TNSM Searchable Index

Author(s)	Title	Year	Publication	Keywords
Deemah H. Tashman, Soumaya Cherkaoui	Trustworthy AI-Driven Dynamic Hybrid RIS: Joint Optimization and Reward Poisoning-Resilient Control in Cognitive MISO Networks	2026	Early Access	Reconfigurable intelligent surfaces Reliability Optimization	Cognitive radio networks (CRNs) are a key mechanism for alleviating spectrum scarcity by enabling secondary users (SUs) to opportunistically access licensed frequency bands without harmful interference to primary users (PUs). To address unreliable direct SU links and energy constraints common in next-generation wireless networks, this work introduces an adaptive, energy-aware hybrid reconfigurable intelligent surface (RIS) for underlay multiple-input single-output (MISO) CRNs. Distinct from prior approaches relying on static RIS architectures, our proposed RIS dynamically alternates between passive and active operation modes in real time according to harvested energy availability. We also model our scenario under practical hardware impairments and cascaded fading channels. We formulate and solve a joint transmit beamforming and RIS phase optimization problem via the soft actor-critic (SAC) deep reinforcement learning (DRL) method, leveraging its robustness in continuous and highly dynamic environments. Notably, we conduct the first systematic study of reward poisoning attacks on DRL agents in RIS-enhanced CRNs, and propose a lightweight, real-time defense based on reward clipping and statistical anomaly filtering. Numerical results demonstrate that the SAC-based approach consistently outperforms established DRL base-lines, and that the dynamic hybrid RIS strikes a superior trade-off between throughput and energy consumption compared to fully passive and fully active alternatives. We further show the effectiveness of our defense in maintaining SU performance even under adversarial conditions. Our results advance the practical and secure deployment of RIS-assisted CRNs, and highlight crucial design insights for energy-constrained wireless systems.	10.1109/TNSM.2026.3660728
Shigen Shen, Jun Wu, Yizhou Shen, Xiaoping Wu, Jingnan Dong, Tian Wang, Ruidong Li	Privacy-Aware DRL for Differential Games-assisted Malware Defense in Edge Intelligence-enabled Social IoT	2026	Early Access	Malware Adaptation models Differential games	The edge intelligence-enabled Social Internet of Things (SIoT) faces severe security threats from stealthy malware propagation, while existing defenses struggle to model complex behaviors or provide real-time and privacy-aware responses. Herein, we propose a comprehensive malware defense framework integrating a five-state propagation model, continuous-time differential games, and a privacy-aware reinforcement learning algorithm named PP-D3QN (Privacy-Preserving Dueling Double Deep Q Network). The malware propagation model includes susceptible, infectious, patched, quarantined, and removed states, accurately representing centralized and cooperative patching as well as quarantine detection mechanisms. Leveraging differential games, optimal defense strategies are theoretically derived by solving the Hamilton–Jacobi– Bellman equation, dynamically balancing infection risk, patching benefits, and quarantine costs. The PP-D3QN algorithm employs prioritized experience replay with strict control over private data sampling and Gaussian noise perturbation to ensure differential privacy, while learning effective defense strategies through practical interaction with dynamic edge intelligence-enabled SIoT systems. Extensive simulations demonstrate that the proposed method significantly improves malware suppression speed and SIoT nodes recovery rates, showcasing strong theoretical and practical value. This work offers a rigorous and applicable solution for dynamic malware defense under privacypreserving constraints in edge intelligence-enabled SIoT systems.	10.1109/TNSM.2026.3666173
Devanshu Anand, Gabriel-Miro Muntean	Mitigating Interferences in 5G O-RAN HetNets through ML-driven xAPP to Enhance Users’ QoS	2026	Early Access		In today’s rapidly evolving telecommunications landscape, the demand for seamless connectivity and top-tier network performance has reached unprecedented levels. Traditional cellular systems, while valiant in their service, now struggle under the weight of spiraling data demands, spectrum scarcity, and power inefficiency. The era of ultra-dense mobile networks, with Heterogeneous Networks (HetNets) at the forefront, ushers in improved throughput, spectral efficiency, and energy management. To tackle these challenges, this paper introduces MLCIMO (Machine Learning-enhanced Classification for Interference Management and Offloading) into 5G HetNets. MLCIMO employs a multi-binary classification strategy to categorize users based on interference types and levels. It also introduces an offloading scheme tailored to user service priorities, enhancing the user quality of experience, while conserving energy. It seamlessly aligns with the evolving needs of the HetNets, addressing some of the issues introduced by small cell deployments. Simulation results show that MLCIMO achieves the highest throughput, shortest delay, and lowest packet loss ratio in comparison with alternative approaches. In a comprehensive analysis, the varying degrees of interference encountered by users under different schemes are unveiled, further establishing MLCIMO’s distinguished position in mitigating interference.	10.1109/TNSM.2026.3667462
Jesus Omaña Iglesias, Carlos Segura Perales, Stefan Geißler, Diego Perino, Andra Lutu	Anomaly Detection for IoT Global Connectivity	2026	Early Access	Internet of Things Anomaly detection Ecosystems	Internet of Things (IoT) application providers rely on Mobile Network Operators (MNOs) and roaming infrastructures to deliver their services globally. In this complex ecosystem, where the end-to-end communication path traverses multiple entities, it became increasingly challenging to guarantee communication availability and reliability. Further, most platform operators use a reactive approach to communication issues, responding to user complaints only after incidents have become severe, compromising service quality. This paper presents our experience in the design and deployment of ANCHOR – an unsupervised anomaly detection solution for the IoT connectivity service of a large global roaming platform. ANCHOR assists engineers by filtering vast amounts of data to identify potential problematic clients (i.e., those with connectivity issues affecting several of their IoT devices), enabling proactive issue resolution before the service is critically impacted. We first describe the IoT service, infrastructure, and network visibility of the IoT connectivity provider we operate. Second, we describe the main challenges and operational requirements for designing an unsupervised anomaly detection solution on this platform. Following these guidelines, we propose different statistical rules, and machine- and deep-learning models for IoT verticals anomaly detection based on passive signaling traffic.We describe the steps we followed working with the operational teams on the design and evaluation of our solution on the operational platform, and report an evaluation on operational IoT customers.	10.1109/TNSM.2026.3666123
Yanxu Lin, Renzhong Zhong, Jingnan Xie, Yueting Zhu, Byung-Gyu Kim, Saru Kumari, Shakila Basheer, Fatimah Alhayan	Privacy-Preserving Digital Publishing Framework for Next-Generation Communication Networks: A Verifiable Homomorphic Federated Learning Approach	2026	Early Access		Next-generation communication networks are revolutionizing digital publishing through intelligent content distribution and collaborative optimization capabilities. However, existing federated learning approaches face fundamental limitations, including trusted third-party dependencies, excessive communication overhead, and vulnerability to collusion attacks between servers and participants. This paper introduces VHFL-DP, a verifiable homomorphic federated learning framework for digital publishing environments operating within 6G network infrastructures. The framework addresses critical privacy and scalability challenges through four key innovations: a distributed cryptographic key generation protocol that eliminates trusted third-party requirements, Chinese remainder theorem-based dimensionality reduction, auxiliary validation nodes that enable independent verification with constant-time complexity, and an intelligent incentive mechanism that rewards digital publishing platforms based on objective contribution quality metrics. Experimental evaluation on MNIST and Amazon reviews datasets across six baseline methods demonstrates that VHFL-DP achieves superior performance with accuracy improvements of 4.2% over the best baseline method. The framework maintains constant verification time ranging from 2.73 to 2.91 seconds regardless of platform count, increasing from ten to fifty, or dropout rates reaching thirty percent. Security evaluation reveals strong resilience with only 2.4 percentage point accuracy degradation under poisoning attacks compared to 6.7-7.0 points for baseline method, inference attack success near random guessing at 51.3%, and 92.4% successful aggregation under Byzantine adversaries.	10.1109/TNSM.2026.3667167
Can Wang, Run-Hua Shi, Jiang-Yuan Lian, Pei-Xuan Wang, Ze-Hui Jiang	Quantum-Enhanced Matching Mechanism for Secure and Efficient Power IoT Data Trading	2026	Early Access		The exponential growth of power IoT data has created immense potential for intelligent energy management, but it also presents critical challenges in achieving secure and efficient data trading. In particular, emerging data trading scenarios demand support for range nearest neighbor matching, which current schemes fail to address. This paper proposes a novel quantum trading matching scheme tailored for power data markets, which, for the first time, supports range nearest neighbor matching while balancing accuracy, efficiency, and privacy. To improve matching efficiency, we design a quantum private query (QPQ) mechanism based on a bidirectional sliding window (BSW), which replaces traditional linear search with dynamic range expansion. Furthermore, to ensure strong privacy and security in real-world scenarios, we develop a two-layer QPQ framework that performs data feature matching and identity retrieval separately, supported by a customized key distribution strategy. Our solution resists quantum attacks and significantly reduces computational overhead. At the same time, by utilizing non-ideal photon sources, it offers a practical and privacy-preserving solution for large-scale power data trading and matching.	10.1109/TNSM.2026.3667701
Pengcheng Guo, Zhi Lin, Haotong Cao, Yifu Sun, Kuljeet Kaur, Sherif Moussa	GAN-Empowered Parasitic Covert Communication: Data Privacy in Next-Generation Networks	2026	Early Access	Interference Generators Generative adversarial networks	The widespread integration of artificial intelligence (AI) in next-generation communication networks poses a serious threat to data privacy while achieving advanced signal processing. Eavesdroppers can use AI-based analysis to detect and reconstruct transmitted signals, leading to serious leakage of confidential information. In order to protect data privacy at the physical layer, we redefine covert communication as an active data protection mechanism. We propose a new parasitic covert communication framework in which communication signals are embedded into dynamically generated interference by generative adversarial networks (GANs). This method is implemented by our CDGUBSS (complex double generator unsupervised blind source separation) system. The system is explicitly designed to prevent unauthorized AI-based strategies from analyzing and compromising signals. For the intended recipient, the pretrained generator acts as a trusted key and can perfectly recover the original data. Extensive experiments have shown that our framework achieves powerful covert communication, and more importantly, it provides strong defense against data reconstruction attacks, ensuring excellent data privacy in next-generation wireless systems.	10.1109/TNSM.2026.3666669
Ahmad Y. Alhusenat, Lei Lei, Jinjin Tian, Lihong Zhu, Tong-Xing Zheng, Symeon Chatzinotas	Dynamic Parallel Task Offloading and Sustainable On-Board Computing for Delay-Energy Optimization LEO Networks	2026	Early Access	Satellites Low earth orbit satellites Delays	Task offloading among low-earth orbit (LEO) satellites with on-board computing (OBC) is important for real-time applications. However, OBC is constrained by the battery capacity of LEO, which fluctuates with orbital dynamics and available solar power. This paper addresses the problem of energy sustainability and timeliness in LEO-OBC systems by proposing a sustainable OBC-LEO framework that combines parallel offloading strategies with dynamic energy management. This problem is formulated as a Markov decision process aiming to minimize the overall delay while satisfying the LEO satellite energy constraints and achieving a high task success rate. To balance immediate computational demands and long-term energy stability, a Lyapunov optimization-based dynamic parallel offloading (LODPO) algorithm is designed to make decisions dynamically within each time slot, integrated with subtask allocation based on a low-cost (SABLC) algorithm that dynamically adjusts task allocations. Finally, simulation results demonstrate that the LODPO framework achieves a significant reduction in execution delay, incurring only 34.0% of the delay cost of binary offloading. Most critically, it ensures exceptional reliability, with a task drop rate that is only 8.5% of that seen in binary offloading and 12.0% of that in the DQN-based approach. This ensures high responsiveness and dependability for mission-critical, delay-sensitive applications.	10.1109/TNSM.2026.3665512
Jing Zhang, Chao Luo, Rui Shao	MTG-GAN: A Masked Temporal Graph Generative Adversarial Network for Cross-Domain System Log Anomaly Detection	2026	Early Access	Anomaly detection Adaptation models Generative adversarial networks	Anomaly detection of system logs is crucial for the service management of large-scale information systems. Nowadays, log anomaly detection faces two main challenges: 1) capturing evolving temporal dependencies between log events to adaptively tackle with emerging anomaly patterns, 2) and maintaining high detection capabilities across varies data distributions. Existing methods rely heavily on domain-specific data features, making it challenging to handle the heterogeneity and temporal dynamics of log data. This limitation restricts the deployment of anomaly detection systems in practical environments. In this article, a novel framework, Masked Temporal Graph Generative Adversarial Network (MTG-GAN), is proposed for both conventional and cross-domain log anomaly detection. The model enhances the detection capability for emerging abnormal patterns in system log data by introducing an adaptive masking mechanism that combines generative adversarial networks with graph contrastive learning. Additionally, MTG-GAN reduces dependency on specific data distribution and improves model generalization by using diffused graph adjacency information deriving from temporal relevance of event sequence, which can be conducive to improve cross-domain detection performance. Experimental results demonstrate that MTG-GAN outperforms existing methods on multiple real-world datasets in both conventional and cross-domain log anomaly detection.	10.1109/TNSM.2026.3654642
Fernando Martinez-Lopez, Lesther Santana, Mohamed Rahouti, Abdellah Chehri, Shawqi Al-Maliki, Gwanggil Jeon	Learning in Multiple Spaces: Prototypical Few-Shot Learning with Metric Fusion for Next-Generation Network Security	2026	Early Access	Measurement Prototypes Extraterrestrial measurements	As next-generation communication networks increasingly rely on AI-driven automation, ensuring robust and secure intrusion detection becomes critical, especially under limited labeled data. In this context, we introduce Multi-Space Prototypical Learning (MSPL), a few-shot intrusion detection framework that improves prototype-based classification by fusing complementary metric-induced spaces (Euclidean, Cosine, Chebyshev, and Wasserstein) via a constrained weighting mechanism. MSPL further enhances stability through Polyak-averaged prototype generation and balanced episodic training to mitigate class imbalance across diverse attack categories. In a few-shot setting with as few as 200 training samples, MSPL consistently outperforms single-metric baselines across three benchmarks: on CICEVSE Network2024, AUPRC improves from 0.3719 to 0.7324 and F1 increases from 0.4194 to 0.8502; on CICIDS2017, AUPRC improves from 0.4319 to 0.4799; and on CICIoV2024, AUPRC improves from 0.5881 to 0.6144. These results demonstrate that multi-space metric fusion yields more discriminative and robust representations for detecting rare and emerging attacks in intelligent network environments.	10.1109/TNSM.2026.3665647
Liang Kou, Xiaochen Pan, Guozhong Dong, Meiyu Wang, Chunyu Miao, Jilin Zhang, Pingxia Duan	Dynamic Adaptive Aggregation and Feature Pyramid Network Enhanced GraphSAGE for Advanced Persistent Threat Detection in Next-Generation Communication Networks	2026	Early Access	Feature extraction Adaptation models Computational modeling	Advanced Persistent Threats (APTs) pose severe challenges to Next-Generation Communication Networks (NGCNs) due to their stealthiness and NGCNs’ dynamic topology, while conventional GNN-based intrusion detection systems suffer from static aggregation and poor adaptability to unseen nodes. To address these issues, this paper proposes DAA-FPN-SAGE, a lightweight graph-based detection framework integrating Dynamic Adaptive Aggregation (DAA) and Multi-Scale Feature Pyramid Network (MSFPM). Leveraging GraphSAGE’s inductive learning capability, the framework effectively models unseen nodes or subgraphs and adapts to NGCN’s dynamic changes (e.g., elastic network slicing, online AI model updates)—a key advantage for handling NGCN’s real-time topological variations. The DAA module employs multi-hop attention to dynamically assign weights to neighbors at different hop distances, enhancing capture of hierarchical dependencies in multi-stage APT attack chains. The MSFPM module fuses local-global structural information via a gated feature selection mechanism, resolving dimensional inconsistency and enriching attack behavior representation. Extensive experiments on StreamSpot, Unicorn, and DARPA TC#3 datasets demonstrate superior performance, meeting detection requirements of large-scale NGCNs.	10.1109/TNSM.2026.3660650
Muhammad Fahimullah, Michel Kieffer, Sylvaine Kerboeuf, Shohreh Ahvar, Maria Trocan	Decentralized Coalition Formation of Infrastructure Providers for Resource Provisioning in Coverage Constrained Virtualized Mobile Networks	2026	Early Access	Indium phosphide III-V semiconductor materials Resource management	The concept of wireless virtualized networks enables Mobile Virtual Network Operators (MVNOs) to utilize resources made available by multiple Infrastructure Providers (InPs) to set up a service. Nevertheless, existing centralized resource provisioning approaches fail to address such a scenario due to conflicting objectives among InPs and their reluctance to share private information. This paper addresses the problem of resource provisioning from several InPs for services with geographic coverage constraints. When complete information is available, an Integer Linear Program (ILP) formulation is provided, along with a greedy solution. An alternative coalition formation approach is then proposed to build coalitions of InPs that satisfy the constraints imposed by an MVNO, while requiring only limited information sharing. The proposed solution adopts a hedonic game-theoretic approach to coalition formation. For each InP, the decision to join or leave a coalition is made in a decentralized manner, relying on the satisfaction of service requirements and on individual profit. Simulation results demonstrate the applicability and performance of the proposed solution.	10.1109/TNSM.2026.3663437
Adel Chehade, Edoardo Ragusa, Paolo Gastaldo, Rodolfo Zunino	Hardware-Aware Neural Architecture Search for Encrypted Traffic Classification on Resource-Constrained Devices	2026	Early Access	Accuracy Computational modeling Cryptography	This paper presents a hardware-efficient deep neural network (DNN), optimized through hardware-aware neural architecture search (HW-NAS); the DNN supports the classification of session-level encrypted traffic on resource-constrained Internet of Things (IoT) and edge devices. Thanks to HW-NAS, a 1D convolutional neural network (CNN) is tailored on the ISCX VPN-nonVPN dataset to meet strict memory and computational limits while achieving robust performance. The optimized model attains an accuracy of 96.60% with just 88.26K parameters, 10.08M floating-point operations (FLOPs), and a maximum tensor size of 20.12K. Compared to state-of-the-art (SOTA) models, it achieves reductions of up to 444-fold, 312-fold, and 15-fold in these metrics, respectively, significantly minimizing memory footprint and runtime requirements. The model also demonstrates versatility, achieving up to 99.86% across multiple VPN and traffic classification (TC) tasks; it further generalizes to external benchmarks with up to 99.98% accuracy on USTC-TFC and QUIC NetFlow. In addition, an in-depth approach to header-level preprocessing strategies confirms that the optimized model can provide notable performance across a wide range of configurations, even in scenarios with stricter privacy considerations. Likewise, a reduction in the length of sessions of up to 75% yields significant improvements in efficiency, while maintaining high accuracy with only a negligible drop of 1-2%. However, the importance of careful preprocessing and session length selection in the classification of raw traffic data is still present, as improper settings or aggressive reductions can bring about a 7% reduction in overall accuracy. The quantized architecture was deployed on STM32 microcontrollers and evaluated across input sizes; results confirm that the efficiency gains from shorter sessions translate to practical, low-latency embedded inference. These findings demonstrate the method’s practicality for encrypted traffic analysis in constrained IoT networks.	10.1109/TNSM.2026.3666676
Qichen Luo, Zhiyun Zhou, Ruisheng Shi, Lina Lan, Qingling Feng, Qifeng Luo, Di Ao	Revisit Fast Event Matching-Routing for High Volume Subscriptions	2026	Early Access	Real-time systems Vectors Search problems	Although many scalable event matching algorithms have been proposed to achieve scalability for publish/subscribe services, the content-based pub/sub system still suffer from performance deterioration when the system has large numbers of subscriptions, and cannot support the requirements of real-time pub/sub data services. In this paper, we model the event matching problem as an existence problem which only care about whether there is at least one matching subscription in the given subscription set, differing from existing works that try to speed up the time-consuming search operation to find all matching subscriptions. To solve this existence problem efficiently, we propose DLS (Discrete Label Set), a novel subscription and event representation model. Based on the DLS model, we propose an event matching algorithm with O(Nd) time complexity to support real-time event matching for a large volume of subscriptions and high event arrival speed, where Nd is the node degree in overlay network. Experimental results show that the event matching performance can be improved by several orders of magnitude compared with traditional algorithms.	10.1109/TNSM.2026.3664517
Jing Huang, Yabo Wang, Honggui Han	SCFusionLocator: A Statement-Level Smart Contract Vulnerability Localization Framework Based on Code Slicing and Multi-Modal Feature Fusion	2026	Early Access	Smart contracts Feature extraction Location awareness	Smart contract vulnerabilities have led to over $20 billion in losses, but existing methods suffer from coarse-grained detection, two-stage “detection-then-localization” pipelines, and insufficient feature extraction. This paper proposes SCFusionLocator, a statement-level vulnerability localization framework for smart contracts. It adopts a novel code-slicing mechanism (via function call graphs and data-flow graphs) to decompose contracts into single-function subcontracts and filter low-saliency statements, paired with source code normalization to reduce noise. A dual-branch architecture captures complementary features: the code-sequence branch uses GraphCodeBERT (with data-flow-aware masking) for semantic extraction, while the graph branch fuses call/control-flow/data-flow graphs into a heterogeneous graph and applies HGAT for structural modeling. SCFusionLocator enables end-to-end statement-level localization by framing tasks as statement classification.We release BJUT_SC02, a large dataset of over 240,000 contracts with line-level labels for 58 vulnerability types. Experiments on BJUT_SC02, SCD, and MANDO datasets show SCFusionLocator outperforms 8 conventional tools and nearly 20 ML baselines, achieving over 90% average F1 at the statement level, with better generalization to similar unknown vulnerabilities, and remains competitive in contract-level detection.	10.1109/TNSM.2026.3664599
Shiyu Yang, Qunyong Wu, Zhanchao Huang, Zihao Zhuo	SGA-Seq: Station-aware Graph Attention Sequence Network for Cellular Traffic Prediction	2026	Early Access	Adaptation models Predictive models Spatiotemporal phenomena	Cellular traffic prediction is crucial for optimizing network resources and enhancing service quality. Despite progress in existing traffic prediction methods, challenges remain in capturing periodic features, spatial heterogeneity, and abnormal signals. To address these challenges, we propose a Station-aware Graph Attention Sequence Network (SGA-Seq). The core idea is to achieve accurate cellular traffic prediction by adaptively modeling station-specific spatiotemporal patterns and effectively handling complex traffic dynamics. First, we introduce a learnable temporal embedding mechanism to capture temporal features across multiple scales. Second, we design a station-aware graph attention network to model complex spatial relationships across stations. Additionally, by progressively separating regular and abnormal signals layer by layer, we enhance the model’s robustness. Experimental results demonstrate that SGA-Seq outperforms existing methods on five diverse mobile network datasets spanning different scales, including cellular traffic, mobility flow, and communication datasets. Notably, on the V-GCT dataset, our method achieves an 8.04% improvement in Root Mean Squared Error compared to the Spatiotemporal-aware Trend-Seasonality Decomposition Network. The code of SGA-Seq is available at https://github.com/OvOYu/SGA-Seq.	10.1109/TNSM.2026.3664401
Tuan-Vu Truong, Van-Dinh Nguyen, Quang-Trung Luu, Phi-Son Vo, Xuan-Phu Nguyen, Fatemeh Kavehmadavani, Symeon Chatzinotas	Accelerating Resource Allocation in Open RAN Slicing via Deep Reinforcement Learning	2026	Early Access	Resource management Open RAN Ultra reliable low latency communication	The transition to beyond-fifth-generation (B5G) wireless systems has revolutionized cellular networks, driving unprecedented demand for high-bandwidth, ultra low-latency, and massive connectivity services. The open radio access network (Open RAN) and network slicing provide B5G with greater flexibility and efficiency by enabling tailored virtual networks on shared infrastructure. However, managing resource allocation in these frameworks has become increasingly complex. This paper addresses the challenge of optimizing resource allocation across virtual network functions (VNFs) and network slices, aiming to maximize the total reward for admitted slices while minimizing associated costs. By adhering to the Open RAN architecture, we decompose the formulated problem into two subproblems solved at different timescales. Initially, the successive convex approximation (SCA) method is employed to achieve at least a locally optimal solution. To handle the high complexity of binary variables and adapt to time-varying network conditions, traffic patterns, and service demands, we propose a deep reinforcement learning (DRL) approach for real-time and autonomous optimization of resource allocation. Extensive simulations demonstrate that the DRL framework quickly adapts to evolving network environments, significantly improving slicing performance. The results highlight DRL’s potential to enhance resource allocation in future wireless networks, paving the way for smarter, self-optimizing systems capable of meeting the diverse requirements of modern communication services.	10.1109/TNSM.2026.3665553
Jiazhong Lu, Jimin Peng, Jian Shu, Jiali Yin, Xiaolei Liu	Adversarial Sample Based on Structured Fusion Noise for Botnet Detection in Industrial Control Systems	2026	Early Access	Botnet Industrial control Feature extraction	The industrial control system’s artificial intelligence-based botnet intrusion detection system has a high detection performance and efficiency in an environment without interference. However, these systems are not immune to evasion through adversarial samples. In this study, we introduce a feature extraction technique tailored for ICS botnet detection. This approach classifies traffic packets based on network traffic attributes and ICS-specific identification codes, encompassing the statuses of ICS devices, enhancing detection precision. Meanwhile, this strategy addresses challenges in ICS data collection and bolsters experimental efficacy. To build a comprehensive botnet intrusion dataset within an ICS, we concurrently utilized existing ICS devices to collect both standard ICS and botnet traffic. Additionally, we present an innovative adversarial sample generation method for botnet detection models, integrating both time-domain and frequency-domain noise. Testing under three real-world ICS attack scenarios revealed our technique can markedly degrade the classification performance of eight leading AI-based detection models, emphasizing its potential for evading AI-based ICS intrusion detectors.	10.1109/TNSM.2026.3665504
Aditya Pathak, Irfan Al-Anbagi, Howard J. Hamilton	An Early Conflict Resolution Mechanism for Blockchain-Based Delay-Sensitive IoT Networks	2026	Early Access	Internet of Things Blockchains Parallel processing	Blockchain technology, particularly Hyperledger Fabric (HLF), has emerged as a promising solution to enhance security and privacy in various domains, including Internet of Things (IoT) networks. Conflicting transactions in a HLF-based IoT network occur when multiple transactions attempt to modify the same asset or data concurrently. Conflicting transactions can lead to data inconsistencies, because the network may be unable to determine the correct order or the most preferred valid transaction. Existing conflict resolution mechanisms in HLF-based IoT networks often introduce considerable transaction latency, detect and resolve conflicting transactions in the late stages of the transaction lifecycle (ordering and validation), or require significant changes to the underlying HLF blockchain platform. To overcome these limitations, we propose an Early Conflict Resolution (ECR) mechanism that detects and resolves conflicts during the endorsement stage. The ECR mechanism uses a local cache (Sync.Map) and a dependency graph to efficiently detect conflicts by analyzing the Read-Sets (RS) and Write-Sets (WS) of transactions. ECR resolves conflicts in the detected conflicting transactions through transaction reordering or sequential processing. It also executes non-conflicting transactions in parallel to speed their processing. Our results show that the ECR mechanism improves transaction latency and the success rate for varying conflict rates, block sizes, and IoT devices compared to existing mechanisms.	10.1109/TNSM.2026.3667085
Rui Huang, Qingling Li, Liangru Xie, Fei Shang	Dynamic Migration in Digital Twin-Enabled Industrial Internet: A Stochastic Network Calculus Approach	2026	Early Access	Delays Stability analysis Real-time systems	Digital Twin (DT) technology serves as a critical enabler in Cyber-Physical-Social Systems (CPSS), especially within Industry 5.0’s human-centric manufacturing paradigm. However, the computational intensity of processing real-time data in DT systems often leads to resource saturation and performance degradation at computation nodes. Dynamic service migration of digital twins by offloading computation-intensive tasks to resource-rich nodes to offer a promising solution, yet introduces challenges in preserving service quality during migration. Key issues include high delay, data inconsistency, service interruptions, and limited bandwidth compromising system stability. To address these challenges, this paper proposes a dynamic migration scheduling strategy for digital twins based on a Lyapunov optimization framework. Our approach integrates Stochastic Network Calculus (SNC) for Quality of Service (QoS) quantification and a persistent queue mechanism for reliability assurance. Theoretical analysis and extensive simulations demonstrate that the proposed algorithm achieves near-optimal performance with provable bounds, effectively minimizing migration-induced delay while maintaining service reliability. The results confirm that our framework consistently outperforms existing solutions in managing service migration within industrial internet systems.	10.1109/TNSM.2026.3665033