TNSM Searchable Index

Author(s)	Title	Year	Publication	Keywords
MaoLin He, Bin Duo, Ping Huang, Junsong Luo, Dongfen Li, Jun Li	1+1 Protection Transmission for UAV-Enabled Computing Power Networks via Multi-Agent Reinforcement Learning	2026	Early Access	Autonomous aerial vehicles Computer architecture Routing	The rapid proliferation of networked devices and emerging applications has driven the evolution of computing power networks (CPNs) as a key architecture to meet the demands of sixth-generation (6G) communication. However, terrestrial CPNs still face challenges such as limited coverage, vulnerability to wireless impairments, and slow responsiveness in emergency or disaster scenarios. To address these challenges, this paper proposes a UAV-enabled computing power network (UCPN) that leverages the flexible deployment and line-of-sight communication advantages of UAVs to enhance transmission reliability and service continuity. In particular, we design a 1+1 protection transmission mechanism tailored for UCPNs, in which duplicated task data are forwarded over node-disjoint multi-hop UAV paths and recovered through interval-aware packet scheduling, enabling reliable task delivery under UAV failures and dynamic wireless conditions. Building upon this protection mechanism, we further develop a multi-agent reinforcement learning (MARL)–based node assignment and routing optimization algorithm, referred to as MAPPO-NARO. Unlike existing MARL-based UAV routing or task offloading approaches that primarily focus on single-path transmission or isolated node selection, the proposed algorithm explicitly incorporates 1+1 protection decisions into the MARL formulation, jointly learning access UAV selection, computing UAV assignment, and fault-tolerant dual-path routing under resource and latency constraints. Simulation results demonstrate that the proposed algorithm achieves lower packet loss, better load balance, and higher reliability compared with the baseline methods. Moreover, when UAV failures occur due to adverse weather conditions, signal interference, or hardware malfunctions, the proposed scheme still maintains high service availability, which indicates that it is well suited for emergency scenarios.	10.1109/TNSM.2026.3672762
Deemah H. Tashman, Soumaya Cherkaoui	Trustworthy AI-Driven Dynamic Hybrid RIS: Joint Optimization and Reward Poisoning-Resilient Control in Cognitive MISO Networks	2026	Early Access	Reconfigurable intelligent surfaces Reliability Optimization	Cognitive radio networks (CRNs) are a key mechanism for alleviating spectrum scarcity by enabling secondary users (SUs) to opportunistically access licensed frequency bands without harmful interference to primary users (PUs). To address unreliable direct SU links and energy constraints common in next-generation wireless networks, this work introduces an adaptive, energy-aware hybrid reconfigurable intelligent surface (RIS) for underlay multiple-input single-output (MISO) CRNs. Distinct from prior approaches relying on static RIS architectures, our proposed RIS dynamically alternates between passive and active operation modes in real time according to harvested energy availability. We also model our scenario under practical hardware impairments and cascaded fading channels. We formulate and solve a joint transmit beamforming and RIS phase optimization problem via the soft actor-critic (SAC) deep reinforcement learning (DRL) method, leveraging its robustness in continuous and highly dynamic environments. Notably, we conduct the first systematic study of reward poisoning attacks on DRL agents in RIS-enhanced CRNs, and propose a lightweight, real-time defense based on reward clipping and statistical anomaly filtering. Numerical results demonstrate that the SAC-based approach consistently outperforms established DRL base-lines, and that the dynamic hybrid RIS strikes a superior trade-off between throughput and energy consumption compared to fully passive and fully active alternatives. We further show the effectiveness of our defense in maintaining SU performance even under adversarial conditions. Our results advance the practical and secure deployment of RIS-assisted CRNs, and highlight crucial design insights for energy-constrained wireless systems.	10.1109/TNSM.2026.3660728
Francesco Chiti, Simone Morosi, Laura Pierucci	Multiple SDN Controllers Placement for Integrated Satellite/Terrestrial Network	2026	Early Access		The integration of Terrestrial Networks (TN) and Non Terrestrial Networks (NTN) has been explored within the 3GPP standardization forum, and it is now being extended toward discussions on the future 6G vision. An integrated T/NTN is highly heterogeneous and requires different communication protocols and links for each layer, resulting in increased network management and control complexity. The Software Defined Networking (SDN) paradigm can enable unified and efficient T/NTN management, allowing full resource optimization of the satellites, radio access and core network. This paper proposes an optimized SDN-based T/NTN architecture, where Low Earth Orbit (LEO) satellites are dynamically selected to act as multiple SDN controllers if the terrestrial network becomes saturated or unavailable, or to jointly operate with the terrestrial controllers under the coordination of a central terrestrial controller. From this perspective, the number of the SDN controllers and their placement are of paramount importance. A multi-controller placement strategy is evaluated for the integrated T/NTN using the Simulated Annealing (SA) plus Tabu Search methods to search for the optimal solution in terms of average latency and SDN controllers load, while accounting for the frequent topology variations inherent to LEO satellites. In addition, the design of the SDN architecture for an integrated T/NTN system, and in particular the definition of a distributed SDN control plane (CP) across both the terrestrial and satellite segments, including the specific mechanisms required to enable LEO satellites to operate as controllers, is also addressed. Extensive simulations based on realistic T/NTN topologies, specifically, the terrestrial Agis network and the Iridium NEXT satellite constellation, show that the use of multiple controllers in optimized placements both in terrestrial and satellite segments decreases the average latency and balances the load of each controller. In addition, the proposed controller switching policy adopted for the LEO segment helps to avoid frequent reassignments and improves the reliability of the overall integrated system.	10.1109/TNSM.2026.3673404
Hyeongjin Kim, Hyunbum Kim, Wooil Kim, Athanasios V. Vasilakos, Paolo Bellavista	Resting Drone-Enabled Enhanced ITS Coverage and V2X Integration Network Management for Urban Mobility Service	2026	Early Access		Extending Intelligent Transportation Systems (ITS) toward suburban and peripheral regions is challenging because dense roadside infrastructure is expensive to deploy and underutilized outside peak hours. This paper proposes a V2X-enabled resting drone framework as a dynamic traffic flow management solution for ITS, in which drones equipped with Vehicle-to-Everything (V2X) connectivity are dispatched on demand to congested suburban corridors, provide temporary ITS services, and then land on attachment points to rest in a low-power state when not needed. The framework combines a synthetic multi-city road network, a time-slot–based traffic model, and a load-dependent V2X Quality-of-Service abstraction that maps latency and packet loss into an effective drone availability metric and explicitly captures the impact of non-ideal V2X conditions on control reliability. Within this framework, we develop and evaluate GOLD, a Greedy Overlap-Limited Drone deployment algorithm that prioritizes high-gain, low-overlap locations to maximize effective (overlap-removed) ITS expansion with a limited drone fleet. GOLD is compared against a conventional local threshold-based drone deployment rule that independently scales each road point’s coverage radius with traffic intensity, modeling existing overlap-unaware UAV/ITS extensions. Simulation results over multiple random map and traffic realizations show that GOLD achieves a large fraction of the baseline’s effective coverage with substantially fewer active drones under ideal V2X conditions and maintains its relative advantage when V2X latency and packet loss degrade drone availability, demonstrating that resting drones coordinated by GOLD provide a scalable and robust complement to fixed roadside ITS infrastructure.	10.1109/TNSM.2026.3673324
Jun Li, Yuxuan Chen, Zhiyuan Zhong, Yongcheng Li, Biswanath Mukherjee, Gangxiang Shen	Resource Allocation for Time-Sensitive Services in Centralized Optical and Wi-Fi Access Networks	2026	Early Access		To satisfy the stringent requirements of emerging broadband services in home networks, a novel Centralized optical and Wi-Fi Access Network (C-WAN) has been proposed within the context of Fiber-to-The-Room (FTTR). In C-WAN, centralized management and control of multiple Wi-Fi access points (APs) deployed in each room are facilitated by relocating portions of Wi-Fi protocols from the APs to a centralized entity. This approach significantly enhances network performance, including throughput and roaming capabilities. However, C-WAN also imposes strict demands on the fronthaul networks, specifically requiring high bandwidth and ultra-low latency. In this context, orthogonal frequency division multiplexing passive optical network (OFDM-PON) emerges as a promising solution to support the C-WAN fronthaul network by allocating dedicated subcarriers to each AP. In C-WAN over OFDM-PON, Wi-Fi stations still contend for access to the wireless channel based on existing Wi-Fi protocols, which may result in prolonged wireless access delays. Consequently, the Quality of Service (QoS) requirements for time-sensitive (TS) services may not be met. Additionally, the variation in maximum Wi-Fi throughput due to the contention-based access mechanism presents a significant challenge for the efficient allocation of optical network resources under stringent delay constraints. To address these issues, we propose a priority-based access mechanism that assigns higher priority to TS services for accessing Wi-Fi channels and obtaining wireless resources. Building on this mechanism, we further develop a Wi-Fi throughput prediction model, which is used to optimize the allocation of optical network resources. Simulation results demonstrate that the proposed scheme can effectively reduce wireless access delay and jitter for TS services, meeting their performance requirements while also improving the utilization of optical network resources.	10.1109/TNSM.2026.3673270
Yonghan Wu, Jin Li, Yi Huang, Weixuan Fan, Qi Zhang, Danshi Wang, Min Zhang	Timeslot-Adaptive and Traffic Load-Aware Routing Computation in Two-layer LEO Satellite Networks	2026	Early Access		Low Earth orbit (LEO) satellite networks, as a fundamental component of 6G networks, are designed to provide full coverage, low latency, and high quality of service (QoS) for satellite-terrestrial integrated networks (STIN). Topology representations and routing computation in dynamic LEO satellite networks have become key research focuses. However, balancing network dynamics with traffic load remains challenging due to inaccurate topology representation and inefficient routing in existing studies. To address this, we propose a timeslot-adaptive and traffic load-aware routing computation (TA-TLARC) scheme for two-layer LEO satellite networks. The two-layer LEO satellite networks consist of communication layer satellites (CLS) and relay and sensing layer satellites (RSLS). TA-TLARC adaptively adjusts timeslots based on traffic variations and utilizes distributed adjacency matrices for routing computation. Simulation results show that TA-TLARC achieves better performance than existing routing schemes in key QoS metrics such as routing success rate, delay, throughput, and packet loss rate. Although routing hops and power consumption increase within acceptable limits, the routing success rate of TA-TLARC remains 99.6% to 100%. The QoS performance, including delay, throughput, and packet loss rate, is improved by 10% to 40% compared to those of the comparative schemes under different traffic scenarios. The robustness of TA-TLARC is further analyzed and demonstrated to be acceptable under various failure conditions. The results demonstrate that the proposed TA-TLARC effectively addresses routing computation challenges and significantly improves QoS performance in two-layer LEO satellite networks.	10.1109/TNSM.2026.3673268
Jing Zhang, Chao Luo, Rui Shao	MTG-GAN: A Masked Temporal Graph Generative Adversarial Network for Cross-Domain System Log Anomaly Detection	2026	Early Access	Anomaly detection Adaptation models Generative adversarial networks	Anomaly detection of system logs is crucial for the service management of large-scale information systems. Nowadays, log anomaly detection faces two main challenges: 1) capturing evolving temporal dependencies between log events to adaptively tackle with emerging anomaly patterns, 2) and maintaining high detection capabilities across varies data distributions. Existing methods rely heavily on domain-specific data features, making it challenging to handle the heterogeneity and temporal dynamics of log data. This limitation restricts the deployment of anomaly detection systems in practical environments. In this article, a novel framework, Masked Temporal Graph Generative Adversarial Network (MTG-GAN), is proposed for both conventional and cross-domain log anomaly detection. The model enhances the detection capability for emerging abnormal patterns in system log data by introducing an adaptive masking mechanism that combines generative adversarial networks with graph contrastive learning. Additionally, MTG-GAN reduces dependency on specific data distribution and improves model generalization by using diffused graph adjacency information deriving from temporal relevance of event sequence, which can be conducive to improve cross-domain detection performance. Experimental results demonstrate that MTG-GAN outperforms existing methods on multiple real-world datasets in both conventional and cross-domain log anomaly detection.	10.1109/TNSM.2026.3654642
Jiazhong Lu, Jimin Peng, Jian Shu, Jiali Yin, Xiaolei Liu	Adversarial Sample Based on Structured Fusion Noise for Botnet Detection in Industrial Control Systems	2026	Early Access	Botnet Industrial control Feature extraction	The industrial control system’s artificial intelligence-based botnet intrusion detection system has a high detection performance and efficiency in an environment without interference. However, these systems are not immune to evasion through adversarial samples. In this study, we introduce a feature extraction technique tailored for ICS botnet detection. This approach classifies traffic packets based on network traffic attributes and ICS-specific identification codes, encompassing the statuses of ICS devices, enhancing detection precision. Meanwhile, this strategy addresses challenges in ICS data collection and bolsters experimental efficacy. To build a comprehensive botnet intrusion dataset within an ICS, we concurrently utilized existing ICS devices to collect both standard ICS and botnet traffic. Additionally, we present an innovative adversarial sample generation method for botnet detection models, integrating both time-domain and frequency-domain noise. Testing under three real-world ICS attack scenarios revealed our technique can markedly degrade the classification performance of eight leading AI-based detection models, emphasizing its potential for evading AI-based ICS intrusion detectors.	10.1109/TNSM.2026.3665504
Pengcheng Guo, Zhi Lin, Haotong Cao, Yifu Sun, Kuljeet Kaur, Sherif Moussa	GAN-Empowered Parasitic Covert Communication: Data Privacy in Next-Generation Networks	2026	Early Access	Interference Generators Generative adversarial networks	The widespread integration of artificial intelligence (AI) in next-generation communication networks poses a serious threat to data privacy while achieving advanced signal processing. Eavesdroppers can use AI-based analysis to detect and reconstruct transmitted signals, leading to serious leakage of confidential information. In order to protect data privacy at the physical layer, we redefine covert communication as an active data protection mechanism. We propose a new parasitic covert communication framework in which communication signals are embedded into dynamically generated interference by generative adversarial networks (GANs). This method is implemented by our CDGUBSS (complex double generator unsupervised blind source separation) system. The system is explicitly designed to prevent unauthorized AI-based strategies from analyzing and compromising signals. For the intended recipient, the pretrained generator acts as a trusted key and can perfectly recover the original data. Extensive experiments have shown that our framework achieves powerful covert communication, and more importantly, it provides strong defense against data reconstruction attacks, ensuring excellent data privacy in next-generation wireless systems.	10.1109/TNSM.2026.3666669
Fernando Martinez-Lopez, Lesther Santana, Mohamed Rahouti, Abdellah Chehri, Shawqi Al-Maliki, Gwanggil Jeon	Learning in Multiple Spaces: Prototypical Few-Shot Learning with Metric Fusion for Next-Generation Network Security	2026	Early Access	Measurement Prototypes Extraterrestrial measurements	As next-generation communication networks increasingly rely on AI-driven automation, ensuring robust and secure intrusion detection becomes critical, especially under limited labeled data. In this context, we introduce Multi-Space Prototypical Learning (MSPL), a few-shot intrusion detection framework that improves prototype-based classification by fusing complementary metric-induced spaces (Euclidean, Cosine, Chebyshev, and Wasserstein) via a constrained weighting mechanism. MSPL further enhances stability through Polyak-averaged prototype generation and balanced episodic training to mitigate class imbalance across diverse attack categories. In a few-shot setting with as few as 200 training samples, MSPL consistently outperforms single-metric baselines across three benchmarks: on CICEVSE Network2024, AUPRC improves from 0.3719 to 0.7324 and F1 increases from 0.4194 to 0.8502; on CICIDS2017, AUPRC improves from 0.4319 to 0.4799; and on CICIoV2024, AUPRC improves from 0.5881 to 0.6144. These results demonstrate that multi-space metric fusion yields more discriminative and robust representations for detecting rare and emerging attacks in intelligent network environments.	10.1109/TNSM.2026.3665647
Yanxu Lin, Renzhong Zhong, Jingnan Xie, Yueting Zhu, Byung-Gyu Kim, Saru Kumari, Shakila Basheer, Fatimah Alhayan	Privacy-Preserving Digital Publishing Framework for Next-Generation Communication Networks: A Verifiable Homomorphic Federated Learning Approach	2026	Early Access	Electronic publishing Federated learning Cryptography	Next-generation communication networks are revolutionizing digital publishing through intelligent content distribution and collaborative optimization capabilities. However, existing federated learning approaches face fundamental limitations, including trusted third-party dependencies, excessive communication overhead, and vulnerability to collusion attacks between servers and participants. This paper introduces VHFL-DP, a verifiable homomorphic federated learning framework for digital publishing environments operating within 6G network infrastructures. The framework addresses critical privacy and scalability challenges through four key innovations: a distributed cryptographic key generation protocol that eliminates trusted third-party requirements, Chinese remainder theorem-based dimensionality reduction, auxiliary validation nodes that enable independent verification with constant-time complexity, and an intelligent incentive mechanism that rewards digital publishing platforms based on objective contribution quality metrics. Experimental evaluation on MNIST and Amazon reviews datasets across six baseline methods demonstrates that VHFL-DP achieves superior performance with accuracy improvements of 4.2% over the best baseline method. The framework maintains constant verification time ranging from 2.73 to 2.91 seconds regardless of platform count, increasing from ten to fifty, or dropout rates reaching thirty percent. Security evaluation reveals strong resilience with only 2.4 percentage point accuracy degradation under poisoning attacks compared to 6.7-7.0 points for baseline method, inference attack success near random guessing at 51.3%, and 92.4% successful aggregation under Byzantine adversaries.	10.1109/TNSM.2026.3667167
Zhaoping Li, Mingshu He, Xiaojuan Wang	HKD-Net: Hierarchical Knowledge Distillation Based on Multi-Domain Feature Fusion for Efficient Network Intrusion Detection	2026	Early Access	Feature extraction Telecommunication traffic Knowledge engineering	We propose HKD-Net1, a hierarchical knowledge distillation network based on multi-domain feature fusion, for efficient network intrusion detection on resource-constrained edge devices. The framework incorporates dedicated feature extraction modules across temporal, frequency, and spatial domains, and introduces a dynamic gating mechanism for adaptive feature fusion, resulting in a more discriminative and comprehensive feature representation. Moreover, a hierarchical distillation mechanism is designed that not only preserves soft labels from the output layer but also aligns intermediate features from spatial, temporal, frequency, and fused domains, enabling efficient knowledge transfer from a large teacher model to a compact student model. Through knowledge distillation, the final lightweight model requires only 278,580 parameters, reducing the number of parameters by approximately 74.68% compared to the teacher, while maintaining high detection accuracy. Extensive experiments on three public datasets (Kitsune, CIRA-CIC-DoHBrw2020, and CICIoT2023) demonstrate that HKD-Net outperforms five state-of-the-art methods, achieving accuracies of 96.72%, 97.19%, and 87.19%, respectively, while reducing parameters by 74.68% and maintaining low computational cost.	10.1109/TNSM.2026.3668812
Wenxuan Li, Yu Yao, Ni Zhang, Chuan Sheng, Ziyong Ran, Wei Yang	IMADP: Imputation-based Anomaly Detection in SCADA Systems via Adversarial Diffusion Process	2026	Early Access	Anomaly detection Adaptation models Data models	As the confrontation of the industrial cybersecurity upgrades, multi-dimensional variables measured by the SCADA multi-sensor are critical for assessing security risks in industrial field devices. While Deep Learning (DL) methods based on generative models have demonstrated effectiveness, the impact of missing features in samples and temporal window size on modeling and detection processes has been consistently overlooked. To address these challenges, this work proposes an IMADP framework that integratively solves two tasks of missingness patching and anomaly detection. Firstly, the Window-based Adaptive Selection Strategy (WASS) is also designed to intelligently window samples, reducing reliance on prior settings. Secondly, an imputer is constructed under WASS to restore sample integrity, which is implemented by a fully-connected network centered on Neural Controlled Differential Equations (NCDEs). Thirdly, a adversarial diffusion detection model with the variant Transformer as the inverse solver is proposed. Additionally, the Adaptive Dynamic Mask Mechanism (ADMM) is built upon to bolster the model’s comprehension of inter-dependencies between time and sensor nodes. Simultaneously, adversarial training is introduced to optimize training and detection latency caused by the excessive diffusion step size during the native Conditional Diffusion process. The experimental results validate that the proposed framework has the capability to build detectors using missing training samples, and its overall detection performance, tested across six datasets, is superior to existing methods.	10.1109/TNSM.2026.3670062
Chengwei Liao, Guofeng Yan, Hengliang Tan, Jiao Du, Xia Deng, Heng Wu	jTOLP-MADRL: A MADRL-based Joint Optimization Algorithm of Task Offloading Location and Proportion for Latency-sensitive Tasks in Vehicle Edge Computing Network	2026	Early Access	Servers Resource management Edge computing	In Vehicle Edge Computing Network (VECN), task offloading is a key technique to provide the satisfactory quality of service (QoS) for latency-sensitive tasks. However, the diversity of computational resources in edge nodes (i.e., RSU and idle vehicles) and the mobility of vehicles present significant challenges to task offloading. Hence, to address these challenges, we propose an offloading scheme that jointly allocates RSU nodes (including MEC servers) and idle service vehicle resources in this paper. We first prioritize these tasks based on their maximum tolerable latency and design a utility function to capture the executing cost for latency-sensitive tasks. Then, we propose a joint optimization algorithm of task offloading location and proportion based on Multi-agent Deep Reinforcement Learning (jTOLP-MADRL algorithm) for latency-sensitive tasks in VECN, which consists of two sub-algorithms: the Offloading Location Selection (OLS) algorithm and the Offloading Proportion Allocation (OPA) algorithm. Additionally, we design a Convolutional Recurrent Actor-Critic Network (CRACN) to enhance the learning efficiency of the OLS algorithm. Finally, we indicate our algorithm is effective based on simulation results. Compared with the other benchmark algorithms, jTOLP-MADRL can significantly reduce latency and enhance system utility.	10.1109/TNSM.2026.3669913
Wenjing Jing, Quan Zheng, Siwei Peng, Shuangwu Chen, Xiaobin Tan, Jian Yang	Equivalent Characteristic Time Approximation Based Network Planning for Cache-enabled Networks	2026	Early Access	Planning Resource management Costs	The exponential surge in network traffic has imposed significant challenges on traditional Internet architectures, resulting in high latency and redundant transmissions. Cache-enabled networks alleviate these issues by deploying content closer to end-users, making the planning of such networks a research focus. However, regional heterogeneity in user demand and caching interdependencies among hierarchical nodes complicate the planning process. Most existing approaches rely on simplistic even allocation or empirical methods, which fail to simultaneously meet user performance expectations and minimize deployment costs. This paper proposes a network planning framework based on the Equivalent Characteristic Time Approximation (ECTA). The approach begins by establishing a performance–resource mapping. Using ECTA, we decouple the tightly coupled characteristic time relationships across hierarchical nodes, thereby accurately estimating the required cache capacity and bandwidth needed to achieve user performance targets. Building on this foundation, we formulated the network planning as a constrained convex optimization problem that minimizes deployment cost while satisfying user performance constraints. We conducted extensive experiments on a large-scale simulation platform (ndnSIM) and a real-world cache-enabled network testbed (CENI-HeFei). The results demonstrate that, under identical network topologies and total resource constraints, our method significantly improves cache hit probability while reducing deployment costs compared to homogeneous resource allocation schemes. This work provides a practical theoretical foundation and valuable insights for the design, deployment, and optimization of future cache-enabled networks.	10.1109/TNSM.2026.3670399
Woojin Jeon, Donghyun Yu, Ruei-Hau Hsu, Jemin Lee	Secure Data Sharing Framework with Fine-grained Access Control and Privacy Protection for IoT Data Marketplace	2026	Early Access	Internet of Things Encryption Access control	The proliferation of IoT devices has led to an exponential increase in data generation, creating new opportunities for data marketplaces. However, due to the security and privacy issues arising from the sensitive nature of IoT data, as well as the need for efficient management of vast amounts of IoT data, a robust solution is necessary. Therefore, this paper proposes a secure data sharing framework with fine-grained access control and privacy protection for the internet of things (IoT) data marketplace. For fine-grained access control of the data in the proposed protocol, we develop the hidden attributes and encryption outsourced key-policy attribute-based encryption (HAEO-KP-ABE) that outsources high-complex operations to peripheral devices with high capability to reduce the computation burden of IoT device. It achieves data privacy by hiding attributes in the ciphertext and by preventing entities that do not hold the data consumer’s secret key material (including SA/CS) from running the match test on stored ciphertexts before decryption. It also has an efficient match test algorithm which can verify that the hidden attributes of the ciphertext match the access policy of the data consumer’s private key without revealing those attributes. We demonstrate the proposed protocol satisfies the security features required for the data sharing process in an IoT data marketplace environment. Furthermore, we evaluate the execution time of the proposed protocol according to the number of attributes and show the practicality and efficiency of the proposed protocol compared to the related works.	10.1109/TNSM.2026.3670207
Guolong Li, Yuan Gao, Jiongjiong Ren, Shaozhen Chen	BPF-GNN: A multi-granularity feature extraction model using graph neural networks for encrypted traffic classification	2026	Early Access	Feature extraction Cryptography Payloads	Encrypted traffic classification is crucial for critical network management tasks such as traffic type identification, resource allocation, and risk mitigation, especially given that encrypted traffic has become the dominant form of modern network communication. However, existing classification methods are typically confined to single-level feature extraction, failing to capture the multi-granularity information inherent in traffic and thus limiting their ability to characterize complex encrypted traffic patterns. To address this issue, this paper proposes BPF-GNN, a hierarchical graph feature extraction model for encrypted traffic classification. The model enables multi-granularity feature learning by constructing a three-tier graph structure (Byte-, Packet-, and Flow-level). It sequentially extracts discriminative information inherent in each granularity level and accumulates multi-dimensional traffic characteristics, significantly improving the classification accuracy of encrypted traffic. Experiments on the ISCX-VPN2016, ISCX-Tor2016, USTC-TFC2016, and MIRAGE-2024 datasets demonstrate that BPF-GNN outperforms existing methods, validating the effectiveness and superiority of the proposed hierarchical multi-granularity feature extraction approach.	10.1109/TNSM.2026.3671203
Beibei Li	B-TWGA: A Trusted Gateway Architecture Based on Blockchain for Internet of Things	2026	Early Access	Internet of Things Blockchains Security	Internet of Things (IoT) terminals are commonly used for data sensing and edge control. The communication links between these hardware devices are critical points that are vulnerable to security attacks. Moreover, these links are usually composed of resource-constrained nodes that cannot implement strong security protections. To address these security threats, we introduce a Blockchain-based Trustworthy Gateway Architecture (B-TWGA), which does not rely on additional thirdparty management institutions or hardware facilities, nor does it require central control. Our proposal further considers the possibility of Denial of Service (DoS) attacks in blockchain transactions, ensuring secure storage and seamless interaction within the network. The proposed scheme offers advantages such as tamper-proofing, protection against malicious attacks, and reliability while maintaining operational simplicity. Experimental results demonstrate that B-TWGA maintains stable trust levels even when 40% of the network nodes are malicious, effectively mitigates trust degradation caused by vote-stuffing and switch attacks, and ensures high transaction processing performance, achieving an average throughput of 97.55% for storage transactions with practical response times below 0.7s for typical trust file sizes.	10.1109/TNSM.2026.3671208
Ebrima Jaw, Moritz Müller, Cristian Hesselman, Lambert Nieuwenhuis	Reproducibility Study and Assessment of the Evolution of Serial BGP Hijacking Events	2026	Early Access	Internet Routing Border Gateway Protocol	The Border Gateway Protocol (BGP) is the Internet’s most crucial protocol for efficient global connectivity and traffic routing. However, BGP is well known to be susceptible to route hijacks and leaks. Route hijacks are the intentional or unintentional illegitimate announcements of network resources that can compromise the confidentiality, integrity, and availability of communication systems. In the past, the so-called “serial hijackers” have hijacked Internet resources multiple times, some lasting for several months or years. So far, only the paper “Profiling BGP Serial Hijackers” has explicitly focused on these repeat offenders, and it dates back to 2019. Back then, they had to process large amounts of BGP announcements to find a few potential serial hijackers. In this paper, we revisit the profiling of serial hijackers. We reproduced the 2019 study and showed that we can identify potential offenders with less data while achieving similar accuracy. Our study confirms that there has been no significant increase in the evolution of serial hijacking activities in the last five years. We then extend their research, further analyze the characteristics of the serial hijackers, and show that most of the alleged serial hijackers are still active on the Internet. We also find that 22.9% of the hijacks violated RPKI objects but were still widely propagated, and that even MANRS participants were among the propagating networks.	10.1109/TNSM.2026.3671613
Wenxue Hu, Lei Sun, Zhangchao Ma, Rong Huang, Yushan Pei, Jianquan Wang	A Novel Time-Window Scheduling Algorithm With Network Calculus Model in Time-Sensitive Networking	2026	Early Access	Job shop scheduling Optimization Switches	Traffic scheduling plays a critical role in Time-Sensitive Networking (TSN) for ensuring high reliability and deterministic latency. In this paper, we propose a novel window-based scheduling approach for the Time-Aware Shaper (TAS). By allowing packets to wait in egress queues before forwarding, our approach relaxes the strict timing constraints imposed by existing packet-based schedulers. We employ a generalized Network Calculus (NC) framework built on an End-to-End (E2E) network model, to analyze the upper-bound latency, which is then used to assess the schedulability of Time-Critical (TC) traffic. Inspired by the Proportional–Integral–Derivative (PID) closed-loop control architecture, we introduce an Incremental PID-based Search (IPS) algorithm to optimize schedulability, where the P, I, and D terms are leveraged to scale update steps, maintain search momentum, and dampen the oscillations, respectively. To accommodate various traffic classes, throughput constraints for non-TC traffic are incorporated as bounds on window lengths. Simulation experiments were performed on a multi-node network topology carrying large traffic volumes. Under optimal PID settings, the proposed IPS algorithm was evaluated against the well-validated Simulated Annealing (SA) method under a unified scheduling framework with identical decision variables and constraints to ensure a fair comparison. Results show that IPS consistently achieves higher schedulability and requires fewer iterations for flow counts ranging from 100 to 600. Furthermore, a real-time simulation platform based on OMNeT++ was developed, and the effectiveness of the proposed wait-allowed scheduling model was validated through optimized GCL configurations.	10.1109/TNSM.2026.3673031