期刊,Journal of network and systems management 2025年33卷1期_国家学术搜索

期刊信息/Journal information

Journal of network and systems management

Plenum Press

主办单位：Plenum Press

出版周期：季刊

国际刊号：1064-7570

Journal of network and systems management/Journal Journal of network and systems managementEISCI

正式出版

收录年代

33 卷01 期

Enhancing Network Threat Detection with Random Forest-Based NIDS and Permutation Feature Importance

Mohammed Tarek AbdelazizAbdelrahman RadwanHesham MamdouhAdel Saeed Saad...

2.1-2.36页

查看更多>>摘要：Network Intrusion Detection Systems (NIDS) are critical for protecting computer networks from unauthorized activities. Traditional NIDS rely on rule-based signa-tures, which can be limiting in detecting emerging threats. This study investigates the effectiveness of the random forest classifier in advancing NIDS capabilities through machine learning. Using the CICIDS-2017 dataset, the data are preproc-essed to enhance their quality by removing redundancies. feature selection and permutation importance were employed to identify the most relevant features. The methodology involves rigorous testing and analysis of the random forest classifier's performance, focusing on fl-score rates compared to other machine learning mod-els. Results demonstrate that by optimizing class weights, applying a custom predic-tion function and leveraging 26 key features, the random forest classifier achieves an outstanding 99.8% in the weighted fl-score and 93.31% in the macro fl-score in various attack types. This research highlights the potential of machine learning to significantly enhance NIDS effectiveness, offering a robust defense mechanism against evolving cybersecurity threats in modern networks.

原文链接:

NETL
NSTL
Springer Nature

PASE: Pro-active Service Embedding in The Mobile Edge

Oleg KolosovGala YadgarDavid BreitgandDean H. Lorenz...

3.1-3.31页

查看更多>>摘要：Mobile edge computing offers ultra-low latency, high bandwidth, and high reliabil-ity. Thus, it can support a plethora of emerging services that can be placed in close proximity to the user. One of the fundamental problems in this context is maximiz-ing the benefit from the placement of networked services, while meeting bandwidth and latency constraints. In this study, we propose an adaptive and predictive resource allocation strategy for virtual-network function placement comprising services at the mobile edge. Our study focuses on maximizing the service provider's benefit under user mobility, i.e., uncertainty. This problem is NP-hard. Therefore, we propose a heuristic solution: we exploit local knowledge about the likely movements of users to speculatively allocate service functions. We allow the service functions to be allo-cated at different edge nodes, as long as latency and bandwidth constraints are met. We evaluate our proposal against a theoretically optimal algorithm as well as against recent previous work, using widely used simulation tools. Through an extensive simulation study, we demonstrate that under realistic scenarios, an adaptive and pro-active strategy coupled with flexible placement can achieve close-to-optimal benefit.

原文链接:

NETL
NSTL

Security-Aware Cost Optimized Dynamic Service Function Chain Scheduling

Sudha DubbaBalaprakasa Rao Killi

4.1-4.39页

查看更多>>摘要：The idea of network function virtualization has emerged recently as a means of accelerating the deployment of middleboxes and network operations while also low-ering deployment costs. Service function chaining provides network connectivity and steers traffic between the deployed VNF instances to provide a network service. However, integrating NFV within SFC scheduling introduces complexities, particu-larly in efficiently allocating resources to VNFs amidst dynamic network traffic and service demands. Optimization of VNF placement and scheduling is essential to minimize execution costs while meeting stringent Service Level Agreements (SLAs) and ensuring quality-guaranteed services. Moreover, the convergence of NFV and SFC scheduling brings for security challenges, including unauthorized access, data interception, and service disruption. Balancing optimization objectives with strin-gent security requirements poses a non-trivial task, emphasizing the need for pri-oritizing security in resource allocation and scheduling decisions. Meeting SFC deadlines is challenging due to dynamic network conditions, service demands, and resource allocation complexity. Failure to meet deadlines can lead to service quality degradation, SLA violations, and financial penalties. To address these challenges, the security and cost-aware SFC scheduling problem is formulated as an optimiza-tion problem. Moreover, a three-level security model is designed for both the VNFs and the physical machines in the NFV-enabled networks. Since the problem is NP-hard, we propose two heuristics named Particle Swarm Optimization-Based SFC Scheduling approach and Group Learning Particle Swarm Optimization-Based SFC Scheduling model that focus on optimizing the execution cost of SFC while meet-ing security and deadline requirements. The proposed models are compared with the existing SFC scheduling models. The effectiveness of the proposed scheduling approaches is evaluated through extensive simulations and it is shown that proposed scheduling approaches outperform the existing models in terms of average execution cost, security violation ratio, deadline violation ratio, service level agreement viola-tion ratio, and average delay.

原文链接:

NETL
NSTL
Springer Nature

Parametric Machine Learning-Based Adaptive Sampling Algorithm for Efficient IoT Data Collection in Environmental Monitoring

Hatem AlgabrounLars Hakansson

5.1-5.22页

查看更多>>摘要：With the IoT trend, wireless sensors are gaining growing interest. This is due to the possibility of installing them in locations inaccessible to wired sensors. Although great success has already been achieved in this area, energy limitation remains a major obstacle for further advances. As such, it is important to optimize sampling to a sufficient rate to catch important information without excessive energy consump-tion. One way to achieve sufficient sampling is by using an algorithm for adaptive sampling named dynamic sampling rate algorithm (DSRA); however, this algorithm requires an expert to set and tune its parameters, which might not always be readily available. This study aims to further develop this algorithm to be machine learning based to tune these parameters. To achieve this goal, the algorithm was modified and an optimization strategy that considers a predetermined error threshold was devel-oped. Then the algorithm was implemented using simulated and real data with a set of predetermined errors thresholds to observe its performance. The results showed that the developed algorithm exhibited adaptive sampling behavior, and it could col-lect data efficiently depending on the predetermined error threshold. Based on the results, it is possible to conclude that the developed algorithm endows sensors with adaptive sampling capabilities based on the signal rate of change.

原文链接:

NETL
NSTL
Springer Nature

QoS-Aware Augmented Reality Task Offloading and Resource Allocation in Cloud-Edge Collaboration Environment

Jia HaoYang ChenJianhou Gan

6.1-6.25页

查看更多>>摘要：The integration of Augmented Reality (AR) into mobile devices has sparked a trend in the development of mobile AR applications across diverse sectors. Nevertheless, the execution of AR tasks necessitates substantial computational, memory, and stor-age resources, which poses a challenge for mobile terminals with limited hardware capabilities to run AR applications within a constrained time. To address this issue, we introduce a mobile AR offloading approach in the cloud-edge collaboration envi-ronment. Initially, we break down the AR task into a series of subtasks and gather characteristics related to hardware, software, configuration, and runtime environ-ments from the edge servers designated for offloading. Utilizing these characteris-tics, we build an AR Subtask Execution Delay Prediction Bayesian Network (EPBN) to forecast the execution delays of various subtasks on different edge platforms. Fol-lowing the predictions, we frame the task offloading as an NP-hard Traveling Sales-man Problem (TSP) and propose a solution based on Particle Swarm Optimization (PSO) heuristic algorithm to encode the offloading strategy. Comprehensive experi-ments have demonstrated that the prediction performance of the EPBN surpasses the other baselines, and PSO approach can reduce offloading latency effectively.

原文链接:

NETL
NSTL
Springer Nature

A Privacy-Preserving Surveillance Video Sharing Scheme: Storage, Authentication, and Joint Retrieval

Abdollah JabbariCarol Fung

7.1-7.29页

查看更多>>摘要：Today, video surveillance systems are widely used to monitor and enhance home and premises security. For convenience and security, users often upload surveillance footage to the cloud, which can be accessed by trusted users during emergencies. However, given the sensitive nature of this data, users might be wary of trusting cloud services with user authentication and video access. Thus, managing video access control and user authentication with limited trust in cloud services presents a significant challenge. In this paper, we propose a privacy-preserving and secure scheme for storing and sharing video footage in the cloud. Homeowners can incor-porate their trusted individuals into the system, thereby granting them access to view cloud-stored videos. Even in an emergency, these trusted users can collaborate to securely retrieve videos from the cloud. Our scheme allows homeowners to authenti-cate users and track video access without relying on cloud services. Our analysis by conducting formal proof using the Real-Or-Random (ROR) model indicates that the proposed scheme is secure. Additionally, we confirm its security and authenticity through ProVerif, a formal verification tool. Informal security assessments further demonstrate its resilience against various attacks. Finally, our communication and computational cost assessments show that our scheme is an effective and acceptable solution.

原文链接:

NETL
NSTL
Springer Nature

Identifying Distributed Denial of Service Attacks through Multi-Model Deep Learning Fusion and Combinatorial Analysis

Ali AlfatemiMohamed RahoutiD. Frank HsuChristina Schweikert...

8.1-8.30页

查看更多>>摘要：Distributed Denial of Service (DDoS) attacks pose a major threat to organizations by overwhelming their networks and servers. Effective identification of DDoS attacks is crucial for timely mitigation. This paper proposes a novel approach using deep learning and Combinatorial Fusion Analysis (CFA) for improved DDoS attack identification. Four deep neural network models are developed for binary classifica-tion of network traffic as either legitimate or DDoS attack. The models utilize differ-ent input features extracted from network traffic data to learn complex patterns. To enhance performance, the probabilistic outputs from the four models are fused using CFA. This combinatorial approach effectively aggregates the models' predictions to improve attack detection accuracy. Extensive experiments on real network data dem-onstrate that the proposed combinatorial fusion of multiple deep learning models achieves higher precision compared to individual models and other ensemble tech-niques. The results highlight the benefits of combining diverse deep learning models with combinatorial fusion for robust and accurate identification of DDoS attacks. This approach provides an effective solution to the growing threat of DDoS attacks.

原文链接:

NETL
NSTL
Springer Nature

A New Blockchain-Based Auction Method for Resource Allocation in Fog Computing Environment

Arezoo Ghasemi

9.1-9.34页

查看更多>>摘要：Considering the significant growth of the Internet of Things network in recent years, the volume of requests sent to cloud servers was predicted to increase. Therefore, to solve the concern that has arisen in recent years, Cisco proposed the fog computing model to reduce the delay and load sent to the cloud servers. However, despite the mentioned advantages, the fog computing model has challenges, the most impor-tant of which is the appropriate method for allocating resources. In this challenge, it is necessary to pay attention to issues such as resource efficiency, increasing the profit of fog nodes, correct pricing, building trust between fog nodes and the Internet of Things, and creating a secure financial exchange system between nodes. For this reason, in this paper, a resource allocation method is proposed in the fog comput-ing model based on the blockchain network. Combining blockchain technology with the fog computing model creates a safe and reliable environment where fog nodes can compete correctly and effectively for pricing. Also, in this article, a new auc-tion method is proposed, in which fog nodes take into account the net profit of the requests and the chance of winning the auction to participate in the auction. The results of the simulation show that the proposed method has been able to perform significantly better than other existing methods in terms of the number of serviced requests, resource efficiency, and profit.

原文链接:

NETL
NSTL
Springer Nature

Token as a Service for Software-Defined Zero Trust Networking

Muege Erel-OEzcevik

10.1-10.20页

查看更多>>摘要：Zero Trust Networking (ZTN) is more challenging in a multi-tenant environment. To meet different service requirements of multi-tenants and minimize the risk of physical deployment with low operational and capital expenditures, investments in Software-Defined Networks (SDN) based ZTN have been increased. The research question is whether is there any SDN-based architecture to maintain a trusted zone in a complex multi-tenant environment, where each network equipment can be dynamically configurable by many SDN controllers in a distributed way without security breach. Therefore, this paper proposes a novel Software-Defined Zero Trust Networking (SDZTN) decoupling Cyber and Physical layers. To maintain a trusted zone, it proposes a novel Token as a Service (TaaS) that executes genetic algorithm-based service optimization and generates unique tokens by its solution and using a simply implemented JSON Web Token (JWT). It reduces authentication/authoriza-tion load in cloud servers by simplifying and distributing databases in each Open-Flow switch. According to the proposed Zero Trust Evaluation (ZTE) metric con-sidering the token similarity and infection probability, SDZTN results in 25% higher trust than the conventional one. It also overcomes several infection attacks which have the potential to revolutionize token management systems by providing decen-tralized, easily implementable, and trusted solutions.

原文链接:

NETL
NSTL
Springer Nature

A Model of Encrypted Network Traffic Classification that Trades Off Accuracy and Efficiency

Lancan YuJianting YuanJin ZhengNan Yang...

11.1-11.32页

查看更多>>摘要：As the Internet industry evolves, the need for effective encrypted traffic classifica-tion (ETC) becomes critical for network management and cybersecurity. Meanwhile, existing deep learning (DL)-based methods struggle to balance model complexity with accuracy. A major challenge is to deploy these models on dominant network devices in a way that ensures fast and accurate traffic classification. In this paper, we propose FasterTrafficNet, a novel DL-based lightweight ETC strategy designed for deployment on low-configuration network devices. We have designed the core com-ponent of FasterTrafficNet using a PConv-based approach that efficiently extracts spatial features from data while reducing unnecessary computation and memory access, further enhancing the operational efficiency of the model. In addition, we integrated Do-Conv in place of conventional non-dot convolution to significantly increase the performance of the model without increasing the computational over-head during inference. We conducted a comparative analysis of FasterTrafficNet against seven advanced ETC methods using four publicly available benchmark datasets. Experimental results show that FasterTrafficNet, with 1.46 million model parameters, provides superior classification performance compared to the other methods. As a result, FasterTrafficNet demonstrates a lightweight approach to ETC that can be applied to large networks of devices.

原文链接:

NETL
NSTL
Springer Nature