Last updated: 2025-04-02 03:01 UTC
All documents
Number of pages: 136
Author(s) | Title | Year | Publication | Keywords | ||
---|---|---|---|---|---|---|
Wei-Che Chien, Gwanggil Jeon, Hsin-Hung Cho | Multi-Objective Optimization of 3D Cell Deployment in Sustainable B5G/6G Networks: Balancing Performance and Sustainability | 2025 | Early Access | Base stations 5G mobile communication Wireless communication Costs Buildings Three-dimensional displays Optical losses Quality of service Computer architecture Backhaul networks Multi-objective optimization 3D cellular deployment NSGA-II Next generation networks Green cellular network | In recent years, the exponential increase in mobile and Internet of Things (IoT) data traffic has placed substantial demands on infrastructure for Internet Service Providers (ISPs). To meet these demands sustainably, it is critical to enhance energy efficiency, resource utilization, and cost-effectiveness while reducing the carbon footprint. Simply adding hardware is not a viable solution. This study introduces an innovative approach to 3D cellular deployment in sustainable B5G/6G networks, designed to optimize Quality of Service (QoS) for users and IoT devices. Although 5G/B5G utilizes millimeter waves for high data rate transmission, their limited coverage and susceptibility to interference from buildings pose unique deployment challenges. To address these, we formulate the 3D cellular deployment problem as a Multi-Objective Optimization (MOO) problem and propose an advanced deployment strategy using VA-NSGA-II, a metaheuristic-based algorithm. By factoring in building interference, Received Signal Strength Indicator (RSSI), coverage, deployment cost, and a balance between performance and sustainability, VA-NSGA-II provides an optimal deployment solution. Simulation results demonstrate that VA-NSGA-II achieves effective deployment performance across various building materials, highlighting its adaptability and effectiveness in different environmental scenarios. | 10.1109/TNSM.2025.3545622 |
Xin Yang, Yimin Guo | IAR-AKA: An Efficient Authentication Scheme for Healthcare Tactile Internet Beyond Conventional Security | 2025 | Early Access | Authentication Security Medical services Tactile Internet Surgery Reliability Impersonation attacks 5G mobile communication Real-time systems Resists Authentication Tactile Internet Elliptic Curve Cryptography Healthcare Implicit Attacks | With the rapid development of 5G technology, the tactile Internet is emerging as a novel form of interaction. Its application, particularly in fields such as healthcare, is extensive, with stringent requirements for real-time and accurate performance. During the transmission and storage of medical data, malicious adversaries may attempt to compromise sensitive patient information, or even disrupt the normal operation of medical devices, posing a threat to patient safety. We have found that although many existing authentication schemes claim and prove to be able to resist various known attacks, they have been found to have security vulnerabilities in subsequent research. This is because these schemes often overlook the existence of implicit attacks, which are a type of attack derived from different combinations or inferences of known attacks. In such a context, designing a lightweight authentication scheme that is secure against implicit attacks becomes crucial. This paper proposes an authentication scheme for the healthcare tactile Internet environment that goes beyond conventional security, named IAR-AKA. We conducted formal security proofs based on session key security and its corresponding implicit attacks. Additionally, we conducted non-formal security analyses based on the relationship between implicit attacks and security goals and used the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool to perform experimental simulations for IAR-AKA, demonstrating its experimentally provable security. Furthermore, detailed performance analysis results indicate that IAR-AKA not only possesses more security attributes against implicit attacks compared to similar solutions in similar contexts but also has lower communication and computation costs. | 10.1109/TNSM.2025.3542796 |
Na Xia, Lei Chen, Meng Li, Yutao Yin, Ke Zhang | Joint Double Auction-Based Channel Selection in Wireless Monitoring Networks | 2025 | Early Access | Monitoring Heuristic algorithms Wireless networks Wireless sensor networks Sensors Resource management Optimization Channel allocation Wireless communication Metaheuristics double auction wireless monitoring network channel selection quality of monitoring distributed algorithm | In wireless networks, utilizing sniffers for fault analysis, traffic traceback, and resource optimization is a crucial task. However, existing centralized algorithms cannot be applied to high-density wireless networks. Therefore, distributed optimization of channel selection to maximize the monitoring rate of sensors in Wireless Monitoring Networks (WMNs) is a challenge. This paper proposes a joint double auction-based distributed channel selection algorithm (J2A-CS) to maximize overall quality of monitoring (QoM). First, sniffers are redundantly deployed in WMNs, and an initial channel allocation strategy is formulated. Subsequently, sniffers collectively act as buyers and sellers at different stages. Finally, buyers bid asynchronously, and sellers settle synchronously to maximize the seller’s marginal revenue and update the channel selection scheme. As a distributed channel selection algorithm, J2A-CS addresses the highest overall QoM issue in WMNs, demonstrating high scalability and fault tolerance. Simulation results show that J2A-CS significantly improves QoM compared to existing distributed algorithms and outperforms centralized algorithms in high-density scenarios. | 10.1109/TNSM.2025.3542821 |
Giampaolo Bovenzi, Francesco Cerasuolo, Domenico Ciuonzo, Davide Di Monda, Idio Guarino, Antonio Montieri, Valerio Persico, Antonio Pescapé | Mapping the Landscape of Generative AI in Network Monitoring and Management | 2025 | Early Access | Surveys Monitoring Artificial intelligence Stakeholders Organizations Data models Training Analytical models Generative AI Biological system modeling Generative AI Networking LLM GPT Diffusion Models Traffic Classification Intrusion Detection | Generative Artificial Intelligence (GenAI) models such as LLMs, GPTs, and Diffusion Models have recently gained widespread attention from both the research and the industrial communities. This survey explores their application in network monitoring and management, focusing on prominent use cases, as well as challenges and opportunities. We discuss how network traffic generation and classification, network intrusion detection, networked system log analysis, and network digital assistance can benefit from the use of GenAI models. Additionally, we provide an overview of the available GenAI models, datasets for largescale training phases, and platforms for the development of such models. Finally, we discuss research directions that potentially mitigate the roadblocks to the adoption of GenAI for network monitoring and management. Our investigation aims to map the current landscape and pave the way for future research in leveraging GenAI for network monitoring and management. | 10.1109/TNSM.2025.3543022 |
Jiajun Chen, Chunqiang Hu, Weihong Sheng, Ruinian Li, Ruifeng Zhao, Jiguo Yu | A Trust-Based Personalized Differential Privacy Guarantees for Online Social Networks | 2025 | Early Access | Privacy Protection Social networking (online) Data privacy Differential privacy Servers Social factors Human factors Diseases Robustness Online social networks differential privacy direct trust calculation indirect trust inference personalized privacy-aware mechanism | Online social networks have emerged as a significant data source, but the extensive collection and utilization of personal information have given rise to profound concerns regarding privacy. From a legislative and policy perspective, and in alignment with the concept of privacy as control, users have the right to control their personal privacy information. However, users often encounter challenges in terms of understanding and effectively managing their privacy settings to align with their specific privacy requirements. To address this issue, in this paper, we incorporate the concept of trust and propose a trust-based personalized differential privacy model for online social networks, denoted as TPDP, which relies on a trusted central server to facilitate its operation. Specifically, when a user requests access to another user’s personal information, the TPDP mechanism provides a privacy response, where the privacy level is determined based on the direct and indirect trust values among users, calculated automatically by the trusted central server. Furthermore, the proposed TPDP model offers user-to-user personalized differential privacy protection from the perspectives of network structures, trust-related factors, and trust propagation patterns. Finally, we validate the model’s feasibility and assess the privacy-utility trade-off, as well as its robustness against attacks, through theoretical analysis and performance evaluation. | 10.1109/TNSM.2025.3543844 |
Amina Hentati, Amin Ebrahimzadeh, Roch H. Glitho, Fatna Belqasmi, Rabeb Mizouni | Deterministic and Dynamic Joint Placement and Scheduling of VNF-FGs for Remote Robotic Surgery | 2025 | Early Access | Surgery Haptic interfaces Robots Dynamic scheduling Quality of service Reliability Costs Heuristic algorithms Network function virtualization Servers Tactile Internet Remote Robotic Surgery (RRS) Network function virtualization (NFV) Latency Reliability Joint Placement and Scheduling Stopping theory | During a Remote Robotic Surgery (RRS) session, multimodal data traffic with different requirements is initiated. In order to achieve a cost-effective deployment of such a system, it is crucial to tailor resource allocation policies based on the different quality of service (QoS) requirements of each data traffic. In this paper, we focus on resource allocation in a 5G-enabled tactile Internet RRS system using network function virtualization (NFV). In particular, we investigate the joint placement and scheduling of Virtualized Network Functions (VNFs) in a RRS system under both deterministic and dynamic settings. An integer linear program (ILP) is used to formulate the problem. Due to its high computational complexity, we first propose an efficient greedy algorithm to solve the ILP under deterministic settings. Simulation results show that our proposed algorithm achieves near-optimal performance and outperforms the benchmark solutions in terms of cost and admission rate. It can reduce cost by up to 37% and improve admission rate by up to 34% while satisfying both latency and reliability constraints. Furthermore, our results show that modeling the multimodal data traffic by multiple VNF Forwarding Graphs (VNF-FGs) with different QoS requirements achieves a significant gain in terms of cost and acceptance rate compared to modeling it by a single VNF-FG with the most stringent requirements. We then considered a dynamic environment where latency variations and traffic arrivals may occur over time. Using the principles of optimal stopping theory, we propose an adaptive dynamic scheduler that is capable of triggering recalculations of the existing optimal solution based on the observed cumulative number of traffic arrivals and latency violations without the need for predictions. Our proposed optimal scheduler minimizes the migration cost compared to other schedulers. | 10.1109/TNSM.2025.3539183 |
Xinrui Dong, Yingxu Lai, Xiao Zhang, Xinyu Xu | Counteracting New Attacks in CPS: A Few-shot Class-incremental Adaptation Strategy for Intrusion Detection System | 2025 | Early Access | Adaptation models Intrusion detection Training Security Power capacitors Feature extraction Incremental learning Visualization Overfitting Hybrid power systems Intrusion detection cyber-physical system incremental learning few-shot learning cyber security | The deep integration of physical devices and communication networks has increased the security risks of cyber-physical systems (CPSs) compared to traditional control systems. Deep learning-based intrusion detection systems (IDSs) play a crucial role in ensuring CPSs security. However, the existing IDSs often rely on known attack features, rendering them unable to withstand emerging new attacks arising from the dynamic evolution of intrusion behaviors. This paper aims to develop an IDSs with high adaptability and strong generalization capabilities, which is capable of rapidly adapting to new attack classes with only a few new samples. To achieve this objective, we propose CAT-IDS, a few-shot class-incremental adaptation strategy for an IDS to counteract new attacks on CPSs. We design a highly symmetric classifier structure for CAT-IDS that can flexibly adjust the classification space to adapt to new attacks. Furthermore, we calibrate the biased distribution formed by a few training samples through statistical feature transfer. In order to prevent the model from forgetting old attack information during the adaptation process, we devise hybrid features for attack detection. These features contain essential information for both old and new class classifications. We demonstrate the effectiveness of CAT-IDS through multiple experiments on three CPSs datasets. The results show that CAT-IDS achieves an average accuracy improvement of approximately 4. 5% compared to the state-of-the-art methods, demonstrating its superior ability to adapt to new attacks while maintaining high performance in classifying existing attacks. | 10.1109/TNSM.2025.3543773 |
Jaidip Kotak, Idan Yankelev, Idan Bibi, Yuval Elovici, Asaf Shabtai | VPN-Encrypted Network Traffic Classification Using a Time-Series Approach | 2025 | Early Access | Telecommunication traffic Virtual private networks Cryptography Payloads Accuracy Internet Long short term memory Protocols Feature extraction Training Network traffic classification Virtual private networks (VPN) Machine learning Encrypted traffic and Cybersecurity | Network traffic classification provides value to organizations and Internet service providers (ISPs). The identification of applications or services from network traffic enables organizations to better manage their business, and ISPs to offer services to their users. Given the vast quantity of traffic flowing in and out of organizations, it is impractical to write manual signatures for traffic identification. The effectiveness of machine learning (ML) in the identification of applications or services from network traffic has been demonstrated. Even when network traffic is encrypted, ML algorithms achieve high accuracy in the task of traffic identification based on statistical information and the packets’ headers and payloads. However, existing approaches were shown to be ineffective for VPN-encrypted network traffic. In this study, we propose a novel time-series based approach for the identification of traffic/source applications on VPN-encrypted traffic. We also demonstrate the broad applicability of our proposed approach by evaluating its effectiveness on non-VPN traffic that is encrypted, and on IoT traffic. | 10.1109/TNSM.2025.3543903 |
Arad Kotzer, Bence Ladóczki, János Tapolcai, Ori Rottenstreich | Addressing Scalability Issues of Blockchains with Hypergraph Payment Networks | 2025 | Early Access | Blockchains Lightning Bitcoin Topology Peer-to-peer computing Network topology Sharding Smart contracts Scalability Micropayments Blockchain Payment Channels Network Algorithms | Payment channels are auspicious candidates in layer-2 solutions to reduce the number of on-chain transactions on traditional blockchains and increase transaction throughput. To construct payment channels, peers lock funds on 2-of-2 multisig addresses and open channels between one another to transact via instant peer-to-peer transactions. Transactions between peers without a direct channel are made possible by routing the payment over a series of adjacent channels. In certain cases, this can lead to relatively low transaction success rates and high transaction fees. In this work, we introduce pliability to constructing payment channels and graft edges with more than two endpoints into the payment graph. We refer to these constructions as hyperedges. We present hyperedge-based topologies to form hypergraphs and compare them to Bitcoin’s Lightning network and other state-of-the-art solutions. The results demonstrate that hyperedge-based implementations can both increase transaction success rate, in addition to decreasing the network cost by more than 50% compared to that of the Lightning Network. | 10.1109/TNSM.2025.3542960 |
Yali Yuan, Yangyang Du, Guang Cheng | Class Incremental Website Fingerprinting Attack Based on Dynamic Expansion Architecture | 2025 | Early Access | Monitoring Fingerprint recognition Feature extraction Accuracy Training Privacy Manuals Deep learning Data models Threat modeling Tor privacy website fingerprinting deep learning class incremental learning | Encrypted traffic on anonymizing networks is still at risk of being exposed to the Website Fingerprinting (WF) attack. This attack can seriously threaten the online privacy of users of anonymity networks such as Tor. While deep-learning-based WF attacks achieve high accuracy in controlled experimental settings, they cannot continuously learn after deployment. In real-world environments, new websites are constantly emerging, requiring attackers to expand their monitoring scope continuously. This necessitates attack models capable of continuous learning and expanding classification capabilities. In this paper, we explore how attackers can leverage incremental class learning techniques to continuously learn new classes while retaining the ability to distinguish old ones. This approach mitigates the catastrophic forgetting problem in dynamic, open-world scenarios. We introduce a new WF attack, Class Incremental Fingerprinting (CIF), which employs a scalable architecture enabling Class Incremental Learning (CIL) with limited resources. We evaluate this attack in various scenarios, such as learning 100, 200, and 500 monitored website classes across 5 and 10 incremental tasks, achieving an average accuracy of 97.8% and above. Additionally, we assess the CIF attack’s effectiveness in open-world multi-classification scenarios and test it in few-shot settings using the proposed data augmentation method, Mixtam, achieving an average task accuracy of 87.6% and above with only 30 samples per class. | 10.1109/TNSM.2025.3538895 |
Adam Kadi, Lyes Khoukhi, Jouni Viinikka, Pierre-Edouard Fabre | Adapting to the Evolution: Enhancing Intrusion Detection Through Machine Learning in the QUIC Protocol Era | 2025 | Early Access | Denial-of-service attack Protocols Machine learning algorithms Machine learning Floods Computer crime Botnet Accuracy Mathematical models Intrusion detection Machine Learning DDoS QUIC HTTP/3 Cybersecurity Intrusion detection system | The advent of the QUIC protocol may herald a significant shift in the composition of online traffic in the years to come. The transport layer encryption of the QUIC protocol is one of its main evolutions, especially for metadata that was previously transmitted over TCP traffic without encryption. This new protocol has the potential to require significant alterations in future internet traffic analysis methods and impact network intrusion detection. On the other side, Machine learning has been used in several research projects to identify network intrusions, with positive outcomes. However, we must take into account new evolution of network traffic. In this paper, we propose a new approach that employs supervised machine learning algorithms to identify flows generated by bots interacting with a web server during a DDoS attack, focusing on the challenges posed by the QUIC protocol and its implications for effective intrusion detection and cybersecurity. Our contribution in this work is divided into three main parts: 1) A guided process with model architecture for emulating and collecting traffic that depict a range of situations our system may encounter; 2) an analysis module that consists on the creation of two labeled datasets, where observations represent the traffic flows detected in PCAP files. We studied the relevance of different features for these datasets, contributing to a thorough understanding of the quality of the data used; 3) a real world experimention for evaluating the effectiveness of several supervised machine learning algorithms on our datasets. This experimentation allows us to determine which algorithm provides the best prediction results. | 10.1109/TNSM.2025.3540753 |
Jiangang Liu, Hanjiang Luo, Hang Tao, Jiahong Liu, Jiehan Zhou | JLOS: a Cooperative UAV-Based Optical Wireless Communication With Multi-Agent Reinforcement Learning | 2025 | Early Access | Autonomous aerial vehicles Optical fiber communication Atmospheric modeling Reliability Relays Adaptive optics Training Heuristic algorithms Data communication Optical receivers Internet of Things Unmanned Aerial Vehicles Optical Communication Multi-Agent Reinforcement Learning Maritime Data Transmission | In maritime Internet of Things (IoT) systems, leveraging a swarm of Unmanned Aerial Vehicles (UAVs) and optical communication can achieve a variety of potential maritime missions. However, due to the high directionality of the optical beam and interference from the marine environment, the optical link via UAVs as relays is prone to interruption. To address this challenge, we propose a Joint Link Optimization Scheme (JLOS) that includes Wind Disturbance Resistance (WDR) and Adaptive Beamwidth Adjustment (ABA). In WDR, we first model the problem as a Partially Observed Markov Decision Process (POMDP), and then design a collaborative Multi-Agent Reinforcement Learning (MARL) approach to control a swarm of UAVs in windy conditions, to maintain mechanical stability and prevent link interruption. Furthermore, in ABA, to reduce uncertainties from control activities and environmental factors like sunlight and fog, we design an adaptive algorithm using distributed MARL. It adjusts beamwidth based on historical UAV locations and link Bit Error Ratio (BER) to improve communication reliability. Numerical simulations confirm its effectiveness in enhancing robust data transmission. | 10.1109/TNSM.2025.3543160 |
Jun Jiang, Bin Wang, Quan Tang, Guoxiang Zhong, Xuhao Tang, Joel J. P. C. Rodrigues | Incremental Semi-Supervised Learning for Data Streams Classification in Internet of Things | 2025 | Early Access | Streams Data models Heuristic algorithms Classification algorithms Adaptation models Training Accuracy Support vector machines Monitoring Computational modeling Semi-supervised learning data stream chunk-based classification anomaly detection Internet of Things (IoT) | Data stream classification is widely used in Internet of Things (IoT) scenarios such as health monitoring, anomaly detection and online diagnosis. Due to the continuous data stream changing dynamically over time, it is impossible to classify all the data simultaneously. Moreover, labeling each sample in practical data stream applications is time-and resource-consuming. The realistic situation is that only a few instances in a data stream are labeled. Therefore, classifying data streams with limited labels has become challenging in IoT scenarios. In this paper, we propose an incremental dynamic weighted semi-supervised method for classifying IoT data streams. Considering the dynamics and continuity in data streams, we use a chunk-based approach to learn the features in the data stream and assign weights to the classifier dynamically. Moreover, we deploy incremental learning methods to continuously learn from the sampled labeled data stream to update the classifier model, which can take advantage of newly incoming labeled data to improve learning performance. Experimental evaluations on seven IoT datasets show that the proposed method outperforms semi-supervised methods in accuracy, precision, and geometric mean (Gmean) by 10% and 5% over supervised methods, respectively. | 10.1109/TNSM.2025.3546649 |
Jing Mei, Cuibin Zeng, Zhao Tong, Zhibang Yang, Keqin Li | Stackelberg Game-Based Pricing and Offloading for the DVFS-Enabled MEC Systems | 2025 | Early Access | Servers Games Pricing Computational modeling Resource management Energy consumption Optimization Base stations Vehicle dynamics Heuristic algorithms Dynamic voltage and frequency scaling mobile edge computing partial offloading resource allocation stackelberg game | Due to the limited computing resources of both mobile devices (MDs) and the mobile edge computing (MEC) server, devising reasonable strategies for MD task offloading, MEC server resource pricing, and resource allocation is crucial. In this paper, a scenario is considered, comprising multiple MDs and a single MEC server. Each MD has a divisible task in each time slot, allowing for partial offloading and the option to discard parts of the task. The MEC server contains multiple computing units with the same computing power, and its computing resources can be dynamically adjusted through dynamic voltage and frequency scaling (DVFS) according to the size of tasks offloaded by MDs. At any given time slice, a Stackelberg game is formulated based on the strategies of the MDs and the strategy of the MEC server. An iterative evolution algorithm is employed to explore the optimal strategies for MDs and the MEC server. Simulation results demonstrate that both parties can reach an equilibrium state through the game, and these experiments confirm that the algorithm effectively enhances system efficiency. | 10.1109/TNSM.2025.3547568 |
Gerald Tietaa Maale, Noble Arden Elorm Kuadey, Yeasin Arafat, Kwantwi Thomas, Guolin Sun, Guisong Liu | Multi-Task Learning for UAV Trajectory and Caching with Federated Cloud-Assisted Knowledge Distillation | 2025 | Early Access | Autonomous aerial vehicles Optimization Trajectory Data privacy Data models Adaptation models Training Heuristic algorithms Multitasking Federated learning Edge caching federated learning knowledge distillation non-IID spatio-temporal UAV-assisted networks | The proliferation of Internet of Things (IoT) technologies and ubiquitous connectivity has led to unmanned aerial vehicles (UAVs) playing key role as edge servers, revolutionizing the wireless communications landscape by facilitating computing and caching resources closer to ground users (GUs). This advancement significantly alleviates core network loads, reduces latency, and guarantees content availability even in congested or remote areas. However, jointly optimizing UAV caching strategies and trajectories gives rise to a multi-task optimization (MTO) problem. This paper introduces a novel multi-task geo-temporal caching (MT-GTC) framework that addresses the interplay between UAV caching mechanisms and trajectory optimization in a cohesive manner. Leveraging a proposed multi-task learning (MTL) model for joint optimization of UAV caching and trajectory design, we develop a federated learning cloud-assisted knowledge distillation (FL-CAKD) scheme to preserve data privacy and adapt to data heterogeneity. FL-CAKD transfers knowledge from a cloud model orchestrator (CMO), which houses a large and sophisticated teacher model, to a lightweight on-device MTL student models using soft target distributions instead of large model parameters, significantly reducing communication costs. MT-GTC optimizes caching and trajectories to maximize cache hits and minimize latency. Evaluations on real-world mobility datasets demonstrate up to 95% cache hit rates and 21% lower delays compared to baselines. | 10.1109/TNSM.2025.3547743 |
Mengjie Guo, Guochu Shou, Yaqiong Liu, Yihong Hu | An Enhanced Reconfiguration for Deterministic Transmission in Time-Sensitive Networks | 2025 | Early Access | Logic gates Heuristic algorithms Vehicle dynamics Virtualization Routing Jitter Delays Complexity theory Training Runtime Time-sensitive networks (TSN) time-aware shaper (TAS) virtual GCL (VGCL) reconfiguration | Time-aware shaper (TAS) is key to enabling deterministic guarantees in time-sensitive networks (TSN), but it requires precise configuration for specific traffic scenarios. Dynamic traffic scenarios are increasingly commonplace with the rise of emerging applications, necessitating TAS reconfiguration to adapt to the changes in traffic. However, existing mechanisms primarily reconfigure TAS by generating a new gate control list (GCL) and transitioning to it, which may lead to temporary violations of bounds on delay or jitter, providing no persistently deterministic guarantees. In this paper, we propose a novel TAS reconfiguration mechanism with the virtual GCL (VGCL) to satisfy the demands of dynamic traffic while guaranteeing deterministic transmission. It implements TAS reconfiguration for dynamic traffic by embedding different VGCLs into the GCL, avoiding the need for the GCL transition. Thus, the reconfiguration problem is modeled as an embedding problem by using the VGCL and we develop algorithms to solve it. Experimental results demonstrate that our mechanism can well reconfigure TAS for dynamic traffic without the GCL transition, and increase the reconfiguration success rate in various scenarios compared with the existing approaches. | 10.1109/TNSM.2025.3547896 |
Sławomir Hanczewski, Maciej Stasiak, Joanna Weissenberg, Michał Weissenberg | Modelling of Heterogeneous 5G Network Slice for Smart Real-Time Railway Communications | 2025 | Early Access | Real-time systems Rail transportation Analytical models 5G mobile communication Quality of service Streams Monitoring Data communication Delays Focusing railway control system 5G slice real-time systems critical flows Markov chain | This paper presents an analytical model for a railway mobile communications system. In line with recent trends, the system’s operation relies on 5G network resources (slices). It efficiently manages critical data streams (flows) that meet the stringent requirements of real-time systems (systems that handle hard and soft real-time services). Additionally, the proposed solution accommodates data with less stringent QoS parameters compared to real-time streams. The analytical model serves as an approximation of the process occurring in the system for servicing flows and has been developed based on the analysis of a Markov chain, where the states correspond to the states of the examined system. Due to the approximate nature of the analytical model, the results derived from it were compared with those obtained from the simulation experiment. | 10.1109/TNSM.2025.3547762 |
Kai Peng, Jialu Guo, Hao Wang, Jintao He, Zhiqing Zou, Tianping Deng, Menglan Hu | Delay-Aware Joint Microservice Deployment and Request Routing in Multi-Edge Environments Based on Reinforcement Learning | 2025 | Early Access | Microservice architectures Routing Cloud computing Optimization Delays Vehicle-to-everything Servers Training Resource management Containers Artificial intelligence and machine learning cloud computing services mobile edge computing microservice deployment request routing | The service modules of the traditional Mobile Edge Computing (MEC) are difficult to deploy, extend, and maintain in real networks because of the highly sophisticated systems. To promote the generalization, openness, and flexibility of the network edge environment, an increasing number of studies are exploring the integration of microservices with MEC. However, the existing work usually treats microservice deployment and request routing as two separate issues, ignoring the interaction between them. Therefore, this paper focuses on the joint optimization of microservice deployment and request routing in the multi-edge cloud scenarios. We establish a problem model for minimizing the average response latency, considering the transmission of requests across edge clouds. Then, in view of the complexity of the scene, this paper proposes a joint training strategy of microservice deployment and request routing based on deep reinforcement learning and Best Fit Decreasing algorithm. The algorithm takes the change of microservice deployment scheme as the action of the agent, introduces the Best Fit Decreasing algorithm to construct request routing based on the deployment scheme, and calculates rewards using the complete joint microservice deployment and request routing scheme for subsequent network training. Finally, experimental results show that the proposed algorithm can effectively reduce the response time delay and system running power compared with other algorithms. | 10.1109/TNSM.2025.3543568 |
Ammar Kamal Abasi, Moayad Aloqaily, Mohsen Guizani | 6G mmWave Security Advancements through Federated Learning and Differential Privacy | 2025 | Early Access | Millimeter wave communication 6G mobile communication Data models Array signal processing Security Predictive models Adaptation models Accuracy Training Privacy 6G Federated Learning (FL) Adversarial machine learning Millimeter-wave (mmWave) Differential Privacy Security | This paper presents a new framework that integrates Federated Learning (FL) with advanced privacy-preserving mechanisms to enhance the security of millimeter-wave (mmWave) beam prediction systems in 6G networks. By decentralizing model training, the framework safeguards sensitive user information while maintaining high model accuracy, effectively addressing privacy concerns inherent in centralized Machine learning (ML) methods. Adaptive noise augmentation and differential privacy principles are incorporated to mitigate vulnerabilities in FL systems, providing a robust defense against adversarial threats such as the Fast Gradient Sign Method (FGSM). Extensive experiments across diverse scenarios, including adversarial attacks, outdoor environments, and indoor settings, demonstrate a significant 17.45% average improvement in defense effectiveness, underscoring the framework’s ability to ensure data integrity, privacy, and performance reliability in dynamic 6G environments. By seamlessly integrating privacy protection with resilience against adversarial attacks, the proposed solution offers a comprehensive and scalable approach to secure mmWave communication systems. This work establishes a critical foundation for advancing secure 6G networks and sets a benchmark for future research in decentralized, privacy-aware machine learning systems. | 10.1109/TNSM.2025.3528235 |
Takanori Hara, Masahiro Sasabe | eBPF-Based Ordered Proof of Transit for Trustworthy Service Function Chaining | 2025 | Early Access | Security Routing Kernel Metadata Polynomials Software Relays Linux Hardware Vectors Service Function Chaining (SFC) extended Berkeley Packet Filter (eBPF) Ordered Proof-of-Transit (OPoT) Segment Routing over IPv6 Data Plane (SRv6) SFC proxy | Service function chaining (SFC) establishes a service path where a sequence of functions is executed according to service requirements. However, SFC lacks a mechanism to ensure proper traversal of relay nodes in the data plane. Misconfigurations and the presence of attackers can lead to forwarding anomalies and path deviation, potentially allowing packets to bypass security network functions in the service path. To mitigate potential security breaches, ordered proof of transit (OPoT) has been proposed as a mechanism to verify whether traffic adheres to the designated path. In this paper, we realize lightweight OPoT-based path verification based on extended Berkeley Packet Filter (eBPF) for trustworthy SFC. Furthermore, by integrating it with the existing SFC proxy, we extend the proposed approach to accommodate both SFC-aware and SFC-unaware virtual network functions (VNFs) in the segment routing over IPv6 data plane (SRv6) domain. Through experiments, we demonstrate the capability of the proposed approach to detect path deviations. Additionally, we reveal the performance limitations of the proposed approach. | 10.1109/TNSM.2025.3550333 |