TNSM Searchable Index

Author(s)	Title	Year	Publication	Keywords
Xinshuo Wang, Baihua Chen, Lei Liu, Yifei Li	Pisces: Fast Loss Recovery for Multipath Transmission in RDMA	2026	Early Access	Payloads Military aircraft Space technology	Conventional Remote Direct Memory Access (RDMA) relies on Priority Flow Control (PFC) to operate on lossless networks. However, as data centers scale, PFC’s drawbacks, such as head-of-line blocking and congestion spreading become increasingly problematic. This study proposes Pisces, a fast packet loss recovery scheme that leverages terminal–network collaboration. Instead of targeting lossless RDMA networks, Pisces enables high-throughput RDMA by efficiently handling loss recovery. To address the inefficient retransmission problems of PFC+Go-Back-N and the challenges of configuring appropriate timeouts for Selective Repeat (SR) in multipath transmission scenarios, Pisces implements Quick Drop Notification (QDN) of packet loss on switches, avoiding bandwidth waste and timeouts. In addition, Pisces RDMA NICs feature on-chip packet buffers to cache in-flight packets, supporting the scalability demands of RDMA in modern data centers. Upon receiving a QDN, lost packets are quickly retrieved from the buffer for retransmission, significantly improving retransmission efficiency and reducing PCIe bandwidth waste caused by cache replacements. This study overcame numerous challenges to implement Pisces prototype, which demonstrated excellent performance. Testbed experiments show that Pisces improves the 99th-percentile FCT by 130×compared to Mellanox CX-6. Large-scale simulations demonstrate that Pisces achieves a maximum reduction of 82.8% in the 99.9th-percentile FCT compared to SR and other state-of-the-art technologies.	10.1109/TNSM.2026.3688038
Wangqing Luo, Jinbin Hu, Hua Sun, Pradip Kumar Sharma, Jin Wang	SALB: Security-Aware Load Balancing for Large Language Model Training in Datacenter Networks	2026	Early Access	Training Load management Packet loss	To meet the massive compute and high-speed communication demands of Large Language Model (LLM) training, modern datacenters typically adopt multipath topologies such as Fat-Tree and Clos to host parallel jobs across hundreds to thousands of GPUs. However, LLM training exhibits periodic, high-bandwidth communication patterns. Existing load-balancing schemes become misaligned under dynamic congestion and anomalous surges: they struggle to promptly mitigate iteration-peak congestion and lack effective isolation of anomalous traffic. To address this, we propose Security-Aware Load Balancing (SALB) for LLM training. SALB leverages a Deep Reinforcement Learning (DRL) controller with queue and delay signals for packet-level multipath load balancing and employs path binding to confine suspicious flows. By integrating data security into load balancing, SALB simultaneously achieves high throughput and robust traffic isolation. NS-3 simulation results show that, compared with CONGA, Hermes, and ConWeave, SALB reduces the 99th-percentile flow completion time (FCT) of short flows by an average of 65% and increases the throughput of long flows by an average of 54%. It further outperforms the baselines in aggregate throughput, path utilization, and packet loss rate, thereby significantly enhancing system stability, robustness, and data security.	10.1109/TNSM.2026.3678979
Jing Zhang, Chao Luo, Rui Shao	MTG-GAN: A Masked Temporal Graph Generative Adversarial Network for Cross-Domain System Log Anomaly Detection	2026	Early Access	Anomaly detection Adaptation models Generative adversarial networks	Anomaly detection of system logs is crucial for the service management of large-scale information systems. Nowadays, log anomaly detection faces two main challenges: 1) capturing evolving temporal dependencies between log events to adaptively tackle with emerging anomaly patterns, 2) and maintaining high detection capabilities across varies data distributions. Existing methods rely heavily on domain-specific data features, making it challenging to handle the heterogeneity and temporal dynamics of log data. This limitation restricts the deployment of anomaly detection systems in practical environments. In this article, a novel framework, Masked Temporal Graph Generative Adversarial Network (MTG-GAN), is proposed for both conventional and cross-domain log anomaly detection. The model enhances the detection capability for emerging abnormal patterns in system log data by introducing an adaptive masking mechanism that combines generative adversarial networks with graph contrastive learning. Additionally, MTG-GAN reduces dependency on specific data distribution and improves model generalization by using diffused graph adjacency information deriving from temporal relevance of event sequence, which can be conducive to improve cross-domain detection performance. Experimental results demonstrate that MTG-GAN outperforms existing methods on multiple real-world datasets in both conventional and cross-domain log anomaly detection.	10.1109/TNSM.2026.3654642
Arad Kotzer, Tom Azoulay, Yoad Abels, Aviv Yaish, Ori Rottenstreich	SoK: DeFi Lending and Yield Aggregation Protocol Taxonomy, Empirical Measurements, and Security Challenges	2026	Early Access	Filtering Application specific integrated circuits Filters	Decentralized Finance (DeFi) lending protocols implement programmable credit markets without intermediaries. This paper systematizes the DeFi lending ecosystem, spanning collateralized lending (including over- and under- collateralized designs, and zero-liquidation loans), uncollateralized primitives (e.g., flashloans), and yield aggregation protocols which allocate capital across underlying lending platforms. Beyond a taxonomy of mechanisms and comparing protocols, we provide empirical on-chain measurements of lending activity and user behavior, using Compound V2 and AAVE V2 as case studies, and connect empirical observations to protocol design choices (e.g., interestrate models and liquidation incentives). We then characterize vulnerabilities that arise due to notable designs, focusing on interestrate setting mechanisms and time-measurement approaches. Finally, we outline open questions at the intersection of mechanism design, empirical measurement and security for future research.	10.1109/TNSM.2026.3682174
Deemah H. Tashman, Soumaya Cherkaoui	Trustworthy AI-Driven Dynamic Hybrid RIS: Joint Optimization and Reward Poisoning-Resilient Control in Cognitive MISO Networks	2026	Early Access	Reconfigurable intelligent surfaces Reliability Optimization	Cognitive radio networks (CRNs) are a key mechanism for alleviating spectrum scarcity by enabling secondary users (SUs) to opportunistically access licensed frequency bands without harmful interference to primary users (PUs). To address unreliable direct SU links and energy constraints common in next-generation wireless networks, this work introduces an adaptive, energy-aware hybrid reconfigurable intelligent surface (RIS) for underlay multiple-input single-output (MISO) CRNs. Distinct from prior approaches relying on static RIS architectures, our proposed RIS dynamically alternates between passive and active operation modes in real time according to harvested energy availability. We also model our scenario under practical hardware impairments and cascaded fading channels. We formulate and solve a joint transmit beamforming and RIS phase optimization problem via the soft actor-critic (SAC) deep reinforcement learning (DRL) method, leveraging its robustness in continuous and highly dynamic environments. Notably, we conduct the first systematic study of reward poisoning attacks on DRL agents in RIS-enhanced CRNs, and propose a lightweight, real-time defense based on reward clipping and statistical anomaly filtering. Numerical results demonstrate that the SAC-based approach consistently outperforms established DRL base-lines, and that the dynamic hybrid RIS strikes a superior trade-off between throughput and energy consumption compared to fully passive and fully active alternatives. We further show the effectiveness of our defense in maintaining SU performance even under adversarial conditions. Our results advance the practical and secure deployment of RIS-assisted CRNs, and highlight crucial design insights for energy-constrained wireless systems.	10.1109/TNSM.2026.3660728
Jayasree Sengupta, Mike Kosek, Justus Fries, Veronika Kitsul, Vaibhav Bajpai	A Long-term View of DNS over QUIC Adoption and its Performance Impact on YouTube Streaming	2026	Early Access		YouTube contributes the largest share of global video traffic on the Internet, making it an important use case for understanding the impact of evolving DNS protocol choices on video streaming performance. Although traditional DNS over UDP (DoUDP) offers low latency, it lacks modern transport features. Encrypted DNS protocols such as DNS over TLS (DoT) and DNS over HTTPS (DoH) improve protocol robustness but suffer from higher latency due to their underlying transport and encryption protocols with multi-RTT handshakes. However, recently standardized DNS over QUIC (DoQ) aims to combine the best of both worlds by leveraging the transport efficiency of QUIC while ensuring DNS privacy. In this paper, we present the first comprehensive long-term measurement study of DoQ adoption and evaluate its performance implications for YouTube video streaming. We collect data through weekly scans of the IPv4 address space over a two-year period to assess the adoption of the protocol. Our results show that DoQ adoption by public DNS resolvers has steadily increased and plateaued over 25 months. Using seven globally distributed vantage points, our video performance measurements shows that DoQ’s DNS lookup time increases by only 1.5% in the median while video startup delay increases by less than 1% compared to DoUDP. In particular, in about 40% of the cases, DoQ yields faster video startup times than DoUDP. These findings position DoQ as a technically efficient DNS protocol, well suited for modern, high-demand performance-sensitive applications such as video streaming.	10.1109/TNSM.2026.3688441
Songshou Dong, Yanqing Yao, Huaxiong Wang, Yining Li	LCMS: Efficient Lattice-based Conditional Privacy-preserving Multi-receiver Signcryption Scheme for Internet of Vehicles	2026	Early Access		Internet of Vehicles (IoV) requires robust security and privacy protection mechanisms to enable trusted traffic information exchange, while also requiring low communication and low computing overhead to meet the real-time requirements of IoV. Existing signcryption schemes suffer from quantum vulnerability, inadequate unlinkability/vehicle anonymity, absence of revocability, poor scalability, inadequate management of malicious entities, and high communication and computational overhead. So we propose an efficient lattice-based conditional privacy-preserving multi-receiver signcryption scheme (LCMS) that systematically addresses these gaps through three core innovations: 1) Privacy preservation is achieved via a pseudonym mechanism integrated with certificateless key generation, which ensures vehicle anonymity and weak unlinkability while preventing malicious key generation center and key escrow; 2) Malicious entity management through dynamic revocability and distributed decryption among roadside units, preventing unilateral message access; and 3) Post-quantum efficiency is achieved by leveraging the Learning With Rounding problem to eliminate expensive Gaussian sampling, combined with ciphertext packing techniques. This reduces time overhead, the size of signcryptexts, and communication overhead, while lowering the overall storage overhead of the scheme through the MP12 trapdoor. Security proofs show LCMS achieves Existential Unforgeability under Adaptive Identity Chosen-Message Attack and Indistinguishability under Adaptive Identity Chosen-Ciphertext Attack in the Random Oracle Model, with rigorously validated resistance against multiple IoV-specific attacks. Experimental results via SageMath implementation demonstrate that our scheme exhibits a smaller signcryptext size and lower signcryption/unsigncryption time compared to existing random lattice-based signcryption schemes. Scalability tests with 300 vehicles and 300 roadside units (RSUs) were completed within 230 seconds. Communication overhead analysis confirms practical feasibility for IEEE 802.11p vehicle communication protocol, and RSU serving capability evaluation under realistic vehicle density (100–200/k m2) and speed (40–60 km/h) further validates system practicality. LCMS provides a quantum-resistant, privacy-preserving, and efficient solution for production IoV.	10.1109/TNSM.2026.3688507
Md Arif Hassan, Bui Duc Manh, Cong T. Nguyen, Chi-Hieu Nguyen, Dinh Thai Hoang, Diep N. Nguyen, Nguyen Van Huynh, Dusit Niyato	SBW 3.0: A Blockchain-Enabled Framework for Secure and Efficient Information Management in Web 3.0	2026	Early Access	Jamming Protocols Semantic Web	In this paper, we propose an effective blockchain-enabled information management framework, named Smart Blockchain-based Web 3.0 (SBW 3.0). Our framework aims to handle information within Web 3.0 efficiently, enhance data security and privacy, create new revenue streams, and encourage users to contribute valuable information to websites. To this end, SBW 3.0 employs blockchain technology and smart contracts to manage the decentralized data collection in Web 3.0. Moreover, we introduce a robust consensus mechanism grounded in Delegated Proof-of-Stake (DPoS) to reward user contributions. Furthermore, we develop a non-cooperative game model to examine user behavior in this context and conduct thorough analysis to prove the uniqueness of the Nash equilibrium in our proposed system. Through simulations, we evaluate the performance of SBW 3.0 and analyze the effects of various critical parameters on information contribution. Our results validate the theoretical analysis, showing that the proposed consensus mechanism successfully encourages nodes and users to provide more information, thus overcoming the current limitations of Web 3.0 regarding data decentralization and management.	10.1109/TNSM.2026.3683881
Abdeltif Azzizi, Mohamad Al Adraa, Chadi Assi, Michael Y. Frankel, Vladimir Pelekhaty	Experimental Topological Analysis in Next-Generation Data Center Networks: STRAT and Clos Topologies	2026	Early Access	Telemetry Aerospace and electronic systems Payloads	This paper presents an experimental and simulationbased evaluation of two data center network (DCN) topologies: the widely adopted hierarchical Clos architecture and STRAT, a flat, expander-based topology designed around passive optical interconnects. While Clos offers proven scalability and performance, it incurs hardware complexity and suffers from congestion in oversubscribed scenarios. STRAT eliminates aggregation and spine layers entirely—using only Top-of-Rack (ToR) switches interconnected via static optical patch panels—to reduce cost, simplify deployment, and enhance path diversity. Our goal is to assess these topologies based on their inherent architectural properties—namely throughput, congestion resilience, scalability, and cost—without relying on congestion control protocols or centralized traffic engineering. To this end, we adopt simple forwarding schemes based purely on local information: ECMP for Clos, and ECMP with Dynamic Group Multipath (DGM) for STRAT. We evaluate both topologies on a physical testbed built from commercial Ethernet switches and further validate scalability through packet-level simulations of networks with up to 256 switches and 1,024 hosts using OMNeT++. We also introduce DEALER, a lightweight routing algorithm tailored to STRAT’s topology, and evaluate its effectiveness in dynamic conditions. Our results show that STRAT achieves up to 43% higher throughput and requires approximately 40% fewer switches than a comparable Clos topology. These gains are further supported by Load Area Under Curve (LAUC) analysis and congestion hotspot visualizations. Overall, our study highlights STRAT as a compelling and practical alternative to conventional DCN architectures, offering deployable scalability, improved performance under load, and reduced infrastructure cost.	10.1109/TNSM.2026.3685175
Guisong Yang, Yechao Huang, Panxing Huang, Xingyu He	A Distributed SDN Controller-Based Computing Framework for Effective in-orbit Computing	2026	Early Access	Low earth orbit satellites Artificial satellites Aerospace and electronic systems	The rapid development of Low Earth Orbit (LEO) satellite networks has made in-orbit computing more feasible, offering a solution for processing real-time, diverse user tasks. Compared with traditional cloud computing in ground cloud computing center, directly computing on the LEO satellite can significantly reduce task-processing delay. However, challenges remain, including the limited sensing and computing capabilities of satellites, high delays in processing task requests, and frequent switching of control domains due to the relative movement between LEO satellites and nodes in other orbits. To address these challenges and improve task management, computing is treated as a Virtual Network Function (VNF), managed by Software-Defined Networking (SDN) controllers. This paper proposes a distributed SDN controller-based computing framework, where task information is forwarded to SDN controllers, which then use a task scheduling strategy to allocate tasks to suitable computing nodes for processing. To support the implementation of this framework, we first propose a heuristic SDN controller placement strategy that uses a tiling method to divide the LEO satellite network into SDN control domains and places the controller at the midpoint of each domain Then, we propose a Double Deep Q-Network (DDQN) algorithm for in-orbit task scheduling, which adaptively optimizes task scheduling strategy to minimize task-processing delay and ensure a high task completion rate. Finally, Simulations are conducted in two parts to evaluate the framework. The first part validates the DDQN-based task scheduling strategy, achieving significant reductions in task-processing delay and improved task completion rates compared to conventional strategies. The second part assesses the impact of SDN control domain shape and size on task-processing delay, confirming domain size as the dominant factor influencing delay.	10.1109/TNSM.2026.3685308
Yu Gu, Le Zhang, Yunyi Zhang, Ye Du	SatFedGuard: Semi-Supervised Federated Contrastive Learning with RL-Assisted Bidirectional Distillation for Anomaly Traffic Detection in Satellite Networks	2026	Early Access	Low earth orbit satellites Artificial satellites Payloads	Federated learning-based intrusion detection methods for satellite networks enable model training without sharing local data, thereby ensuring network security while significantly reducing communication overhead. However, due to the difficulty of obtaining large-scale high-quality labeled data in satellite environments, a key challenge lies in how to train intrusion detection models using abundant unlabeled traffic data. We propose SatFedGuard, a semi-supervised federated contrastive learning approach for anomaly traffic detection in satellite networks. SatFedGuard effectively integrates unlabeled in-orbit data with labeled data from ground stations for model training. First, it models the unlabeled satellite traffic data using a contrastive learning framework. To address the challenge of non-IID data distribution, an attention-based dual-path aggregation strategy is designed to generate personalized models for each satellite by leveraging model similarities. Then, a bidirectional multi-granularity distillation method between larger and smaller models is implemented, where reinforcement learning is employed to optimize the weights of different loss terms dynamically. Experiments on two satellite network traffic datasets under non-IID settings demonstrate that the proposed method significantly improves anomaly detection performance while reducing dependence on in-orbit labeled data, achieving F1-Scores of 93.38% (↑11.63%) and 99.80% (↑8.72%), respectively.	10.1109/TNSM.2026.3685416
Shahid Mahmood, Moneeb Gohar, Seok Joo Koh	Globally Integrated Trust Authority (GITA) for Resource-Constrained Edge Devices in IoT and 6G	2026	Early Access	Payloads Filtering Central Processing Unit	The rapid growth of the Internet and the increasing number of edge devices have expanded the cyber-attack surface at the edge layer. Hackers exploit vulnerabilities at various levels of a network by either directly connecting to it or accessing it over the Internet. In both scenarios, edge devices remain a primary target due to their widespread use, limited resources and critical impact. Therefore, securing edge devices is essential to counter both local and global cyber threats. Trust is a key factor in determining the level of protection required for edge devices. It can be used to assess the reliability of other devices before offering or requesting services. Since edge devices are often globally interconnected, trust levels should be verifiable across the Internet and intranet. In this paper, we propose the Globally Integrated Trust Authority (GITA), a framework that distributes verifiable trust values across networks and the Internet while minimizing communication overhead. Experimental results demonstrate that GITA improves the efficiency of trust value distribution and verification among nodes compared to digital certificates, while maintaining the same level of protection.. This approach enables effective identification of malicious and benign nodes, enhancing the precision of malicious node detection locally and globally.	10.1109/TNSM.2026.3687967
Henghua Zhang, Jue Chen, Yuhang Wu, Yujie Xiong	TT-INT: A Time-Threshold-based Lightweight In-Band Network Telemetry Scheme for P4-Enabled Programmable Networks	2026	Early Access	Telemetry Aerospace and electronic systems Payloads	In-band Network Telemetry (INT) has emerged as a promising solution for fine-grained, real-time monitoring in programmable data planes. However, existing INT approaches often incur excessive overhead due to per-hop metadata accumulation or lack fine-grained control over telemetry frequency. This paper presents TT-INT, a lightweight INT framework designed for P4-enabled networks, which introduces a time-threshold-based mechanism to regulate telemetry insertion dynamically. Each switch enforces local constraints based on per-flow time intervals and metadata capacity, enabling reduced overhead while preserving path visibility without requiring global coordination or clock synchronization. Additionally, TT-INT supports a two-window byte-level anomaly detector and a controller-driven adjustment mechanism for further extensibility. Experiments on a real-world-derived backbone topology demonstrate that TT-INT reduces the average per-packet telemetry overhead to as low as 3.4 bytes under the 100 ms/5v configuration at 300 pps, achieving a 97.1% reduction compared to P4-INT under the same traffic rate. Compared to DLINT-5v and PLINT-5v (fixed at 20 and 26 bytes per packet, respectively), TT-INT-5v-100ms achieves up to 83.0% and 86.9% lower overhead. It also reaches a maximum path update detection rate of 97.9% (under the 50 ms configuration) and a minimum detection delay of 0.2 s, confirming TT-INT’s effectiveness in balancing overhead, responsiveness, and monitoring fidelity under high-throughput conditions. In addition, TT-INT improves TCP throughput by 22.9% relative to P4-INT in a BMv2-based environment, further highlighting its efficiency in resource-constrained data plane settings.	10.1109/TNSM.2026.3688086
Yuxuan Chen, Yuhao Xie, Zhen Zhang, Zhenyu He, Yuhui Deng, Shenlong Zheng, Dongjiong Zhu, Lin Cui	PMPHD: A High Performance Virtual Machine consolidation Strategy Based on Dynamic Threshold Adjustment	2026	Early Access	Central Processing Unit Filtering Filters	Virtual machine (VM) consolidation strategies are widely deployed in Cloud Data Centers (CDCs) to optimize resource utilization and improve the Quality of Service (QoS). However, the host overload detection algorithms in current VM consolidation strategies are static. That means, once the overload threshold is calculated, it will not change until the next recalculation. The current algorithms are not suitable for the environment of highly dynamic workloads which results in additional energy consumption and potential Service Level Agreement Violations (SLAVs) which will affect the QoS of CDC. In PMPHD, a novel host dynamic threshold adjustment algorithm is proposed. In the proposed algorithm, the PMs are classified into mildly overloaded, normal, and severely overloaded based on the resource utilization. If the PM is predicted to be severely overloaded in the next moment, the threshold of this PM will be proactively reduced. The PM is determined to be overloaded, and some VMs in this PM will be migrated in advance. Thus, this PM will be in normal in the next moment, and the VM performance degradation resulting from SLAV and VM migration overlap in the next moment will be avoided. If the PM is predicted to be mildly overloaded, the threshold will be appropriately increased to transit it to be in normal state in the next moment, and the VM in the PM will not be migrated. Since the PMs’ workloads are dynamic, the PMPHD overload algorithm predicts the resource utilization rate of PM continuously, and adjusts the overload threshold of PM. Compared with other algorithms, PMPHD maintains high efficiency while having lower ESV (a combination metric for balancing energy consumption and SLAV).	10.1109/TNSM.2026.3687892
Qian Guo, Chunyu Zhang, Xue Xiao, Min Zhang, Zhuo Liu, Danshi Wang	Knowledge-Distilled Time-Series LLM for General Performance Parameter Prediction in Optical Transport Networks	2026	Early Access	Optical fibers Optical waveguides Feeds	In optical transport networks (OTNs), proactive and accurate prediction of key performance parameters plays a crucial role in identifying potential failure of OTN equipment and guiding timely operational interventions, reducing downtime and improving overall system performance. However, the performance parameters in OTNs are complex and diverse. The reliance of existing models structure design on specific configurations limits generalizability across diverse equipment types. Moreover, the high computational resource consumption and memory footprints of these models may lead to inefficiency while hindering practical application and large-scale deployment. To address these challenges, this paper presents a general model, KD-TimeLLM, a cross-application of TimeLLM into OTN failure management, for performance parameter prediction of multiple equipment types in OTNs. By learning from its teacher model TimeLLM via a knowledge distillation strategy, KD-TimeLLM can achieve generalizability in performance parameter prediction while enhancing efficiency. We conducted evaluations across multiple metrics using data sets from different operators and various board types. Results show that KD-TimeLLM outperforms other models in predictive effects including the lowest MSE and MAE across all types of board data along with a scaled_RMSE value below 0.5, the varying number of performance parameters, and zero-shot prediction capability, highlighting its generalizability. Moreover, compared to its teacher model, KD-TimeLLM achieves comparable predictive effects with a significant reduction 99.99% in model parameters and an average reduction of 99.23% in inference time across eight different types of board data. Furthermore, compared to a multiple-model system, total inference time and memory footprint of KD-TimeLLM decreased by 94.79% and 89.65%, highlighting its effectiveness and efficiency.	10.1109/TNSM.2026.3686811
Muhammad Ahsan, Thang X. Vu, Ilora Maity, Symeon Chatzinotas	VNF Mapping and Selective Handover for eMBB and mMTC Services in a LEO Satellite Network	2026	Early Access	Low earth orbit satellites Artificial satellites Aerospace and electronic systems	The integrated satellite-terrestrial networks (STNs) aim to provide global connectivity and support heterogeneous services, including enhanced mobile broadband (eMBB) and massive machine-type communication (mMTC). Each service request requires a series of virtual network functions (VNFs) to be deployed consecutively. The VNFs are mapped on nodes that constitute a path where a request is mapped. Provisioning multiple slices through satellite networks is challenging due to limited storage and computation resources. In addition, there are dynamic changes in the satellite positions that cause frequent variations in the topology. For requests lasting more than one time frame, a handover can be performed at the beginning of the next time frame. Handover implies overall reconfiguration, which induces significant computation costs in satellite networks. Therefore, in this article, we propose a path and VNF mapping strategy with selective handover while considering dynamic changes in the satellite topology and the limitation of available resources. We formulate a mathematical model based on Binary Integer Linear Programming (BILP), aiming to maximize the served requests. To reduce the time complexity of the model, we solve it using an iterative algorithm based on successive convex approximation (SCA). We refine the solution of the SCA after binary recovery using VNF and path mapping algorithm. For the mapped multi-frame requests in the current time frame, the resources are reserved in the nodes and links for the next time frame if the current routing path is available for the remaining duration of the request. The simulation results certify the performance of the proposed technique with a significant improvement in the served request percentage compared to previous works in the literature, while also reducing the number of handovers.	10.1109/TNSM.2026.3687390
Xiaoyong Zhang, Wei Yue, Lei Zhu	Countermeasure Design for Large-Scale UAV Swarm Based on Splitting Attack	2026	Early Access	Jamming Weapons Electronic warfare	To counteract the invasion of a large-scale Unmanned Aerial Vehicle (UAV) swarm, this paper proposes an attack strategy for effectively splitting the UAV swarm. This attack strategic approach aims to split the UAV swarm into multiple independent fragment networks and then destroy only a limited number of critical UAVs from the independent networks, which is expected to disrupt the entire UAV swarm's global communication and cooperation capabilities. Firstly, the countermeasure principle of UAV swarm splitting is given, followed by the proposal of a novel metric method to assess the connectivity and communication rate of either the entire network or its fragmented networks. Secondly, a Non-convex Mixed-integer Quadratic Programming (NMIQP) model is developed that aims to simultaneously minimize pair-to-pair connectivity between network nodes and decentralize the entire network. Then, to achieve efficient splitting, a Critical Node Search Algorithm (CNSA) with fast and high-level optimization capability is proposed, which is a mixture of the Ant Colony Accumulation Algorithm (ACAA) and the Improved Genetic Algorithm (IGA). ACAA identifies nodes with high connectivity in the network by planning global routes, while IGA is utilized to solve the corresponding optimization problem. Finally, simulations confirm the effectiveness and superiority of the proposed strategy.	10.1109/TNSM.2026.3687655
Yang Liu, Wenjun Zhu, Harry Chang, Yang Hong, Geoff Langdale, Kun Qiu, Jin Zhao	Hyperflex: A SIMD-Based DFA Model for Deep Packet Inspection	2026	Vol. 23, Issue	Single instruction multiple data Vectors Engines	Deep Packet Inspection (DPI) has been extensively employed for network security. It examines traffic payloads by searching for regular expressions (regex) with the Deterministic Finite Automaton (DFA) model. However, as the network bandwidth and ruleset size are increasing rapidly, the conventional DFA model has emerged as a significant performance bottleneck of DPI. Leveraging the Single-Instruction-Multiple-Data (SIMD) instruction to perform state transitions can substantially boost the efficiency of the DFA model. In this paper, we propose Hyperflex, a novel SIMD-based DFA model designed for high-performance regex matching. Hyperflex incorporates a region detection algorithm to identify regions suitable for acceleration by SIMD instructions across the whole DFA graph. Also, we design a hybrid state transition algorithm that enables state transition in both SIMD-accelerated and normal regions, and ensures seamless state transition across the two types of regions. We have implemented Hyperflex on the commodity CPU and evaluated it with real network traffic and DPI regexes. Our evaluation results indicate that Hyperflex reaches a throughput of 8.89Gbit/s, representing an improvement of up to 2.27 times over Mcclellan, the default DFA model of the prominent multi-pattern regex matching engine Hyperscan. As a result, Hyperflex has been successfully deployed in Hyperscan, significantly enhancing its performance.	10.1109/TNSM.2025.3636946
Qiang Zou, Yuhui Deng, Yifeng Zhu, Yi Zhou, Jianghe Cai, Shuibing He, Lina Ge	Analyzing Request Volatility in Cloud-Based Machine Learning: Insights From Alibaba’s Machine Learning as a Service Platform	2026	Vol. 23, Issue	Machine learning Training Correlation	With advancements in machine learning (ML) technology and the deployment of large ML-as-a-Service (MLaaS) clouds, accurately understanding request behaviors in an MLaaS cloud platform is paramount for resource scheduling and optimization. This paper sheds light on the correlation of request arrivals in a representative and dynamic MLaaS workload – Alibaba PAI (an ML platform for artificial intelligence). For requests in the PAI workloads at the job, task, instance, and machine levels, our burstiness diagnosis reveals that the request arrival processes at all levels are significantly bursty. Additionally, our Gaussianity test indicates that the bursty activities in PAI consistently appear to be non-Gaussian. Our findings show that there exists a certain degree of correlation between request arrivals at each level over long-term time scales. Moreover, we reveal the self-similar nature of request activities in the various-level wild MLaaS workloads on Alibaba PAI through visual evidence, the auto-correlation structure of the aggregated process of request sequences, and Hurst parameter estimates. Furthermore, we implement a versatile workload synthetic model to synthesize request series based on the inputs measured from the PAI trace. Experimental results demonstrate that our model outperforms typical self-similar workload models, and can improve accuracy by up to 99% compared to them.	10.1109/TNSM.2025.3640771
Xi Xu, Yang Yang, Wei Huang, Songtao Guo, Guiyan Liu	VNF-FG Placement and Admission Control in SDN and NFV-Enabled IoT Networks: A Hierarchical Deep Reinforcement Learning Method	2026	Vol. 23, Issue	Admission control Feature extraction Virtual links	Software Defined Networking (SDN) and Network Function Virtualization (NFV) are expected to provide greater flexibility and manageability for next-generation IoT networks. In this context, network services should be modeled as Virtual Network Function Forwarding Graphs (VNF-FGs). A key challenge is efficient allocation of resources for sequentially arriving network service requests, a process known as VNF-FG placement. Most existing algorithms either manually or partially extract features from the physical network and VNF-FG or adopt a greedy approach, allocating resources as long as a feasible solution exists, which may over-allocate resources to VNF-FG requests, ultimately harming infrastructure providers’ long-term revenue. In this paper, we propose a VNF-FG placement and admission control algorithm based on hierarchical reinforcement learning, called EAC. It consists two levels of agents: a coarse-level agent that generates placement strategies and rejects requests with no feasible placement strategies, and a refine-level agent that implements admission control and rejects requests that are detrimental to long-term revenue. To fully capture the topological features of both the physical network and the VNF-FG, we employ a customized Graph Attention Network (GAT) that incorporates link feature awareness and enables deeper exploration. To fully explore historical temporal information for admission control, we construct state triples and feed them into a Recurrent Neural Network (RNN). Using Proximal Policy Optimization (PPO) as the foundational training algorithm, the corresponding agents are trained hierarchically. Extensive experimental results demonstrate that the proposed EAC algorithm outperforms existing state-of-the-art solutions in terms of acceptance rate, revenue-to-cost ratio, and long-term average revenue.	10.1109/TNSM.2025.3640927