TNSM Searchable Index

Author(s)	Title	Year	Publication	Keywords
Yuanhao Liu, Fen Zhou, Micha³ Pi´oro, Cao Chen, Tao Shang, Juan-Manuel Torres-Moreno	Power-Efficient Directed p-Cycle Design Leveraging Loop-Eliminating Flow and Column Generation	2026	Early Access	Joining processes Modeling Protection	As Internet traffic patterns exhibit increasing asymmetry, the directed pre-configured cycle (directed p-cycle) has demonstrated superior effectiveness and flexibility for protection in elastic optical networks (EONs). This paper addresses directed p-cycle protection against single-link failure using a just-enough modulation format (MF) adaptation approach. Unlike the conventional methods that rely on an estimated upper bound for the protection path length of a directed p-cycle, our method accurately calculates the exact length. We introduce a novel mixed integer linear programming (MILP) formulation incorporating a strategically designed loop-eliminating flow (LEF) model, eliminating the need for candidate cycle enumeration. The objective is to jointly minimize power consumption and spare spectrum usage. To solve large-scale instances, we propose two column generation (CG) approaches: MILP-CG, which generates columns via the MILP model and provides a guaranteed performance bound, and De-CG, which uses a fast heuristic decomposition algorithm for high efficiency and scalability. Numerical results show that our method achieves up to 37.14% performance improvement under asymmetric traffic. The proposed CG approaches also exhibit high computational efficiency and near-optimal performance for large-scale traffic.	10.1109/TNSM.2026.3704661
You-Chiun Wang, Meng-Yu Chou	Cooperative Route Management for Profit-Oriented Flows in Multi-Domain SDN Networks	2026	Early Access	Fluid flow Bandwidth Joining processes	This paper investigates SDN for route management in multi-domain networks, where each domain is independently controlled and inter-domain cooperation is required for cross-domain routing. To capture traffic heterogeneity, each flow is associated with a profit.We propose CRM-PF (Cooperative Route Management for Profit-oriented Flows), a framework that jointly maximizes overall achieved profit (OAP) and minimizes packet loss rate (PLR). In CRM-PF, controllers perform intra-domain routing, coordinate cross-domain paths, and reroute flows under congestion. Link bandwidth is allocated based on flow category, unit profit, and demand, with a Nash bargaining game to resolve bandwidth contention on borrowed links. Simulation results show that CRM-PF improves throughput, reduces PLR, and increases OAP over existing methods, demonstrating its effectiveness for profit-oriented routing in multi-domain SDN networks.	10.1109/TNSM.2026.3706677
Huanlin Liu, Bing Ma, Yong Chen, Bo Liu, Haonan Chen, Jiachen Zou	Virtual Network Embedding Based on Hierarchical Reinforcement Learning for Admission Decision and Policy Fine-Tuning in Elastic Optical Network	2026	Early Access	Joining processes Elastic optical networks Algorithms	Network virtualization (NV) provides flexible services for diverse services by decoupling elastic optical network (EON) resources. Virtual optical network embedding aims to allocate the finite resources of EON to sequentially arriving virtual network requests (VNRs) with different resource demands. But existing methods have limitations, such as insufficient global optimization ability and a lack of awareness of link features. We propose a hierarchical reinforcement learning algorithm for admission decision and policy fine-tuning (HRL-ADPT), which achieves efficient virtual optical network embedding through a dual-layer collaborative optimization mechanism and a customized link-aware graph convolutional network (GCN) tailored for EON. The HRL framework decomposes the virtual network embedding process into two stages: 1) The upper-level agent generates admission decision and initial node embedding strategies based on topological and link features extracted by GCN, maximizing the revenue-cost ratio of individual VNR; 2) The lower-level agent dynamically fine-tunes the initial policy in combination with global resource load to optimize long-term resource utilization. The proximal policy optimization (PPO) algorithm is adopted as the basic training method. To address the sparse reward problem, the lower-level agent adopts a multi-objective intrinsic reward function, incorporating the revenue-cost ratio and load balancing to ensure local adjustments align with global objectives. Simulation experiments show that the proposed algorithm outperforms the compared NRM-VNE, MCTS-VNE, and HCMARL-VNE algorithms in terms of acceptance ratio, revenue-cost ratio, and spectrum utilization ratio.	10.1109/TNSM.2026.3706998
Hwejae Lee, Seonghoon Jeong, Huy Kang Kim	J1939DB-IDS: SAE J1939 Dual-Branch Intrusion Detection System against Novel Attacks	2026	Early Access	Modeling Controller area networks Transformers	The Society of Automotive Engineers J1939 (SAE J1939) protocol is widely adopted in commercial vehicles, extending the controller area network (CAN) with specialized message types and transport mechanisms. Despite its prevalence, security research for SAE J1939 remains insufficient compared to CAN. We address this gap by building three datasets that contain 11 realistic protocol-specific attack scenarios. We propose an unsupervised representation-learning-based intrusion detection system (IDS) utilizing a dual-branch autoencoder with few-shot threshold calibration. The model compresses categorical features through a 1D-convolutional neural network and continuous features through a Transformer encoder, reconstructing fused representations to detect anomalies through reconstruction loss. By leveraging SAE J1939-specific fields such as parameter group numbers (PGN) and source addresses, the system captures complex inter-signal relationships. On three datasets, our model achieves an average F1-score of 0.9871, consistently outperforming state-of-the-art methods. Benchmarks on an NVIDIA Jetson AGX Xavier confirm real-time feasibility. These results validate our protocol-aware feature strategy, offering a scalable and deployable IDS for commercial vehicle networks.	10.1109/TNSM.2026.3706666
Gergely Dobreff, Nóra Szlovencsák, Alija Pašić	A Framework for Disaster-Tolerant Slice Placement in Future Networks	2026	Early Access	Costing Costs Codes	Autonomous vehicles and telesurgery are placing increasing pressure on network operators to ensure that 5G and beyond networks can support a wide range of services with diverse and stringent requirements. Technologies such as Software-Defined Networking (SDN), Network Function Virtualization (NFV), and network slicing are key enablers for building an ecosystem capable of meeting these demanding conditions. Ensuring not only classical Quality of Service (QoS) metrics but also network resiliency is crucial, as failures in shared infrastructures can severely impact critical services. This paper addresses the problem of resilient network slice placement under arbitrary disasters or attacks, modeled as Shared Risk Link Group (SRLG) failure patterns. We propose an approach that guarantees strict end-to-end delay, bandwidth, and computing requirements while minimizing overall resource usage by accounting for potential failure scenarios. To this end, we introduce a Disaster-Tolerant Slice Placement Framework that enables network operators to define their own resilience scenarios and optimize the network accordingly. Several - routing and network coding–based - strategies are proposed and analyzed. We formulate the problem as an Integer Linear Program (ILP), analyze its computational complexity, and develop efficient heuristic algorithms to obtain near-optimal solutions. Extensive simulations demonstrate the effectiveness of the proposed methods in achieving resource-efficient and resilient network slice placement. The results show that high levels of resiliency can be achieved without excessive over-provisioning, positioning the proposed framework as an effective offline planning and benchmarking tool for 5G and beyond network design.	10.1109/TNSM.2026.3706661
Shi-Xin Huang, Te-Chuan Chiu, Jing-Chih Lin, Cheng-Hsuan Kuo	EdgeCookie: A Mitigation Solution Against Threatening TCP DDoS Attack in Edge Cloud	2026	Early Access	Servers Switches TCP	With the explosive growth of GenAI service requirements, the demand for digital infrastructure and cloud resources continues to increase. At the same time, distributed denial-of-service (DDoS) attacks – particularly TCP-based vectors such as SYN flood and emerging TCP distributed reflective denial-of-service (DRDoS) – have surged, posing a significant threat to service availability. Current mitigation strategies often fall short in effectively countering both attack types. Although the proliferation of edge computing offers opportunities to deploy mitigation closer to attack sources, it also introduces synchronization challenges across distributed edge servers. In this paper, we propose EdgeCookie, an edge-centric TCP flood attack mitigation architecture. EdgeCookie can mitigate TCP SYN floods, ACK floods, and emerging TCP reflection amplification attacks. Unlike existing switch-based defenses, EdgeCookie requires no specific hardware, making it suitable for running in resource-limited edge clouds. In the core mechanism, we introduce a novel HybridCookie that effectively solves synchronization challenges across distributed edge servers. Experimental results demonstrate that EdgeCookie can mitigate both TCP SYN flood and emerging TCP reflection amplification attacks without facing false positive issues, while maintaining high throughput and adding negligible latency to legitimate traffic.	10.1109/TNSM.2026.3706627
Ashiqur Rahaman Ridoy, Arnab Kumar Biswas	Adaptive Intrusion Detection Systems: Leveraging Meta-Learning for Improved Cybersecurity	2026	Early Access	Modeling Fluid flow Labeling	In the evolving landscape of cybersecurity, the integration of machine learning (ML) into Intrusion Detection Systems (IDS) has become critical for detecting both known and unknown attacks. This paper proposes a novel multi-stage hybrid IDS framework combining unsupervised anomaly detection, supervised classification, and low-shot adaptation for enhanced resilience to concept drift. The architecture comprises three interconnected stages: Stage 1 (unsupervised anomaly gating) and Stage 2 (supervised taxonomy learning) operate in parallel on a shared harmonized feature space; Stage 3 (Hybrid Low-Shot Adapter (H-LSA)) performs low-shot adaptation when the Stage 1 trigger fires, using transferred Stage 2 weights and a prototype-based cosine-kNN jury. Within the meta-learning family, we instantiate a metric-based low-shot adaptation approach eschewing second-order Model-Agnostic Meta-Learning (MAML) in favor of a partial-freeze, first-order protocol with a prototype-based cosine-kNN jury to enable rapid, low-resource adaptation. Extensive experiments were conducted on the CICIDS2017 (Source), CSECIC-IDS2018 (Target), and the modern BCCC-cPacket-Cloud-DDoS-2024 (Target) datasets (hereafter referred to as BCCC-2024). The results demonstrate that while static Stage 2 models suffer catastrophic failure under concept drift (dropping to 45.36% and 38.32% accuracy on CICIDS2018 and harmonized BCCC-2024, respectively), the proposed framework successfully adapts to new environments, achieving 90.64% accuracy on CICIDS2018 (Macro-F1: 0.8981) and 89.70% on BCCC-2024 (Macro-F1: 0.8801) with a low-resource support set of only 500 labeled samples per class. Furthermore, the system exhibits high computational efficiency, achieving a Stage 3 adapted inference latency between 0.0786 ms and 0.1667 ms per flow across diverse traffic profiles, proving its suitability for real-time, scalable deployment in modern cloud and edge network infrastructures.	10.1109/TNSM.2026.3706597
Yiyang Li, Wei Wang, Yibo Wang, Qiaojun Hu, Weiliang Zhang, Yongli Zhao, Xiaoyu Wang, Jie Zhang	Computing-State Driven Proactive Congestion Control for AI Cluster Interconnect Networks	2026	Early Access	Timing Modeling Fluid flow	The rapid upgrade of computing power and the prosperity of large language model (LLM) in data center networks (DCNs) lead to a rigorous demand for ultra-low latency and high throughput. To mitigate the overhead of collective communication during distributed training (DT), Remote Direct Memory Access (RDMA) has been widely adopted in DCNs. Particularly, congestion control algorithms (CCAs) designed for RDMA have attracted much attention to mitigate performance deterioration under network congestion. However, through comprehensive analysis, we investigate that, due to sluggish end-to-end reaction and slow rate convergence, existing widely used reactive CCAs have several limitations in handling bursty traffic (e.g., AllReduce). Specifically, excessive packets are transmitted before senders activate the reaction and converge to the fair rate, which builds up a deep queue and may incur subsequent significant throughput loss. In this paper, we propose a computing-state driven proactive congestion control (CSPCC) with easy deployability. CSPCC consists of the congestion prediction module and the active congestion response module. It leverages current computing state to predict network congestion time and inform corresponding sources in advance. We provide a detailed introduction to the implementation of CSPCC. Then, we conducted small-scale hardware tests and large-scale simulations to evaluate the performance of CSPCC. On our testbed, under NCCL-TESTs, CSPCC improves throughput by 1.67%–13.35% and decreases switch queue occupancy by 28.33%–58.33% compared to DCQCN. Furthermore, under concurrent multi-job LLaMA training, it reduces end-to-end job completion time (JCT) by 5.3%–9.0%.	10.1109/TNSM.2026.3705429
Victor Le Pochat, Simon Fernandez, Samaneh Tajalizadehkhoob, Lieven Desmet, Andrzej Duda, Wouter Joosen, Maciej Korczyński	Evaluating design decisions and bias resistance for passive DNS-based domain rankings	2026	Early Access	Ranking (statistics) Measurement Design methodology	’Top sites’ rankings of the most popular domains are a core resource for the large-scale measurements that are crucial in Web and Internet research. Recent rankings evolved towards using passive DNS traffic data, but this data’s suitability for measuring website popularity is poorly understood. In this paper, we holistically evaluate how design decisions influence the composition and desired properties of passive DNS-based domain rankings. We isolate the effects of these decisions by generating a ranking from the ground up using aggregated “post-recursor” passive DNS data. We confirm that decisions for bucketing and aggregation produce more stable rankings, and see that corrections for resolver caching, CDNs, and service classification strongly impact suitability for Web measurements. We further analyze the resistance of rankings to inadvertent biases or even active manipulation, and find that design choices such as TTL weighting severely impact robustness. Our goal is to give transparent insight into the process of using passive DNS data for domain rankings, as a framework for the research community to understand how to develop future rankings that address their needs.	10.1109/TNSM.2026.3705306
Charitha Elvitigala, Ibrahim Khalil, Shehan Edirimannage, Mohammed Atiquzzaman, Wathsara Daluwatta	Differentially Private Model Recombination as a Service for Trustable and Federated Learning in Next-Generation Networks with Non-IID Data	2026	Early Access	Federated learning Modeling Privacy	Next-generation networks demand federated learning (FL) frameworks that ensure both privacy and robustness under heterogeneous non-IID data. Traditional FL approaches, such as FedAvg, suffer significant accuracy degradation in non-IID settings, while naive differential privacy (DP) mechanisms reduce model utility. To address this, we propose Differentially Private Model Recombination as a Service (DP-MRaaS), which integrates layer-wise model recombination, adaptive DP, and a Thompson sampling controller. DP-MRaaS dynamically alternates between aggregation and recombination while allocating noise and clipping based on loss improvements. The service abstraction exposes these decisions as controllable management functions for privacy-aware model training in network and service management systems. Theoretical analysis confirms convergence rates comparable to FedAvg, and extensive experiments on CIFAR-10 and Fashion-MNIST demonstrate its effectiveness. On CIFAR-10 CNN, DP-MRaaS achieves 57.78 ± 0.51% accuracy under IID, matching FedAvg (57.78%) while preserving (ϵ, δ) = (3.5, 10−5) privacy. On CIFAR-10 ResNet-18, DP-MRaaS attains 66.57 ± 0.54% (IID) and 61.30 ± 0.30% (Balanced Non-IID), competitive with FedAvg-DP (66.70%, 61.84%) and Ditto-DP (66.86%, 61.76%). On Fashion-MNIST, DP-MRaaS achieves 90.52±0.10% (IID) and 90.02±0.07% (Balanced Non-IID), the highest among DP-enabled methods. A five-way ablation study confirms that recombination is the primary accuracy driver (+8.6% on ResNet-18), while adaptive DP preserves utility with < 0.1% degradation on CNN. These results show that DP-MRaaS achieves a superior balance between accuracy, stability, and privacy, advancing the trustability of FL for service management in next-generation networks.	10.1109/TNSM.2026.3704963
Qing Chen, Hua Wu, Tian Tian, Anting Lu, Guang Cheng, Xiaoyan Hu	A Generalized Video Platform Identification Method over Obfuscated Encrypted Protocols in Real-world Networks	2026	Early Access	Modeling Videos Fluid flow	Despite platforms adopt encryption protocols such as TLS to protect user privacy, adversaries can still infer user preferences through platform identification attacks. To obtain enhanced privacy, a lot of users employ obfuscated encrypted protocols, such as encrypted proxies and virtual private networks. However, existing state-of-the-art platform identification methods are only effective in laboratory-closed networks. In real-world networks, their performance degrades significantly when confronted with unknown obfuscated encrypted protocols or dynamic transmission paths. In addition, asymmetric routing also substantially weakens their effectiveness, which is a prevalent scenario in real-world networks. To overcome these challenges, this paper introduces a generalized method for identifying encrypted video streams over obfuscated encrypted protocols. Our approach achieves this by designing protocol-agnostic and path-agnostic features through granular analysis of video transmission patterns. Specifically, we first extract the inherent transmission patterns from unidirectional flows. Subsequently, we derive robust statistical features from temporal and spatial dimensions, respectively. Finally, these features are used to train a machine-learning-based classifier. Our experimental results demonstrate that the proposed method achieves a classification accuracy exceeding 98% against both unknown obfuscated encrypted protocols and dynamic transmission paths. Compared with the state-of-the-art methods, our method requires only 15% of the storage and 74% of the computational time while delivering superior performance. These findings reveal significant privacy vulnerabilities in obfuscated encrypted protocols and underscore the urgent need for developing more advanced security mechanisms to provide users with stronger anonymity services.	10.1109/TNSM.2026.3705064
Behrooz Farkiani, Fan Liu, Ke Yang, John DeHart, Jyoti Parwatikar, Patrick Crowley	Hermes: A General-Purpose Proxy-Enabled Networking Architecture	2026	Early Access	Tunneling HTTP Joining processes	We introduce Hermes, a general-purpose networking architecture that aims to improve service delivery over the Internet. Hermes delegates networking responsibilities from applications and services to proxies and is designed as a portable, adaptable solution to four fundamental challenges of efficient service delivery over the Internet: end-to-end traffic management, backward compatibility, data-plane security and privacy models, and adaptable communication layers. The design centers on an overlay of reconfigurable proxies and HTTP tunneling and proxying techniques, utilizing assisting components to extend proxy functionality when needed. Through prototyping and emulation, we demonstrate that Hermes improves key performance metrics across multiple use cases: it provides backward compatibility through protocol translation and tunneling, improves reliability by delegating retry logic to proxies, enables unified policy-based Layer 3 routing across network segments, and serves as an efficient substrate for future architectures like NDN, facilitating their operation over the Internet. Beyond evaluating Hermes across various use cases, we measured the overhead of Hermes’ HTTP tunneling and proxying mechanisms and found it to be modest, typically under 2 ms per proxy pair traversal in an isolated collocated setup. Although the HTTP proxying and tunneling techniques used by Hermes increase single-connection processing overhead, we also show that, with up to 1,000 concurrent requests, proxies can amortize connection setup time and reduce end-to-end latency by utilizing connection pooling and multiplexing.	10.1109/TNSM.2026.3705327
Jeffrey Redondo, Nauman Aslam, Juan Zhang, Zhenhui Yuan	Optimising QoS in HD Map Updates: Cross-Layer Multi-Agent with Multi-task and Mixed-Dependence (MTMD)	2026	Early Access	Optimization Timing High definition video	High-definition (HD) maps generated from autonomous vehicle (AV) sensor data are essential for enabling high levels of driving automation. However, offloading large volumes of raw sensory data to edge servers in dense vehicular ad hoc networks (VANETs) introduces significant latency due to network congestion and packet collisions. Existing solutions primarily focus on dynamically adjusting the minimum contention window (CWmin), while additional MAC-layer parameters — including the maximum contention window (CWmax) and interframe space number (IFSn) — remain largely underexplored. To address this, we propose a cross-layer multi-agent reinforcement learning (MARL) framework that jointly optimises CWmin–CWmax, IFSn, and transmission waiting time within IEEE 802.11p-compliant bounds. The proposed multi-task mixed-dependence (MTMD) framework decomposes the optimisation problem into specialised subtasks handled by selectively coupled agents, balancing coordination and scalability while avoiding the overhead of fully symmetric MARL or centralised hierarchical controllers. A lightweight orchestration layer coordinates agent interaction with the simulation environment via secure message exchange. Evaluated against standard EDCA and representative RL baselines, MTMD achieves latency reductions of 31%, 49%, 87.3%, and 64% for Voice, Video, HD Map, and Best-Effort traffic, respectively, confirming the effectiveness of structured multi-parameter optimisation for latency-critical vehicular applications.	10.1109/TNSM.2026.3705270
Ryotaro Taniguchi, Takeru Inoue, Kazuya Anazawa, Eiji Oki	Terminal Shuffling for Twisted and Folded Clos Network Design: Guaranteeing Blocking Probability under Different Request Active Rates	2026	Early Access	Switches Probability Design methodology	Optical circuit switching (OCS) is being used in some data center networks due to its low power consumption, low latency, and high bandwidth. Previous research introduced a design model for a twisted and folded Clos network (TF-Clos) as a data center network to maximize the switching network size, i.e., the number of connected terminals, while guaranteeing the admissible blocking probability. The previous model assumes that the request active rates from all the terminals are identical. However, it is an overly conservative design when the active rates differ, resulting in a smaller switching network size than desired. This paper proposes a terminal-shuffling (TS) scheme for designing an OCS TF-Clos network with an admissible blocking probability guarantee, which supports different active rates. Each terminal can arbitrarily choose any leaf switch to connect, enhancing the flexibility of the network design to accommodate heterogeneous active rates across different terminals. A patch panel or direct termination by operators can wire optical fibers between the terminals and the leaf switches. We formulate a TS-based TF-Clos design problem to maximize the switching network size. We develop an approximation approach to find a feasible solution to the optimization problem. Numerical results demonstrate that the switching network size of the proposed TS scheme is larger than that of baseline schemes.	10.1109/TNSM.2026.3704894
Ibirisol Fontes Ferreira, Eiji Oki	Forestall: A Prefetching Scheme for Domain Name System Resolver Cache Services	2026	Early Access	Prefetching Timing Servers	The domain name system (DNS) is crucial to accessing Internet services by playing an essential role in facilitating this process for Internet users. Still, it affects the quality of experience within the Internet service chain. This impact includes the role of the resolver component, which can negatively influence the final user experience when consuming services. Some studies have developed strategies to reduce resolution time within the DNS resolver ecosystem by incorporating components into users’ devices to trigger resolution in advance, changing DNS service and cache algorithm implementation, or utilizing a complex and expensive service architecture that is not scalable for local DNS resolvers in edge deployments. This paper proposes a dynamic prefetching scheme called Forestall to reduce misses, including those caused by expired domain translation data, and to improve the overall performance of the resolver cache component. We model the prefetching scheme for DNS resolvers using DNS transactional information. We define a prefetching advising routine that advises on possible domains by observing past request patterns. We introduce two prefetching routines for efficient domain tracking and advising. We introduce miss-based metrics to measure the efficiency of the prefetching scheme and the potential resource trade-off associated with its deployment. The numerical results indicate that the prefetching scheme improves the performance of the DNS resolver cache component compared to well-deployed prefetching solutions on the Internet. Forestall reduces the miss ratio by more than 50%, depending on the dataset. In a specific workload, Forestall’s results with adjusted parameter combinations yield a decrease in the miss ratio of more than 16%, accompanied by a reasonable increase in additional fetches of around 35%. In terms of service latency that users perceive, Forestall achieves a reduction varying between 20% and 49%.	10.1109/TNSM.2026.3704549
Ibirisol Fontes Ferreira, Cassio Vinicius Serafim Prazeres, Maycon Leone Maciel Peixoto, Eiji Oki, Gustavo Bittencourt Figueiredo	Narrow: A Fair Routing Multicast Algorithm for Distributed Interactive Applications in Edge Networks	2026	Early Access	Delays Algorithms Timing	Recent research in networking has increasingly focused on addressing the challenges of edge network services. A crucial issue in this context is routing, which must account for quality-of-service requirements. In particular, multicast routing provides optimized network services for groups of people using the same application, which is advantageous for operators and application providers. However, latency-constrained routing poses challenges when integrating diverse requirements into the routing computation, particularly when fairness among users is required. This work addresses the fairness requirement in multicast-overlaid and virtualized networks by presenting a solution that improves the equity of group interactions in the routing service. Our proposal, named Narrow, achieves fairer group interaction by selecting improved path options for multicast routing in edge networks. We compared Narrow with the Fair Shortest Path Tree (FSPT) and Chains algorithms from related studies on delay-constrained routing. Simulations indicated that Narrow reduced the inter-destination delay deviation by up to 84% and 49% relative to FSPT and Chains, respectively, across topologies of varying sizes. Similarly, Narrow improved by more than 99% against FSPT and by 70% against Chains across topologies with varying node degrees. Depending on the number of allowed alternative paths, Narrow reduced the inter-destination delay deviation by more than 99% compared with FSPT and by 38% compared with Chains. In emulated distributed interactive application session experiments, Narrow delivered the fairest response time, reducing it by 89% and 86% relative to FSPT and Chains, respectively. Furthermore, fairness in players’ scores improved by 20% and 16%, respectively, yielding more equitable group interaction from the application’s perspective.	10.1109/TNSM.2026.3704927
Guofu Zhu, Wenting Shen, Jiewang Cai, Zhiquan Liu, Ye Su, Jinlu Liu	EPVFL: Efficient Privacy-Preserving and Verifiable Federated Learning	2026	Early Access	Federated learning Modeling Privacy	Federated learning (FL), as a distributed machine learning paradigm, has gained widespread adoption due to its ability to retain user data locally, thereby protecting privacy, while collaboratively training a global model through gradient sharing. However, existing studies have shown that attackers may obtain privacy information from the gradients, and malicious server may return erroneous aggregated results, compromising federated learning model. Although prior studies have addressed privacy preservation and aggregated result verification, these methods often incur significant computation and communication overhead on the user side. In this paper, we propose an efficient privacy-preserving and verifiable federated learning (EPVFL) scheme. Specifically, we group the gradients and employ polynomial encryption to achieve efficient privacy protection. Furthermore, we design a lightweight verification mechanism where users only need to perform lightweight local computation without interaction and transmit just a floating-point vector to verify the correctness of the aggregated gradient. EPVFL supports users going offline at any time, while online users can still obtain the correct aggregated gradient without incurring additional computation or communication overhead. Finally, through security analysis and experiments on real datasets, we demonstrate the correctness, verifiability, and privacy protection of EPVFL. Experiment results indicate that EPVFL protects privacy without sacrificing model accuracy and significantly reduces the computation and communication overheads on the user side compared to the related schemes.	10.1109/TNSM.2026.3704994
Heng Xu, Chengze Du, Zhiwei Yu, Letian Li, Ying Zhou, Bo Liu, Jialong Li	Distributed Flow Control for Efficient DNN Training Scheduling	2026	Early Access	Schedules Scheduling Training	Distributed Deep Neural Network (DNN) training generates periodic, long-lived, and interdependent flows that contrast sharply with the short, bursty, and independent flows typical of traditional cloud services. Existing flow scheduling methods, optimized for cloud traffic, struggle to handle the structured communication of DNN workloads, while static schedulers remain brittle under the computation jitter and stochasticity inherent in multi-tenant AI clusters. We propose a distributed traffic control and scheduling framework called PQ, which shifts from fragile global synchronization to a token-based queuing concept. PQ utilizes standard priority queues in commercial switches as elastic buffers, dynamically mapping task urgency to traffic priorities based on specific scheduling policies, such as minimizing waiting time, thereby accelerating efficiency. Results show that PQ achieves stable communication interleaving 3.6× to 8.8× faster than reactive baselines like MLTCP and FQ. Furthermore, it significantly optimizes performance by reducing average iteration time by up to 29.2% while maintaining higher link utilization.	10.1109/TNSM.2026.3704403
Weina Meng, Jiawen Shi, Xiaoqun Chen, Weinan Liu, Jiangjun Yuan	Time Period Selected Aggregation for Providing Hierarchical and Differentiated Services in Mobile Sensing	2026	Early Access	Modeling Timing Protocols	With the advancement of smart terminals and wireless networking technologies, mobile sensing has gained increasing popularity. A myriad of applications have emerged based on mobile sensing, with particular attention being drawn to data aggregation applications. Over the years, numerous studies have been conducted, ranging from initial approaches that did not address the issue of untrusted aggregators to more recent solutions capable of handling such challenges. In this paper, we introduce two novel types of data aggregation applications designed to offer hierarchical and differentiated services, alongside proposing two corresponding protocols equipped with privacy-preserving capabilities. These protocols ensure the protection of mobile users’ privacy concerning their sensed data in the presence of an untrusted aggregator, and are resilient against collusion attacks. Our protocols achieve constant key storage overhead (only 1 key per user), in stark contrast to other state-of-the-art schemes where the overhead grows linearly with the number of service levels. We perform a performance analysis of the proposed protocols using the building block protocol as a benchmark, which demonstrates their efficiency: each mobile user incurs a total energy cost of approximately 62.0 mJ per reporting round, with an average end-to-end aggregation latency of less than 10 milliseconds, demonstrating that the proposed protocols can be used in practical settings. While the proposed protocols rely on a trusted authority, a common assumption in existing privacy-preserving aggregation schemes, future work will explore decentralized key management to support fully trustless environments.	10.1109/TNSM.2026.3704409
Ishu Gupta, Ashutosh Kumar Singh	Statistical Analysis Driven Prediction Model for Malicious Entity Detection in Cloud Environment	2026	Early Access	Modeling Signal detection Clouds	Data sharing across distinct entities, including clouds, has become a necessity to enhance the performance of enterprises; however, it leads to data protection challenges. In this paper, a novel model aimed at data protection is presented when multiple untrusted parties are involved in the system. The proposed model enables secure data sharing and effective data distribution among the involved entities while minimizing the risk associated with data exposure. It enables the identification of malicious entities responsible for data leakage with high confidence. To this end, an efficient distribution strategy based on object and user selection, incorporating an operative access control mechanism, is proposed. Furthermore, algorithms are designed for the selection of data to be distributed among users. Experimental results demonstrate that the proposed model achieves significant improvements of 31%, 97%, and 64% in success rate, detection rate, and assessment rate, respectively, compared to prior works. Moreover, it reduces data leakage by up to 75% and lowers the error rate by up to 83% for malicious entity detection, while simultaneously enhancing detection performance and capability by up to 32% and 40%, respectively, over existing approaches.	10.1109/TNSM.2026.3704450