TNSM Searchable Index

Author(s)	Title	Year	Publication	Keywords
Wangqing Luo, Jinbin Hu, Hua Sun, Pradip Kumar Sharma, Jin Wang	SALB: Security-Aware Load Balancing for Large Language Model Training in Datacenter Networks	2026	Early Access	Training Load management Packet loss	To meet the massive compute and high-speed communication demands of Large Language Model (LLM) training, modern datacenters typically adopt multipath topologies such as Fat-Tree and Clos to host parallel jobs across hundreds to thousands of GPUs. However, LLM training exhibits periodic, high-bandwidth communication patterns. Existing load-balancing schemes become misaligned under dynamic congestion and anomalous surges: they struggle to promptly mitigate iteration-peak congestion and lack effective isolation of anomalous traffic. To address this, we propose Security-Aware Load Balancing (SALB) for LLM training. SALB leverages a Deep Reinforcement Learning (DRL) controller with queue and delay signals for packet-level multipath load balancing and employs path binding to confine suspicious flows. By integrating data security into load balancing, SALB simultaneously achieves high throughput and robust traffic isolation. NS-3 simulation results show that, compared with CONGA, Hermes, and ConWeave, SALB reduces the 99th-percentile flow completion time (FCT) of short flows by an average of 65% and increases the throughput of long flows by an average of 54%. It further outperforms the baselines in aggregate throughput, path utilization, and packet loss rate, thereby significantly enhancing system stability, robustness, and data security.	10.1109/TNSM.2026.3678979
Jing Zhang, Chao Luo, Rui Shao	MTG-GAN: A Masked Temporal Graph Generative Adversarial Network for Cross-Domain System Log Anomaly Detection	2026	Early Access	Anomaly detection Adaptation models Generative adversarial networks	Anomaly detection of system logs is crucial for the service management of large-scale information systems. Nowadays, log anomaly detection faces two main challenges: 1) capturing evolving temporal dependencies between log events to adaptively tackle with emerging anomaly patterns, 2) and maintaining high detection capabilities across varies data distributions. Existing methods rely heavily on domain-specific data features, making it challenging to handle the heterogeneity and temporal dynamics of log data. This limitation restricts the deployment of anomaly detection systems in practical environments. In this article, a novel framework, Masked Temporal Graph Generative Adversarial Network (MTG-GAN), is proposed for both conventional and cross-domain log anomaly detection. The model enhances the detection capability for emerging abnormal patterns in system log data by introducing an adaptive masking mechanism that combines generative adversarial networks with graph contrastive learning. Additionally, MTG-GAN reduces dependency on specific data distribution and improves model generalization by using diffused graph adjacency information deriving from temporal relevance of event sequence, which can be conducive to improve cross-domain detection performance. Experimental results demonstrate that MTG-GAN outperforms existing methods on multiple real-world datasets in both conventional and cross-domain log anomaly detection.	10.1109/TNSM.2026.3654642
Amin Mohajer, Abbas Mirzaei, Mostafa Darabi, Xavier Fernando	Joint SLA-Aware Task Offloading and Adaptive Service Orchestration with Graph-Attentive Multi-Agent Reinforcement Learning	2026	Early Access	Quality of service Resource management Observability	Coordinated service offloading is essential to meet Quality-of-Service (QoS) targets under non-stationary edge traffic. Yet conventional schedulers lack dynamic prioritization, causing deadline violations for delay-sensitive, lower-priority flows. We present PRONTO, a multi-agent framework with centralized training and decentralized execution (CTDE) that jointly optimizes SLA-aware offloading and adaptive service orchestration. PRONTO builds on Twin Delayed Deep Deterministic Policy Gradient (TD3) and incorporates spatiotemporal, topology-aware graph attention with top-K masking and temperature scaling to encode neighborhood influence at linear coordination cost. Gated Recurrent Units (GRUs) filter temporal features, while a hybrid reward couples task urgency, SLA satisfaction, and utilization costs. A priority-aware slicing policy divides bandwidth and compute between latency-critical and throughput-oriented flows. To improve robustness, we employ stability regularizers (temporal smoothing and confidence-weighted neighbor alignment), mitigating action jitter under bursts. Extensive evaluations show superior QoS and channel utilization, with up to 27.4% lower service delay and over 18% higher SLA Satisfaction Rate (SSR) compared with strong baselines.	10.1109/TNSM.2026.3673188
Junyan Guo, Shuang Yao, Yue Song, Le Zhang, Xu Han, Liyuan Chang	EF-CPPA: Escrow-Free Conditional Privacy-Preserving Authentication Scheme for Real-Time Emergency Messages in Smart Grids	2026	Early Access	Authentication Smart grids Security	Timely and secure emergency message delivery is critical to resilient smart-grid operation and rapid disturbance response. However, existing schemes remain inadequate, leaving smart grids vulnerable to security and privacy threats and causing verification bottlenecks, particularly when nonlinear emergency measurements cannot be homomorphically aggregated, which prevents bandwidth-efficient in-network aggregation and scalable batch verification. We propose EF-CPPA, an escrow-free, conditional privacy-preserving authentication scheme for real-time emergency messaging in smart grids. EF-CPPA enables smart meters to deliver authenticated emergency messages to the CC via power gateways verifiable as legitimate relays, while ensuring the confidentiality, integrity, and unlinkability of embedded nonlinear measurements. EF-CPPA further provides conditional anonymity with accountable tracing, as well as origin authentication, intra-domain verification, and scalable batch verification under bursty multi-meter messaging. An ECDLP-based escrow-free key-generation mechanism reduces reliance on the CC and enables efficient node joining and revocation. Security analysis shows that EF-CPPA achieves existential unforgeability under chosen-message attacks (EUF-CMA) and satisfies the stated security and privacy requirements. Performance evaluation demonstrates low computational, communication, energy, and node-management overhead, making EF-CPPA suitable for security-critical, time-sensitive smart-grid emergency messaging.	10.1109/TNSM.2026.3672754
Kang Liu, Jianchen Hu, Donglai Ma, Xiaoyu Cao, Yuzhou Zhou, Lei Zhu, Li Su, Wenli Zhou, Xueqi Wu, Feng Gao	Topology-Aware Virtual Machine Placement through the Buffer Migration Mechanism	2026	Early Access		The virtual machine (VM) placement considering the topology constraints is difficult because the unpredictable topological VMs raise additional structural requirements (including the affinity, anti-affinity and fault-domain) on the resource pool. Thus, the service level agreement (SLA) can be violated even when the occupancy of the resource pool is quite modest. In order to solve this problem, we propose an efficient buffer-migration-based heuristic online algorithm. First, we build an integer programming model for the topology-aware VM placement problem. Second, we propose a hierarchical resource-preserving online approach, where the Rack and physical machine (PM) nodes are selected in the upper and lower layers respectively. Finally, we utilize the buffer to place and migrate the unfitted VMs to enhance the capacity of the resource pool. The proposed approach is tested with high proportional topological VM requests (nearly 60%) in the resource pool with the scale of 500, 1000 and 1500 PMs. The results show that our online approach (with unknown upcoming VM information) can achieve more than 85% of the performance for the offline approach (with complete upcoming VM information). The latency is lower than 5ms per VM.	10.1109/TNSM.2026.3678976
Raffaele Carillo, Francesco Cerasuolo, Giampaolo Bovenzi, Domenico Ciuonzo, Antonio Pescapé	A Federated and Incremental Network Intrusion Detection System for IoT Emerging Threats	2026	Early Access	Training Incremental learning Adaptation models	Ensuring network security is increasingly challenging, especially in the Internet of Things (IoT) domain, where threats are diverse, rapidly evolving, and often device-specific. Hence, Network Intrusion Detection Systems (NIDSs) require (i) being trained on network traffic gathered in different collection points to cover the attack traffic heterogeneity, (ii) continuously learning emerging threats (viz., 0-day attacks), and (iii) be able to take attack countermeasures as soon as possible. In this work, we aim to improve Artificial Intelligence (AI)-based NIDS design & maintenance by integrating Federated Learning (FL) and Class Incremental Learning (CIL). Specifically, we devise a Federated Class Incremental Learning (FCIL) framework–suited for early-detection settings—that supports decentralized and continual model updates, investigating the non-trivial intersection of FL algorithms with state-of-the-art CIL techniques to enable scalable, privacy-preserving training in highly non-IID environments. We evaluate FCIL on three IoT datasets across different client scenarios to assess its ability to learn new threats and retain prior knowledge. The experiments assess potential key challenges in generalization and few-sample training, and compare NIDS performance to monolithic and centralized baselines.	10.1109/TNSM.2026.3675031
Deemah H. Tashman, Soumaya Cherkaoui	Trustworthy AI-Driven Dynamic Hybrid RIS: Joint Optimization and Reward Poisoning-Resilient Control in Cognitive MISO Networks	2026	Early Access	Reconfigurable intelligent surfaces Reliability Optimization	Cognitive radio networks (CRNs) are a key mechanism for alleviating spectrum scarcity by enabling secondary users (SUs) to opportunistically access licensed frequency bands without harmful interference to primary users (PUs). To address unreliable direct SU links and energy constraints common in next-generation wireless networks, this work introduces an adaptive, energy-aware hybrid reconfigurable intelligent surface (RIS) for underlay multiple-input single-output (MISO) CRNs. Distinct from prior approaches relying on static RIS architectures, our proposed RIS dynamically alternates between passive and active operation modes in real time according to harvested energy availability. We also model our scenario under practical hardware impairments and cascaded fading channels. We formulate and solve a joint transmit beamforming and RIS phase optimization problem via the soft actor-critic (SAC) deep reinforcement learning (DRL) method, leveraging its robustness in continuous and highly dynamic environments. Notably, we conduct the first systematic study of reward poisoning attacks on DRL agents in RIS-enhanced CRNs, and propose a lightweight, real-time defense based on reward clipping and statistical anomaly filtering. Numerical results demonstrate that the SAC-based approach consistently outperforms established DRL base-lines, and that the dynamic hybrid RIS strikes a superior trade-off between throughput and energy consumption compared to fully passive and fully active alternatives. We further show the effectiveness of our defense in maintaining SU performance even under adversarial conditions. Our results advance the practical and secure deployment of RIS-assisted CRNs, and highlight crucial design insights for energy-constrained wireless systems.	10.1109/TNSM.2026.3660728
Yanli Liu, Yue Pang, Yidi Wang, Shengnan Li, Jin Li, Min Zhang, Danshi Wang	Developing A Domain-Specific LLM for Optical Networks: A Reinforcement Learning-Based Fine-Tuning Framework	2026	Early Access	Optical fiber networks Cognition Accuracy	Optical networks serve as the backbone of modern communication infrastructure, where efficient operation and maintenance (O&M) are essential for ensuring reliable and high-speed data services. However, traditional network O&M face persistent challenges, including high labor costs, delayed response time, and difficulties in processing massive and complex network data. Although large language models (LLMs) have demonstrated strong capabilities in text understanding, generation, and reasoning, their direct application in optical network O&M is limited by domain-specific knowledge barriers, inherent reasoning biases, and insufficient performance in complex multi-step tasks. To address this issue, this study develops a domain-adaptation and system-implementation framework that applies two established reinforcement learning-based fine-tuning methods (RLHF and ReFT) to construct domain-specialized LLMs for optical network O&M tasks. In the context of log analysis, RLHF achieves improvements of 1.64 points in accuracy, 1.02 points in content richness, and a notable 10-point increase in interactivity over supervised fine-tuning. In alarm localization, ReFT achieves accuracy improvements of 2%–13% across four reasoning tasks. The extensive tests not only demonstrate the practical value of RL-based fine-tuning in enhancing alignment and reasoning for domain-specific applications, but also provides a practical methodology and implementation reference for applying reinforcement learning-based LLM adaptation in optical network O&M environments.	10.1109/TNSM.2026.3676522
Henghua Zhang, Jue Chen, Haidong Peng, Junru Chen	MAT4PM: Machine Learning-Guided Adaptive Threshold Control for P4-based Monitoring in SDNs	2026	Early Access	Monitoring Switches Accuracy	This paper presents MAT4PM, a P4-based proactive monitoring framework designed for Software-Defined Networking (SDN). This is the first monitoring framework that combines Programmable Data Plane (PDP) capabilities for event-driven data collection with control plane intelligence for real-time threshold optimization. The architecture consists of a lightweight P4-based monitoring module deployed at the switch, a Machine Learning (ML) inference engine running at the controller, and a P4Runtime feedback channel for real-time threshold updates. Traffic features are leveraged to predict optimal monitoring thresholds, which are then synchronized with the data plane. A composite cost function is introduced to jointly consider monitoring error and communication overhead, guiding the model toward a balanced trade-off between accuracy and efficiency. Experimental evaluation on BMv2 software switches demonstrates that, compared to static threshold strategies, MAT4PM reduces monitoring error to 7.0% and achieves a 5.6% reduction in overall cost, while maintaining sub-millisecond inference latency and minimal resource consumption. These results demonstrate the practical viability and scalability of MAT4PM in SDN environments.	10.1109/TNSM.2026.3677416
Basharat Ali, Guihai Chen	MIRAGE-DoH: Metamorphic Intelligence and Resilient AI Grid for Autonomous Governance of Encrypted DNS	2026	Early Access	Cryptography Domain Name System Fingerprint recognition	Existing DNS over HTTPS defenses have demonstrated limited resilience against polymorphic traffic shaping, staged tunneling, and adaptive mimicry, largely because they rely on static learning pipelines and rigid cryptographic configurations. MIRAGE-DoH was designed to examine whether adaptive inference, persistent structural encoding, and calibrated cryptographic agility could be integrated into a deployable and measurable encrypted DNS control architecture. The framework combined flow-level Cognitive MetaAgents capable of internal reconfiguration, Topological Memory Networks that preserved stable geometric irregularities across temporal windows, and Metamorphic Cryptographic Shards that adjusted key encapsulation policies according to empirically calibrated threat severity. A Causal Counterfactual Environment modeled constrained attacker decision pathways, while Spectral Game Intelligence analyzed flow interaction graphs to anticipate structural attack transitions.Evaluation on extended CIC-DoH2023 and Gen-C-DDD-2022 datasets was conducted under fixed flow-level decision intervals with explicit accounting for synchronization overhead, spectral graph construction cost, and cryptographic rotation latency. Cross-dataset experiments yielded a mean detection accuracy of 97.8% with a 0.41% false positive rate, sustaining median inference latency of 62μs and cryptographic morph latency of 3.7 ms under load. Quantum-assisted inference was assessed through bounded simulations, indicating constrained information gain within the adopted lattice-based configuration, without asserting unconditional post-quantum immunity. These results demonstrated that adaptive encrypted DNS governance can be empirically grounded, operationally bounded, and stress-evaluated without reliance on unqualified claims of perfect security.	10.1109/TNSM.2026.3677474
Jianwei Zhang, Bowen Cui	Bandwidth-Delay Optimal Segment Routing: Upper-Bound and Lower-Bound Algorithms	2026	Early Access	Routing Optimization Quality of service	Segment routing (SR) is a novel source routing paradigm that enables network programmability. However, existing research rarely considers multicriteria optimization problems in SR networks. Given the critical role of bandwidth and delay in quality-of-service (QoS) routing, we formally define the bandwidth-delay optimal SR (BDoSR) problem for the first time and prove its NP-hardness. By leveraging the label correcting algorithm schema, we design a suite of polynomial-time algorithms, including an upper-bound algorithm (BDoSR-UB) and a lower-bound algorithm (BDoSR-LB). BDoSR-UB enables rapid estimation of the optimal solution while BDoSR-LB is accuracy-adjustable and delivers (near-)optimal feasible solutions. We rigorously analyze their performance gap through carefully constructed network examples, providing deep insights into the adjustable parameters of BDoSR-LB. Finally, we validate our algorithms on realistic network topologies, demonstrating that both BDoSR-UB and BDoSR-LB frequently converge to the optimal solution in practice while offering superior computational efficiency compared to existing approaches.	10.1109/TNSM.2026.3678190
Archana Ojha, Om Jee Pandey, Prasenjit Chanak	Energy-Efficient Network Cut Detection and Recovery Mechanism for Cluster-Based IoT Networks	2026	Early Access	Wireless sensor networks Data collection Energy consumption	Recently, the Internet of Things (IoT) has found widespread applications in diverse fields, including environmental monitoring, Industry 4.0, smart cities, and smart agriculture. In these applications, sensor nodes form Wireless Sensor Networks (WSNs) and collect data from the monitoring environment. Sensor nodes are vulnerable to various faults, including battery depletion and hardware malfunctions. These faulty nodes cut/partition the network into several isolated segments. Therefore, several non-faulty nodes become disconnected from the Base Station (BS)/Sink and are unable to transmit their data to the BS. It is subject to the early demise of the network. Network cuts also significantly degrade overall network performance. Once the network is divided into isolated segments, it is very difficult to detect and collect data from them. Therefore, this paper proposes a Mobile Data Collector (MDC)-based data-gathering approach for WSNs to collect data from isolated segments. This paper proposes a novel MDC-based network cut detection algorithm that identifies the formation of network cuts in WSNs. A network recovery algorithm is also proposed to enable data collection from the isolated segment. Furthermore, this paper proposes a Reinforcement learning Brain Storm Optimization (RLBSO) algorithm for optimal selection of Rendezvous Points (RPs) and optimal MDC path design. It significantly reduces data-gathering time across isolated network segments. The simulation and testbed results show that the proposed approach outperforms existing state-of-the-art approaches in terms of network lifetime, data collection ratio, energy consumption, and latency.	10.1109/TNSM.2026.3677868
Ei Theingi, Lokman Sboui, Diala Naboulsi	Adaptive and Energy-Efficient Deployment of Robotic Airborne Base Stations: A Deep Reinforcement Learning Approach	2026	Early Access	Energy efficiency Base stations Adaptation models	The increasing energy demands of future wireless networks drive the need for intelligent and adaptive deployment strategies. Traditional methods often lack the flexibility required to handle the spatio-temporal fluctuations inherent in modern communication environments. To address this challenge, we investigate the energy-efficient deployment of Robotic Airborne Base Stations (RABSs) in practical scenarios, such as managing sudden traffic surges during large-scale public events and providing emergency coverage in disaster-stricken areas where terrestrial infrastructure is compromised. We propose a novel Deep Reinforcement Learning (DRL)-based framework for an energy-efficient deployment of multiple RABSs. Unlike existing approaches, our framework features both centralized and decentralized Actor-Critic DRL, enabling scalable and adaptive decision-making. The centralized model leverages global network information to optimize the collective deployment of RABSs, while the multi-agent decentralized approach allows RABSs to make independent yet coordinated decisions based on local observations, ensuring scalability in large-scale networks. In addition, we introduce a state-action representation that captures spatio-temporal traffic variations and energy consumption dynamics. Our simulations validate the effectiveness of the proposed framework, demonstrating significant improvements in energy efficiency and adaptability compared to heuristic, Gauss-Markov, and Q-Learning models. Furthermore, comparison with an exhaustive search benchmark confirms that our approach achieves an optimal energy efficiency with significantly lower computational complexity.	10.1109/TNSM.2026.3678488
Xiuqin Xu, Mingwei Lin, Zeshui Xu, Xin Luo	A Sampling-Neighborhood-Regularized Latent Factorization of Tensor for Dynamic QoS Estimation	2026	Vol. 23, Issue	Quality of service Tensors Estimation	Since similar users frequently exhibit similar Quality of Service (QoS) when accessing similar services, effectively capturing neighborhood information hidden in QoS data becomes critical for latent factorization of tensor (LFT)-based QoS estimators. Current LFT models either calculate the complete set of neighborhoods or do not consider neighborhoods, resulting in a rapid rise in model complexity and poor estimation accuracy. Moreover, not every neighbor in the neighborhood set is beneficial to the user/service entity. To address these limitations, this study proposes a sampling-neighborhood-regularized latent factorization of tensor (SNLFT) model with three key ideas: 1) extracting primal latent factors (LFs), which are obtained to express related entities on the basis of high-dimensional and incomplete QoS data; 2) constructing the sampling-neighborhood set, which is acquired using the Gibbs sampling to reflect the similarities between the primal LF vectors of entities over time; 3) developing a sampling-neighborhood-regularized LFT model, where all the sampling neighborhoods of entities and $L_{2}$ -norm of desirable LFs are employed to regularize the objective function. Extensive experiments on eight dynamic QoS datasets demonstrate that SNLFT significantly outperforms state-of-the-art models in both estimation accuracy and computational efficiency.	10.1109/TNSM.2025.3644937
Zekang Wang, Fuxiang Yuan, Han Qiu, Yan Liu, Xiangyang Luo	Large-Scale BGP Routing Anomaly Detection Based on Graph Attention Auto-Encoder	2026	Vol. 23, Issue	Representation learning Accuracy Autonomous systems	The Border Gateway Protocol (BGP) enables the exchange of routing information between Autonomous Systems (ASes). The lack of routing verification makes it susceptible to routing anomalies with major impact. Detecting large-scale routing anomalies is crucial for monitoring network operation status. However, existing methods are affected by interference from non-important ASes and insufficient labeled data, necessitating improvements in detection performance. In this paper, a large-scale BGP routing anomaly detection method based on a graph attention auto-encoder is proposed. First, normal BGP data is collected to construct AS-level topology graphs. Then, the graph attention auto-encoder model is pre-trained on topology graphs, where an attention mechanism is introduced to assign higher weights to important ASes. Next, the AS-level topology graph sequence is extracted from BGP data, and the pre-trained model is utilized to obtain AS embeddings. Finally, the AS embedding is classified to detect large-scale BGP routing anomalies based on multi-layer perceptron. The large-scale BGP routing anomaly event dataset is constructed using 4,577,384 routing announcements, and extensive experiments are conducted. The results show that the proposed method has significant advantages. Compared with typical methods BSVM, BLSTM, BMLP, BGNN, BGIN, and BGAE, the detection accuracy increased by 14.47%, 3.73%, 8.11%, 2.64%, 5.99%, and 1.04%, respectively.	10.1109/TNSM.2025.3631527
Yeryeong Cho, Sungwon Yi, Soohyun Park	Joint Multi-Agent Reinforcement Learning and Message-Passing for Resilient Multi-UAV Networks	2026	Vol. 23, Issue	Servers Heuristic algorithms Autonomous aerial vehicles	This paper introduces a novel resilient algorithm designed for distributed un-crewed aerial vehicles (UAVs) in dynamic and unreliable network environments. Initially, the UAVs should be trained via multi-agent reinforcement learning (MARL) for autonomous mission-critical operations and are fundamentally grounded by centralized training and decentralized execution (CTDE) using a centralized MARL server. In this situation, it is crucial to consider the case where several UAVs cannot receive CTDE-based MARL learning parameters for resilient operations in unreliable network conditions. To tackle this issue, a communication graph is used where its edges are established when two UAVs/nodes are communicable. Then, the edge-connected UAVs can share their training data if one of the UAVs cannot be connected to the CTDE-based MARL server under unreliable network conditions. Additionally, the edge cost considers power efficiency. Based on this given communication graph, message-passing is used for electing the UAVs that can provide their MARL learning parameters to their edge-connected peers. Lastly, performance evaluations demonstrate the superiority of our proposed algorithm in terms of power efficiency and resilient UAV task management, outperforming existing benchmark algorithms.	10.1109/TNSM.2025.3650697
Hao Guo, Guangqin Hu, Weidong Li	Multi-Resource Maximin Share Fair Allocation in Heterogeneous Servers With Time Discount	2026	Vol. 23, Issue	Resource management Servers Cloud computing	In this paper, we study multi-resource maximin share fair allocation with time discount in a cloud computing system with heterogeneous servers. It primarily focuses on the allocation of computing resources in cloud computing systems when users are dealing with time-sensitive tasks. If users delay handling these tasks, their utility will decrease over time. In addition, users do not always stay in the computing system in this problem. For this problem, we propose a mechanism called maximin share fairness with time discount (MMS-TD) in a heterogeneous cloud computing system. We prove theoretically that the allocation returned by the mechanism is lexicographically max-min optimal, that the allocation satisfies the maximin share fairness, and that the mechanism is Pareto efficiency, proportionality, and strategy-proofness. In addition, we designed an algorithm to realize this mechanism and conducted simulation experiments with Alibaba cluster traces. The experimental results show that regardless of resource utilization or user utility, the MMS-TD mechanism consistently outperforms the other three similar mechanisms.	10.1109/TNSM.2025.3650128
Xiaodong Yang, Ruiting Li, Songyu Li, Na Wang, Caifen Wang	Shared Data Integrity Audit Scheme Based on CP-ABE and Deduplication for Cloud Storage	2026	Vol. 23, Issue	Cloud computing Encryption Security	With the rapid growth of cloud storage user scale, there are dual challenges of resource waste and security hazards in massive data storage: on the one hand, redundant data exacerbates storage overhead; on the other hand, unauthorized access exacerbates the possibility of data leakage or tampering. To this end, this paper designs a shared data auditing scheme that supports fine-grained access control and cloud deduplication. First, combining Random Convergent Encryption (RCE), Proof-of-Ownership (PoW) technology, and introducing a certificate-less cryptosystem to securely deduplicate data in the cloud while eliminating certificate management and key escrow risks. Second, the data is encrypted using Ciphertext-Policy Attribute-Based Encryption (CP-ABE) technology, and only authorized users can decrypt the data based on attribute matching, which can effectively resist the risk of data leakage due to unauthorized access. At the same time, we designate an auditor to carry out data integrity auditing to prevent malicious audit behavior. Finally, Security and performance evaluations show that the scheme we’ve proposed is quite efficient and competitive.	10.1109/TNSM.2025.3650222
Seifeddine Fathalli, Emilia N. Weyulu, Danesh Zeynali, Balakrishnan Chandrasekaran, Anja Feldmann	Network-Assisted Congestion Feedback	2026	Vol. 23, Issue	Computer networks Internet Flow production systems	We present Network Congestion Feedback (NCF), a novel congestion control framework that leverages programmable data planes for generating a rich congestion signal for use in the public Internet. NCF makes several contributions, including isolating ‘mice’ and ‘elephant’ flows using separate queues, detecting congestion in the elephants’ queue and generating a rich sub-RTT signal for the concerned senders, and designing a congestion-control algorithm (CCA) that matches a flow’s demands with supply (i.e., available bandwidth) for maximizing utilization and fairness. It extends two key ingredients from prior work on datacenter CCAs—a short control-loop delay and a precise congestion signal—that are crucial for designing an efficient, fair CCA, by adapting them for the more challenging Internet context. NCF isolates mice and elephant flows so that the former cannot unfairly degrade the throughput of the latter, and it guarantees that mice flows experience minimal round-trip times (RTTs) even when contending with elephant flows. NCF virtually eliminates slow-start spikes and achieves high fairness in both shallow and deep-buffer configurations, and even when the flows experience drastically different RTTs. Lastly, NCF offers low flow completion times (FCTs) to short flows even in challenging multiple-bottleneck scenarios.	10.1109/TNSM.2025.3648180
Saihua Cai, Lizhou Chen, Jinfu Chen, Shengran Wang, Guofeng Zhang	CL-ViME: Contrastive Learning and Vision Mixture of Experts for Encrypted Traffic Classification	2026	Vol. 23, Issue	Cryptography Contrastive learning Adaptation models	Network traffic classification is essential for application identification and malicious behavior detection. However, the widespread use of encryption protocols hides payloads and reduces the availability of high-quality labeled data, both of which constrain the effectiveness of current models. To address these challenges, we propose CL-ViME, a self-supervised encrypted traffic classification framework that integrates Contrastive Learning and Vision Mixture of Experts. First, we design a packet-temporal matrix that preserves fine-grained packet headers and flow-level temporal structure. Second, we introduce a Vertical Vision Transformer-Mixture of Experts model to extract dual-view features through vertical patching and dynamic expert routing. Third, we develop a dual-granularity contrastive learning framework that aligns packet-level and flow-level representations via an MoE projector, followed by lightweight classifier-head fine-tuning. Experiments on three public datasets show that CL-ViME significantly outperforms state-of-the-art self-supervised and supervised baselines across accuracy, macro-precision, macro-recall, and macro-F1. It also demonstrates strong generalization and stability.	10.1109/TNSM.2025.3650038