spatial-provenance V2X privacy low-latency | In multihop Vehicle-to-Everything (V2X) networks, Road Side Units (RSUs) intend to collect information on vehicles’ location in a low-latency manner while respecting their privacy constraints to support real-time location-based services. To facilitate data collection, provenance is known to ensure trust and accountability of data. Although existing joint data- and spatial-provenance techniques preserve the privacy of vehicles up to a certain granularity with respect to the RSU and other vehicles, they are unsuitable when stringent deadlines are imposed on the end-to-end delay on the packets. As a consequence, there is a need for designing spatial-provenance methods for V2X networks that satisfy stringent deadlines on the end-to-end delays while managing the privacy concerns. To fill this research gap, we propose two novel protocols, namely: Bi-Segment Embedding (BSE) and Tri-Segment Embedding (TSE), which provide a skipping mechanism for joint data- and spatial-provenance while trading off privacy features among the vehicles. Through an extensive theoretical framework, we provide an analysis of the proposed schemes in terms of reliability, privacy, and communication overhead. When compared to the baselines, our protocols offer lower end-to-end delay, higher reliability in provenance reconstruction, and the same level of privacy with respect to the RSU. We validate latency gains using practical radio parameters, and our study reveals that our proposed protocols offer significant benefits in latency when implemented over a 5G stack. | 10.1109/TNSM.2026.3710000 |
| Guangxia Xu, Zhuo Ye, Lu Wang, Xing Huang, Lei Liu, Shahid Mumtaz, Mohsen Guizani | GNN-OSS: A Capacity-Feasible Graph Learning Framework for Secure Blockchain Sharding in IIoT | 2026 | Early Access | Graph neural networks Sharding Information rates Throughput Industrial Internet of Things Learning (artificial intelligence) Robustness Topology Modeling Security Industrial Internet of Things (IIoT) Blockchain Sharding Network Resource Management Graph Neural Networks (GNNs) Trust Management | Effective scaling of blockchain-enabled Industrial Internet of Things (IIoT) requires sharding that simultaneously ensures transaction locality, strict committee-size feasibility, and robustness against malicious node concentration. Existing methods often fail to balance this trilemma, risking either infeasible deployments or increased shard-takeover vulnerabilities. To address this, we propose GNN-OSS, a deployable sharding framework that decouples topology-aware preference learning from hard constraint enforcement. It first employs a trust-repulsion graph neural network to learn locality-aware preferences while discouraging low-trust nodes from collapsing into the same representation region. A Post-Hoc Capacity-Constrained Projection (PH-CCP) then maps these soft preferences into strictly feasible shard assignments. Finally, an entropy-driven Over-lapping Sparse Scheme (OSS) selectively replicates boundary nodes to reduce residual cross-shard overhead without altering primary consensus membership. Evaluations demonstrate that, under the evaluated settings, GNN-OSS achieves a favorable performance–security trade-off. Against 20% malicious nodes, it substantially mitigates shard-takeover risks. Furthermore, it improves throughput by up to 33% over strictly feasible baselines and lowers the cross-shard ratio from 6.4% to 4.4% with minimal per-epoch overhead. Overall, GNN-OSS provides a practical sharding framework for open or hybrid blockchain-enabled IIoT environments. | 10.1109/TNSM.2026.3709024 |
| Juan Zhang, Yangjun Ma, Xunzheng Zhang, Zhao Huang, Qiuji Yi, Nauman Aslam | Multi-objective SFC Placement with Future Demand Awareness in Dynamic Cross-Domain Networks | 2026 | Early Access | Modeling Optimization Transformers Topology Resource management Tin Modules (abstract algebra) Availability Service function chaining Scalability Service function chaining cross-domain networks multi-objective optimization resource allocation predictive modeling | Efficient service function chain (SFC) placement is critical for optimizing network service delivery in dynamic cross-domain networks (CDNs), especially under resource-constrained and heterogeneous environments. However, existing approaches face fundamental limitations in achieving effective multi-objective optimization, particularly in balancing latency minimization with efficient resource utilization. These challenges are further compounded by the inability to capture future resource dynamics and limited visibility across multiple domains. To address these challenges, we propose a novel multi-objective framework for SFC placement that jointly considers latency and resource utilization. The framework integrates Transformer-based prediction with linear programming (LP) to explicitly model future deployability, enabling proactive and globally informed placement decisions. In addition, a dynamic modeling mechanism is developed using domain-aware detection and graph autoencoders (GAEs) to capture evolving network topologies and cross-domain structural dependencies. A Pareto-based optimization strategy is further employed to systematically balance latency and resource efficiency across heterogeneous domains and varying workload conditions. Extensive experiments across multiple network scales and diverse SFC configurations demonstrate that the proposed framework achieves a superior trade-off between latency and deployment capability, while improving scalability, robustness, and long-term resource efficiency in dynamic and large-scale CDN environments. | 10.1109/TNSM.2026.3708714 |
| Domenico Tortola, Mauro Orrù, Paolo Mori, Laura Ricci | E-CUBE: A Cross-Chain Erasmus+ Management System | 2026 | Early Access | Educational institutions Protocols Management Blockchains Timing Gases Costing Costs Consortia Finance Blockchain Layer 2 Cross-chain Cosmos Erasmus+ | This paper presents E-CUBE (Erasmus+ through Cosmos Unified Blockchain Environment), a decentralized application for managing the student mobility in the context of the Erasmus+ program using blockchain technology and crosschain solutions. Built on the Cosmos framework and its Inter- Blockchain Communication protocol, E-CUBE enables seamless interoperability between independent blockchain networks operated by national university consortia for Erasmus+ program management. Each university consortium runs its own customized blockchain, reflecting country-specific regulations, while a shared hub chain facilitates secure and verifiable cross-chain exchanges. The system supports and automates critical Erasmus+ processes, such as student registration, Erasmus+ application submission, Learning Agreement management, and credit transfer— in order to reduce manual workload and ensure consistency across institutions. E-CUBE’s architecture also supports dynamic operations like extending or ending a mobility period early, with all data synchronized across chains via cross-chain exchanges. A working prototype was developed and deployed in a distributed environment, obtained by deploying a total of 10 nodes across the entire European territory, in order to simulate realistic cross-border mobility scenarios. Experimental evaluations show that the system maintains low latency, and incurs minimal gas fees per operation, confirming its technical feasibility and efficiency for real-world deployment in higher education. | 10.1109/TNSM.2026.3710003 |
| Jeffrey Redondo, Nauman Aslam, Juan Zhang, Zhenhui Yuan | Optimising QoS in HD Map Updates: Cross-Layer Multi-Agent with Multi-task and Mixed-Dependence (MTMD) | 2026 | Early Access | Optimization Timing High definition video Quality of service Media Access Control Information rates Throughput Vehicles Modeling Videos Edge computing HD map hierarchical learning latency multi-agent offloading reinforcement learning | High-definition (HD) maps generated from autonomous vehicle (AV) sensor data are essential for enabling high levels of driving automation. However, offloading large volumes of raw sensory data to edge servers in dense vehicular ad hoc networks (VANETs) introduces significant latency due to network congestion and packet collisions. Existing solutions primarily focus on dynamically adjusting the minimum contention window (CWmin), while additional MAC-layer parameters — including the maximum contention window (CWmax) and interframe space number (IFSn) — remain largely underexplored. To address this, we propose a cross-layer multi-agent reinforcement learning (MARL) framework that jointly optimises CWmin–CWmax, IFSn, and transmission waiting time within IEEE 802.11p-compliant bounds. The proposed multi-task mixed-dependence (MTMD) framework decomposes the optimisation problem into specialised subtasks handled by selectively coupled agents, balancing coordination and scalability while avoiding the overhead of fully symmetric MARL or centralised hierarchical controllers. A lightweight orchestration layer coordinates agent interaction with the simulation environment via secure message exchange. Evaluated against standard EDCA and representative RL baselines, MTMD achieves latency reductions of 31%, 49%, 87.3%, and 64% for Voice, Video, HD Map, and Best-Effort traffic, respectively, confirming the effectiveness of structured multi-parameter optimisation for latency-critical vehicular applications. | 10.1109/TNSM.2026.3705270 |
| Gergely Dobreff, Nóra Szlovencsák, Alija Pašić | A Framework for Disaster-Tolerant Slice Placement in Future Networks | 2026 | Early Access | Costing Costs Codes Routing Modeling Joining processes Bandwidth Encoding Network slicing Delays network slicing resiliency placement resource allocation service function chaining (SFC) ILP heuristic | Autonomous vehicles and telesurgery are placing increasing pressure on network operators to ensure that 5G and beyond networks can support a wide range of services with diverse and stringent requirements. Technologies such as Software-Defined Networking (SDN), Network Function Virtualization (NFV), and network slicing are key enablers for building an ecosystem capable of meeting these demanding conditions. Ensuring not only classical Quality of Service (QoS) metrics but also network resiliency is crucial, as failures in shared infrastructures can severely impact critical services. This paper addresses the problem of resilient network slice placement under arbitrary disasters or attacks, modeled as Shared Risk Link Group (SRLG) failure patterns. We propose an approach that guarantees strict end-to-end delay, bandwidth, and computing requirements while minimizing overall resource usage by accounting for potential failure scenarios. To this end, we introduce a Disaster-Tolerant Slice Placement Framework that enables network operators to define their own resilience scenarios and optimize the network accordingly. Several - routing and network coding–based - strategies are proposed and analyzed. We formulate the problem as an Integer Linear Program (ILP), analyze its computational complexity, and develop efficient heuristic algorithms to obtain near-optimal solutions. Extensive simulations demonstrate the effectiveness of the proposed methods in achieving resource-efficient and resilient network slice placement. The results show that high levels of resiliency can be achieved without excessive over-provisioning, positioning the proposed framework as an effective offline planning and benchmarking tool for 5G and beyond network design. | 10.1109/TNSM.2026.3706661 |
| Huijuan Zhu, Chenhao Zheng, Zhongyuan Liu, Yuan Zhang | Reliable Interpretations of Deep Learning-based Malware Detectors via Deep Q-Networks | 2026 | Early Access | Malware Signal detection Modeling Application programming interfaces Operating systems Androids Training Detectors Probability Conferences Android Malware detection Interpretation Deep Q-Networks | Deep learning has become widely used in Android malware detection, but its black-box nature raises trust concerns, limiting its use in critical security areas. To address this, various interpretation methods have been proposed. Unfortunately, these solutions often suffer from inconsistent results and poor adaptability to model updates. In this work, we propose XDQNMal, a Deep Q-Networks (DQN)-based global interpretation framework designed to uncover the critical features that drive decisions in deep learning-based malware detectors. To enhance the reliability of interpretation, XDQNMal captures API call frequency features derived from the runtime behavior of each application (App). Then, it unites a DQN model with the TabPFN detection model to work collaboratively, using variations in detection results as reward signals. These signals guide the DQN model to gradually identify the most impactful features as interpretations for the detection model’s decisions. Our experimental evaluation on real-world datasets demonstrates that the proposed XDQNMal framework generates reliable interpretation for deep learning-based malware detection models. For instance, suppressing the critical features identified by XDQNMal leads to an average decrease of 20.30% in the probability that the malicious sample is predicted as malicious, highlighting the pivotal role these features play in the model’s decision-making. | 10.1109/TNSM.2026.3699408 |
| Emilio Paolini, Andrea Pinto, Luca Valcarenghi, Flavio Esposito | Programmable In-Network Aggregation for Communication-Aware Federated Learning in 5G RANs | 2026 | Early Access | Modeling Timing Training Federated learning Accuracy 5G mobile communication Convergence Aggregates Labeling Point cloud compression Federated Learning Mobile Networks Wireless In-Network Aggregation Grouping | Federated Learning (FL) enables collaborative model training without sharing raw data, making it attractive for privacy-preserving applications at the wireless edge. However, when executed over real 5G networks, FL performance degrades due to uplink congestion, heterogeneous client capabilities, and intermittent connectivity. Most existing approaches attempt to mitigate these issues indirectly by optimizing clients (through adaptive participation, local training, or selection strategies) or by optimizing models (via pruning, quantization, or compression), but they ignore potential network bottlenecks. This paper introduces FLAG, an FL architecture that embeds innetwork aggregation directly into 5G gNodeBs, transforming the network into an active participant in the learning process. In particular, FLAG performs parameter aggregation at line rate within the 5G Service Data Adaptation Protocol layer and incorporates three mechanisms: Partial-Contribution Correction for loss-tolerant averaging, a timer-driven pipeline for real-time scheduling, and a deadline-based grouping strategy to mitigate stragglers. Experiments with realistic wireless emulation show that FLAG achieves up to 5.1× faster time-to-accuracy and maintains accuracy within 0.8% of a loss-free baseline, while reducing gNB-to-server bandwidth by aggregating pergNB rather than per-client. FLAG requires no modifications to clients or the parameter server, demonstrating how 5G-aware system design can make federated learning scalable, efficient, and resilient under real-world wireless conditions. | 10.1109/TNSM.2026.3697723 |
| Arash Heidari, Jamal N. Al-Karaki | NOVA: A Self-Supervised Graph Framework for Real-Time Anomaly Detection in Internet of Vehicles | 2026 | Early Access | Context Internet of Vehicles Modeling Timing Vehicles Labeling Anomaly detection Matrices Vectors Joining processes Internet of Vehicles V2X Security Anomaly Detection Self-Supervised Learning Graph Neural Networks | The Internet of Vehicles (IoV) enables cooperative driving and real-time Vehicle-to-Everything (V2X) communication but remains vulnerable to behavioral and structural anomalies due to its dynamic, decentralized nature. Existing deep learning methods either overlook topological inconsistencies or ignore communication feature fidelity, while random-walk sampling introduces contextual noise. In this paper, we propose Network Observation for Vehicular Anomalies (NOVA), a self-supervised graph-based framework that detects both behavioral and structural anomalies in IoV networks without labeled data. NOVA models vehicular communications as attributed graphs and employs intimacy-guided subgraph sampling to extract meaningful neighborhoods. A Graph Convolutional Network (GCN)–based generative module reconstructs node attributes to reveal behavioral deviations, while a contrastive module validates structural coherence through embedding comparisons of real and perturbed contexts. Their hybrid anomaly score enables accurate, scalable, and real-time detection of compromised nodes. Performance results show that NOVA achieves state-of-the-art performance (98.7% accuracy, 98.1% F1), real-time throughput (~4.7k events/s at 5k msg/s), and strong robustness (AUROC 0.99, AUPRC 0.98, FAR 0.05) with near-linear scalability (≤40 ms latency for 50k vehicles). By integrating generative and contrastive self-supervised learning with context-aware sampling, NOVA significantly enhances IoV security, reliability, and adaptability. | 10.1109/TNSM.2026.3696324 |
| Behrooz Farkiani, Fan Liu, Ke Yang, John DeHart, Jyoti Parwatikar, Patrick Crowley | Hermes: A General-Purpose Proxy-Enabled Networking Architecture | 2026 | Early Access | Tunneling HTTP Joining processes Planing IP networks Internet TCP Architecture Computer architecture Servers Overlay Networking Proxy HTTP Architecture Tunneling Service Delivery MASQUE NDN Envoy | We introduce Hermes, a general-purpose networking architecture that aims to improve service delivery over the Internet. Hermes delegates networking responsibilities from applications and services to proxies and is designed as a portable, adaptable solution to four fundamental challenges of efficient service delivery over the Internet: end-to-end traffic management, backward compatibility, data-plane security and privacy models, and adaptable communication layers. The design centers on an overlay of reconfigurable proxies and HTTP tunneling and proxying techniques, utilizing assisting components to extend proxy functionality when needed. Through prototyping and emulation, we demonstrate that Hermes improves key performance metrics across multiple use cases: it provides backward compatibility through protocol translation and tunneling, improves reliability by delegating retry logic to proxies, enables unified policy-based Layer 3 routing across network segments, and serves as an efficient substrate for future architectures like NDN, facilitating their operation over the Internet. Beyond evaluating Hermes across various use cases, we measured the overhead of Hermes’ HTTP tunneling and proxying mechanisms and found it to be modest, typically under 2 ms per proxy pair traversal in an isolated collocated setup. Although the HTTP proxying and tunneling techniques used by Hermes increase single-connection processing overhead, we also show that, with up to 1,000 concurrent requests, proxies can amortize connection setup time and reduce end-to-end latency by utilizing connection pooling and multiplexing. | 10.1109/TNSM.2026.3705327 |
| Ibirisol Fontes Ferreira, Eiji Oki | Forestall: A Prefetching Scheme for Domain Name System Resolver Cache Services | 2026 | Early Access | Prefetching Timing Servers Modeling Management Measurement Recording Ecosystems Tracking TV Domain name systems service architecture caching time-to-live renewal policy prefetching | The domain name system (DNS) is crucial to accessing Internet services by playing an essential role in facilitating this process for Internet users. Still, it affects the quality of experience within the Internet service chain. This impact includes the role of the resolver component, which can negatively influence the final user experience when consuming services. Some studies have developed strategies to reduce resolution time within the DNS resolver ecosystem by incorporating components into users’ devices to trigger resolution in advance, changing DNS service and cache algorithm implementation, or utilizing a complex and expensive service architecture that is not scalable for local DNS resolvers in edge deployments. This paper proposes a dynamic prefetching scheme called Forestall to reduce misses, including those caused by expired domain translation data, and to improve the overall performance of the resolver cache component. We model the prefetching scheme for DNS resolvers using DNS transactional information. We define a prefetching advising routine that advises on possible domains by observing past request patterns. We introduce two prefetching routines for efficient domain tracking and advising. We introduce miss-based metrics to measure the efficiency of the prefetching scheme and the potential resource trade-off associated with its deployment. The numerical results indicate that the prefetching scheme improves the performance of the DNS resolver cache component compared to well-deployed prefetching solutions on the Internet. Forestall reduces the miss ratio by more than 50%, depending on the dataset. In a specific workload, Forestall’s results with adjusted parameter combinations yield a decrease in the miss ratio of more than 16%, accompanied by a reasonable increase in additional fetches of around 35%. In terms of service latency that users perceive, Forestall achieves a reduction varying between 20% and 49%. | 10.1109/TNSM.2026.3704549 |
| Masoumeh Safkhani, Mohammad Reza Servati, Fatemeh Rezaei | HEIoT: A Novel Three-Factor Authentication Protocol for Enhanced Security in IoT and Next-Generation Networks | 2026 | Early Access | Authentication Internet of Things Protocols Security Smart devices Elliptic curve cryptography Modeling Error correction codes Biometrics Costing of Yuan et al.’s Protocol Authentication Multi-factor authentication Desynchronization attack Insider adversary Traceability attack User impersonation attack Elliptic Curve Cryptography (ECC) | The Internet has a significant impact on contemporary society, enabling a wide range of applications, including advanced cellular networks such as 4G, 5G, and 6G. Since these communications occur over shared or open channels, ensuring secure data exchange is of critical importance, as any weakness in the communication infrastructure may compromise system reliability. Device authentication in the Internet of Things (IoT) and user authentication in smart environments, such as smart homes, remain fundamental security challenges. As the first line of defense, authentication mechanisms must be robust, since vulnerabilities at this stage can expose the entire system to serious threats. To address these challenges, numerous authentication schemes based on cryptographic primitives, including Elliptic Curve Cryptography (ECC), have been proposed. In this paper, we present a comprehensive security analysis of an ECC-based three-factor authentication protocol proposed by Yuan et al. Our analysis shows that the protocol is vulnerable to desynchronization, user impersonation, traceability, and insider attacks, all of which succeed with probability 1 by exploiting at most two protocol phases. To mitigate these weaknesses, we propose an improved authentication scheme, called HEIoT. The proposed scheme is formally analyzed under the Real-or-Random (RoR) model to establish session-key security and is further verified using the Scyther tool. Moreover, a Python-based implementation is provided to demonstrate the practicality of the proposed protocol. Comparative results indicate that HEIoT achieves stronger security while maintaining acceptable communication, computational, and storage overhead. | 10.1109/TNSM.2026.3702041 |
| Jing Zhang, Chao Luo, Rui Shao | MTG-GAN: A Masked Temporal Graph Generative Adversarial Network for Cross-Domain System Log Anomaly Detection | 2026 | Early Access | Anomaly detection Adaptation models Generative adversarial networks Feature extraction Data models Load modeling Accuracy Robustness Contrastive learning Chaos Log Anomaly Detection Generative Adversarial Networks (GANs) Temporal Data Analysis | Anomaly detection of system logs is crucial for the service management of large-scale information systems. Nowadays, log anomaly detection faces two main challenges: 1) capturing evolving temporal dependencies between log events to adaptively tackle with emerging anomaly patterns, 2) and maintaining high detection capabilities across varies data distributions. Existing methods rely heavily on domain-specific data features, making it challenging to handle the heterogeneity and temporal dynamics of log data. This limitation restricts the deployment of anomaly detection systems in practical environments. In this article, a novel framework, Masked Temporal Graph Generative Adversarial Network (MTG-GAN), is proposed for both conventional and cross-domain log anomaly detection. The model enhances the detection capability for emerging abnormal patterns in system log data by introducing an adaptive masking mechanism that combines generative adversarial networks with graph contrastive learning. Additionally, MTG-GAN reduces dependency on specific data distribution and improves model generalization by using diffused graph adjacency information deriving from temporal relevance of event sequence, which can be conducive to improve cross-domain detection performance. Experimental results demonstrate that MTG-GAN outperforms existing methods on multiple real-world datasets in both conventional and cross-domain log anomaly detection. | 10.1109/TNSM.2026.3654642 |