TNSM Searchable Index

Author(s)	Title	Year	Publication	Keywords
Mohammad Rasool Momeni, Abdollah Jabbari, Carol Fung	An Efficient and Secure Smart Parking System with Conditional Preservation of Citizens Privacy for Smart Cities	2026	Early Access		The ever-increasing world population and the number of vehicles in use have made it more difficult for drivers to find suitable parking lots in large cities. When public parking is insufficient, private parking space sharing could be a solution to alleviate the problem. In the context of private parking reservation, parking owners and drivers share their parking offers and inquiries that consist of private information, such as identity, parking spot, and desired location. Hence, cyber attacks and data leaks can reveal sensitive information about citizens. Therefore, it could be a major barrier to utilize private parking spots. To address this issue, we propose an efficient, secure, and privacy-preserving smart parking system. We use robust security methods, such as proxy re-encryption and certificateless public-key cryptography, to achieve security. We also employ cutting-edge privacy-enhancing technologies, such as (partially) blind signature and symmetric private information retrieval (SPIR), to preserve citizens’ privacy. Moreover, Shamir’s threshold secret sharing is used to provide conditional privacy. Comprehensive security and privacy analysis using the Random Oracle model and the Scyther tool demonstrates that our design is robust against relevant attacks and effectively protects citizens’ privacy. Ultimately, our performance analysis indicates that the proposed scheme is efficient, lightweight, and feasible. In particular, it achieves an average reduction of approximately 73% in communication overhead.	10.1109/TNSM.2026.3673982
Amin Mohajer, Abbas Mirzaei, Mostafa Darabi, Xavier Fernando	Joint SLA-Aware Task Offloading and Adaptive Service Orchestration with Graph-Attentive Multi-Agent Reinforcement Learning	2026	Early Access	Quality of service Resource management Observability	Coordinated service offloading is essential to meet Quality-of-Service (QoS) targets under non-stationary edge traffic. Yet conventional schedulers lack dynamic prioritization, causing deadline violations for delay-sensitive, lower-priority flows. We present PRONTO, a multi-agent framework with centralized training and decentralized execution (CTDE) that jointly optimizes SLA-aware offloading and adaptive service orchestration. PRONTO builds on Twin Delayed Deep Deterministic Policy Gradient (TD3) and incorporates spatiotemporal, topology-aware graph attention with top-K masking and temperature scaling to encode neighborhood influence at linear coordination cost. Gated Recurrent Units (GRUs) filter temporal features, while a hybrid reward couples task urgency, SLA satisfaction, and utilization costs. A priority-aware slicing policy divides bandwidth and compute between latency-critical and throughput-oriented flows. To improve robustness, we employ stability regularizers (temporal smoothing and confidence-weighted neighbor alignment), mitigating action jitter under bursts. Extensive evaluations show superior QoS and channel utilization, with up to 27.4% lower service delay and over 18% higher SLA Satisfaction Rate (SSR) compared with strong baselines.	10.1109/TNSM.2026.3673188
Junyan Guo, Shuang Yao, Yue Song, Le Zhang, Xu Han, Liyuan Chang	EF-CPPA: Escrow-Free Conditional Privacy-Preserving Authentication Scheme for Real-Time Emergency Messages in Smart Grids	2026	Early Access	Authentication Smart grids Security	Timely and secure emergency message delivery is critical to resilient smart-grid operation and rapid disturbance response. However, existing schemes remain inadequate, leaving smart grids vulnerable to security and privacy threats and causing verification bottlenecks, particularly when nonlinear emergency measurements cannot be homomorphically aggregated, which prevents bandwidth-efficient in-network aggregation and scalable batch verification. We propose EF-CPPA, an escrow-free, conditional privacy-preserving authentication scheme for real-time emergency messaging in smart grids. EF-CPPA enables smart meters to deliver authenticated emergency messages to the CC via power gateways verifiable as legitimate relays, while ensuring the confidentiality, integrity, and unlinkability of embedded nonlinear measurements. EF-CPPA further provides conditional anonymity with accountable tracing, as well as origin authentication, intra-domain verification, and scalable batch verification under bursty multi-meter messaging. An ECDLP-based escrow-free key-generation mechanism reduces reliance on the CC and enables efficient node joining and revocation. Security analysis shows that EF-CPPA achieves existential unforgeability under chosen-message attacks (EUF-CMA) and satisfies the stated security and privacy requirements. Performance evaluation demonstrates low computational, communication, energy, and node-management overhead, making EF-CPPA suitable for security-critical, time-sensitive smart-grid emergency messaging.	10.1109/TNSM.2026.3672754
Wenxue Hu, Lei Sun, Zhangchao Ma, Rong Huang, Yushan Pei, Jianquan Wang	A Novel Time-Window Scheduling Algorithm With Network Calculus Model in Time-Sensitive Networking	2026	Early Access	Job shop scheduling Optimization Switches	Traffic scheduling plays a critical role in Time-Sensitive Networking (TSN) for ensuring high reliability and deterministic latency. In this paper, we propose a novel window-based scheduling approach for the Time-Aware Shaper (TAS). By allowing packets to wait in egress queues before forwarding, our approach relaxes the strict timing constraints imposed by existing packet-based schedulers. We employ a generalized Network Calculus (NC) framework built on an End-to-End (E2E) network model, to analyze the upper-bound latency, which is then used to assess the schedulability of Time-Critical (TC) traffic. Inspired by the Proportional–Integral–Derivative (PID) closed-loop control architecture, we introduce an Incremental PID-based Search (IPS) algorithm to optimize schedulability, where the P, I, and D terms are leveraged to scale update steps, maintain search momentum, and dampen the oscillations, respectively. To accommodate various traffic classes, throughput constraints for non-TC traffic are incorporated as bounds on window lengths. Simulation experiments were performed on a multi-node network topology carrying large traffic volumes. Under optimal PID settings, the proposed IPS algorithm was evaluated against the well-validated Simulated Annealing (SA) method under a unified scheduling framework with identical decision variables and constraints to ensure a fair comparison. Results show that IPS consistently achieves higher schedulability and requires fewer iterations for flow counts ranging from 100 to 600. Furthermore, a real-time simulation platform based on OMNeT++ was developed, and the effectiveness of the proposed wait-allowed scheduling model was validated through optimized GCL configurations.	10.1109/TNSM.2026.3673031
Wenxuan Li, Yu Yao, Ni Zhang, Chuan Sheng, Ziyong Ran, Wei Yang	IMADP: Imputation-based Anomaly Detection in SCADA Systems via Adversarial Diffusion Process	2026	Early Access	Anomaly detection Adaptation models Data models	As the confrontation of the industrial cybersecurity upgrades, multi-dimensional variables measured by the SCADA multi-sensor are critical for assessing security risks in industrial field devices. While Deep Learning (DL) methods based on generative models have demonstrated effectiveness, the impact of missing features in samples and temporal window size on modeling and detection processes has been consistently overlooked. To address these challenges, this work proposes an IMADP framework that integratively solves two tasks of missingness patching and anomaly detection. Firstly, the Window-based Adaptive Selection Strategy (WASS) is also designed to intelligently window samples, reducing reliance on prior settings. Secondly, an imputer is constructed under WASS to restore sample integrity, which is implemented by a fully-connected network centered on Neural Controlled Differential Equations (NCDEs). Thirdly, a adversarial diffusion detection model with the variant Transformer as the inverse solver is proposed. Additionally, the Adaptive Dynamic Mask Mechanism (ADMM) is built upon to bolster the model’s comprehension of inter-dependencies between time and sensor nodes. Simultaneously, adversarial training is introduced to optimize training and detection latency caused by the excessive diffusion step size during the native Conditional Diffusion process. The experimental results validate that the proposed framework has the capability to build detectors using missing training samples, and its overall detection performance, tested across six datasets, is superior to existing methods.	10.1109/TNSM.2026.3670062
Rong Jiang, Yulin Li, Xuetao Pu, Xueke Wang, Yukun Xue	A Contract Data Sharing Model Based on Consortium Blockchain and Local Differential Privacy	2026	Early Access	Differential privacy Blockchains Computational modeling	Privacy-preserving and sharing for contract data are crucial for enterprise collaboration. However, current approaches combining blockchain and differential privacy face challenges including high computational costs, low data processing efficiency, and trust issues in decentralized privacy mechanisms. To address this, we propose a federated blockchain model based on multi-dimensional local differential privacy. A Multi-Dimensional Randomized Response (MDRR) mechanism is designed to protect privacy while retaining internal attribute correlations. Secondly, we construct a hybrid computation mechanism that integrates consortium blockchain and differential privacy, enabling on-chain scheduling with off-chain efficient computation, thereby significantly reducing computational overhead. Furthermore, we introduce a Trust-Utility Synergistic Optimization (TUSO) mechanism to enhance reliability by combining trust scores and utility. Experiments show superior accuracy, reduced error, and improved efficiency.	10.1109/TNSM.2026.3672462
Shankar K. Ghosh, Souvik Deb, Rishi Balamurugan, AB Santhosh	Exploring the conditional effect of RLF on handover failure based on ns-3 under stochastic channel condition	2026	Early Access	Handover Correlation Long Term Evolution	A Key component of Handover failure (HOF) in Fifth generation (5G) cellular network is the underlying radio link failure (RLF) event; existing model based analyses of HOF have not adequately explored this dependency. Moreover, HOF as a function of user mobility necessitates models that incorporate spatio-temporal correlation that has been largely ignored. In this work, based on ns-3 simulation, we characterize the relationship between RLF and HOF considering the effects of handover parameters (i.e., hysteresis (Hys), time-to-trigger (TTT), A2 threshold, A4 threshold) and RLF parameters (i.e., out-of-synch threshold (Qout), out-of-synch indication (N310), insynch indication (N311) and RLF timer (T310)) for correlated RSRP samples. The study has been carried out for different kinds of handovers in Non-Standalone (NSA) deployment of 5G. Our study reveals that optimal settings of handover parameters and RLF parameters to optimize HOF are actually constrained by the correlation characteristics of the prevailing channels. Comparison of simulation results with an existing semi-analytic model based analysis shows the novelty of the proposed ns-3 simulation methodology in capturing the cumulative impact of all the aforementioned factors in causing HOF. This study will help the mobile operators in choosing optimal RLF and handover parameters to minimize HOF under different UE velocities and fading scenarios.	10.1109/TNSM.2026.3672646
Shaohui Gong, Luohao Tang, Jianjiang Wang, Quan Chen, Cheng Zhu	A Key Node Set Analysis Method For Regional Service Denial In Mega-Constellation Networks	2026	Early Access	Satellites Measurement Analytical models	Mega-constellation networks (MCNs) face the significant threats of regional service denial attacks. To improve the robustness of regional services in MCNs against such attacks, a cost-effective approach is to identify key node sets for targeted protection efforts. This paper formally defines the key node set analysis problem for regional service denial in MCNs and develops a comprehensive solution framework. First, we develop a regional service capability analysis model that considers the dynamic collaboration of multiple satellites within regional communication service scenarios in MCNs, alongside a temporal network model for their collaborative relationships. Next, we design a multi-satellite criticality metric that quantifies the multi-dimensional impacts of satellite node set failures on regional service capabilities. Building on these, we construct a mixed-integer programming-based key node set analysis model to achieve precise identification of key node sets. Finally, simulation experiments are conducted to verify and analyze the proposed methods, providing insights to enhance the robustness of regional services in MCNs.	10.1109/TNSM.2026.3672157
Ebrima Jaw, Moritz Müller, Cristian Hesselman, Lambert Nieuwenhuis	Reproducibility Study and Assessment of the Evolution of Serial BGP Hijacking Events	2026	Early Access	Internet Routing Border Gateway Protocol	The Border Gateway Protocol (BGP) is the Internet’s most crucial protocol for efficient global connectivity and traffic routing. However, BGP is well known to be susceptible to route hijacks and leaks. Route hijacks are the intentional or unintentional illegitimate announcements of network resources that can compromise the confidentiality, integrity, and availability of communication systems. In the past, the so-called “serial hijackers” have hijacked Internet resources multiple times, some lasting for several months or years. So far, only the paper “Profiling BGP Serial Hijackers” has explicitly focused on these repeat offenders, and it dates back to 2019. Back then, they had to process large amounts of BGP announcements to find a few potential serial hijackers. In this paper, we revisit the profiling of serial hijackers. We reproduced the 2019 study and showed that we can identify potential offenders with less data while achieving similar accuracy. Our study confirms that there has been no significant increase in the evolution of serial hijacking activities in the last five years. We then extend their research, further analyze the characteristics of the serial hijackers, and show that most of the alleged serial hijackers are still active on the Internet. We also find that 22.9% of the hijacks violated RPKI objects but were still widely propagated, and that even MANRS participants were among the propagating networks.	10.1109/TNSM.2026.3671613
Zhaoping Li, Mingshu He, Xiaojuan Wang	HKD-Net: Hierarchical Knowledge Distillation Based on Multi-Domain Feature Fusion for Efficient Network Intrusion Detection	2026	Early Access	Feature extraction Telecommunication traffic Knowledge engineering	We propose HKD-Net1, a hierarchical knowledge distillation network based on multi-domain feature fusion, for efficient network intrusion detection on resource-constrained edge devices. The framework incorporates dedicated feature extraction modules across temporal, frequency, and spatial domains, and introduces a dynamic gating mechanism for adaptive feature fusion, resulting in a more discriminative and comprehensive feature representation. Moreover, a hierarchical distillation mechanism is designed that not only preserves soft labels from the output layer but also aligns intermediate features from spatial, temporal, frequency, and fused domains, enabling efficient knowledge transfer from a large teacher model to a compact student model. Through knowledge distillation, the final lightweight model requires only 278,580 parameters, reducing the number of parameters by approximately 74.68% compared to the teacher, while maintaining high detection accuracy. Extensive experiments on three public datasets (Kitsune, CIRA-CIC-DoHBrw2020, and CICIoT2023) demonstrate that HKD-Net outperforms five state-of-the-art methods, achieving accuracies of 96.72%, 97.19%, and 87.19%, respectively, while reducing parameters by 74.68% and maintaining low computational cost.	10.1109/TNSM.2026.3668812
Chengwei Liao, Guofeng Yan, Hengliang Tan, Jiao Du, Xia Deng, Heng Wu	jTOLP-MADRL: A MADRL-based Joint Optimization Algorithm of Task Offloading Location and Proportion for Latency-sensitive Tasks in Vehicle Edge Computing Network	2026	Early Access	Servers Resource management Edge computing	In Vehicle Edge Computing Network (VECN), task offloading is a key technique to provide the satisfactory quality of service (QoS) for latency-sensitive tasks. However, the diversity of computational resources in edge nodes (i.e., RSU and idle vehicles) and the mobility of vehicles present significant challenges to task offloading. Hence, to address these challenges, we propose an offloading scheme that jointly allocates RSU nodes (including MEC servers) and idle service vehicle resources in this paper. We first prioritize these tasks based on their maximum tolerable latency and design a utility function to capture the executing cost for latency-sensitive tasks. Then, we propose a joint optimization algorithm of task offloading location and proportion based on Multi-agent Deep Reinforcement Learning (jTOLP-MADRL algorithm) for latency-sensitive tasks in VECN, which consists of two sub-algorithms: the Offloading Location Selection (OLS) algorithm and the Offloading Proportion Allocation (OPA) algorithm. Additionally, we design a Convolutional Recurrent Actor-Critic Network (CRACN) to enhance the learning efficiency of the OLS algorithm. Finally, we indicate our algorithm is effective based on simulation results. Compared with the other benchmark algorithms, jTOLP-MADRL can significantly reduce latency and enhance system utility.	10.1109/TNSM.2026.3669913
Deemah H. Tashman, Soumaya Cherkaoui	Trustworthy AI-Driven Dynamic Hybrid RIS: Joint Optimization and Reward Poisoning-Resilient Control in Cognitive MISO Networks	2026	Early Access	Reconfigurable intelligent surfaces Reliability Optimization	Cognitive radio networks (CRNs) are a key mechanism for alleviating spectrum scarcity by enabling secondary users (SUs) to opportunistically access licensed frequency bands without harmful interference to primary users (PUs). To address unreliable direct SU links and energy constraints common in next-generation wireless networks, this work introduces an adaptive, energy-aware hybrid reconfigurable intelligent surface (RIS) for underlay multiple-input single-output (MISO) CRNs. Distinct from prior approaches relying on static RIS architectures, our proposed RIS dynamically alternates between passive and active operation modes in real time according to harvested energy availability. We also model our scenario under practical hardware impairments and cascaded fading channels. We formulate and solve a joint transmit beamforming and RIS phase optimization problem via the soft actor-critic (SAC) deep reinforcement learning (DRL) method, leveraging its robustness in continuous and highly dynamic environments. Notably, we conduct the first systematic study of reward poisoning attacks on DRL agents in RIS-enhanced CRNs, and propose a lightweight, real-time defense based on reward clipping and statistical anomaly filtering. Numerical results demonstrate that the SAC-based approach consistently outperforms established DRL base-lines, and that the dynamic hybrid RIS strikes a superior trade-off between throughput and energy consumption compared to fully passive and fully active alternatives. We further show the effectiveness of our defense in maintaining SU performance even under adversarial conditions. Our results advance the practical and secure deployment of RIS-assisted CRNs, and highlight crucial design insights for energy-constrained wireless systems.	10.1109/TNSM.2026.3660728
Wenjing Jing, Quan Zheng, Siwei Peng, Shuangwu Chen, Xiaobin Tan, Jian Yang	Equivalent Characteristic Time Approximation Based Network Planning for Cache-enabled Networks	2026	Early Access	Planning Resource management Costs	The exponential surge in network traffic has imposed significant challenges on traditional Internet architectures, resulting in high latency and redundant transmissions. Cache-enabled networks alleviate these issues by deploying content closer to end-users, making the planning of such networks a research focus. However, regional heterogeneity in user demand and caching interdependencies among hierarchical nodes complicate the planning process. Most existing approaches rely on simplistic even allocation or empirical methods, which fail to simultaneously meet user performance expectations and minimize deployment costs. This paper proposes a network planning framework based on the Equivalent Characteristic Time Approximation (ECTA). The approach begins by establishing a performance–resource mapping. Using ECTA, we decouple the tightly coupled characteristic time relationships across hierarchical nodes, thereby accurately estimating the required cache capacity and bandwidth needed to achieve user performance targets. Building on this foundation, we formulated the network planning as a constrained convex optimization problem that minimizes deployment cost while satisfying user performance constraints. We conducted extensive experiments on a large-scale simulation platform (ndnSIM) and a real-world cache-enabled network testbed (CENI-HeFei). The results demonstrate that, under identical network topologies and total resource constraints, our method significantly improves cache hit probability while reducing deployment costs compared to homogeneous resource allocation schemes. This work provides a practical theoretical foundation and valuable insights for the design, deployment, and optimization of future cache-enabled networks.	10.1109/TNSM.2026.3670399
Shi Dong, Fuxiang Zhao, Longhui Shu, Junjie Huang	Android Zero-Day Guard: Zero-Shot Malware Detection Using Deep Learning and Generative Models	2026	Early Access	Malware Feature extraction Accuracy	This paper proposes an Android-oriented zero-day malware detection method named ”Android Zero-Day Guard.” By integrating deep neural networks with zero-shot learning, this approach is capable of identifying emerging threats without prior exposure to malicious samples. The method converts APK files into images and extracts deep features, enabling effective capture of behavioral malware patterns. Experimental results demonstrate that the proposed method achieves a precision of 94.93%, a recall of 93.75%, and an F1-score of 94.28% across multiple malware families. Without relying on dynamic analysis, it exhibits strong detection capability and generalization performance, making it well-suited for the early identification of emerging threats. While the model performs strongly on benchmark datasets, continuous validation on the latest families is essential for deployment in a rapidly evolving threat landscape.	10.1109/TNSM.2026.3671305
Woojin Jeon, Donghyun Yu, Ruei-Hau Hsu, Jemin Lee	Secure Data Sharing Framework with Fine-grained Access Control and Privacy Protection for IoT Data Marketplace	2026	Early Access	Internet of Things Encryption Access control	The proliferation of IoT devices has led to an exponential increase in data generation, creating new opportunities for data marketplaces. However, due to the security and privacy issues arising from the sensitive nature of IoT data, as well as the need for efficient management of vast amounts of IoT data, a robust solution is necessary. Therefore, this paper proposes a secure data sharing framework with fine-grained access control and privacy protection for the internet of things (IoT) data marketplace. For fine-grained access control of the data in the proposed protocol, we develop the hidden attributes and encryption outsourced key-policy attribute-based encryption (HAEO-KP-ABE) that outsources high-complex operations to peripheral devices with high capability to reduce the computation burden of IoT device. It achieves data privacy by hiding attributes in the ciphertext and by preventing entities that do not hold the data consumer’s secret key material (including SA/CS) from running the match test on stored ciphertexts before decryption. It also has an efficient match test algorithm which can verify that the hidden attributes of the ciphertext match the access policy of the data consumer’s private key without revealing those attributes. We demonstrate the proposed protocol satisfies the security features required for the data sharing process in an IoT data marketplace environment. Furthermore, we evaluate the execution time of the proposed protocol according to the number of attributes and show the practicality and efficiency of the proposed protocol compared to the related works.	10.1109/TNSM.2026.3670207
Xing Li, Ge Gao, Zhaoyu Chen, Xin Li, Qian Huang	MD-PCSN: Meta-motion Decoupling Point Cloud Sequence Network for Privacy-Preserving Human Action Recognition in AI machines	2026	Early Access	Point cloud compression Convolution Three-dimensional displays	In next-generation communication networks and Industry 5.0 based applications, ensuring robust security and reliability in human-computer interaction (HCI) constitutes a fundamental prerequisite for safety-critical AI machine systems. Point cloud sequence-based human action recognition demonstrates intrinsic advantages in privacy-preserving HCI, leveraging its non-intrusive sensing modality to mitigate data vulnerability while maintaining high-precision action interpretation in industrial environments. Existing spatio-temporal encoding methods for point cloud sequence-based action recognition suffer from two fundamental limitations: (1) rigid neighborhood constraints impair multi-scale feature extraction for heterogeneous body parts, and (2) independent spatial-temporal decomposition introduces motion representation distortion. We propose a Meta-motion Decoupling Point Cloud Sequence Network (MD-PCSN) that addresses these challenges through: (1) logarithmic spatio-temporal point convolution for hierarchical meta-motion construction at variable granularities, and (2) a novel Gated-KANsformer architecture with differential motion encoding to explicitly model both short-term displacements and long-term spatio-temporal dependencies. The proposed meta-motion decoupling mechanism significantly enhances robustness against sensor perturbations, making the framework particularly suitable for security-critical applications. Extensive experiments on three benchmark datasets demonstrate MD-PCSN’s superior performance. It outperforms classic PST-Transformer by 1.5% on MSR Action3D and 4.14% on UTD-MHAD. Under the NTU RGB+D 60, it achieves 2.9% cross-view gain over the latest PointActionCLIP.	10.1109/TNSM.2026.3671357
Guolong Li, Yuan Gao, Jiongjiong Ren, Shaozhen Chen	BPF-GNN: A multi-granularity feature extraction model using graph neural networks for encrypted traffic classification	2026	Early Access	Feature extraction Cryptography Payloads	Encrypted traffic classification is crucial for critical network management tasks such as traffic type identification, resource allocation, and risk mitigation, especially given that encrypted traffic has become the dominant form of modern network communication. However, existing classification methods are typically confined to single-level feature extraction, failing to capture the multi-granularity information inherent in traffic and thus limiting their ability to characterize complex encrypted traffic patterns. To address this issue, this paper proposes BPF-GNN, a hierarchical graph feature extraction model for encrypted traffic classification. The model enables multi-granularity feature learning by constructing a three-tier graph structure (Byte-, Packet-, and Flow-level). It sequentially extracts discriminative information inherent in each granularity level and accumulates multi-dimensional traffic characteristics, significantly improving the classification accuracy of encrypted traffic. Experiments on the ISCX-VPN2016, ISCX-Tor2016, USTC-TFC2016, and MIRAGE-2024 datasets demonstrate that BPF-GNN outperforms existing methods, validating the effectiveness and superiority of the proposed hierarchical multi-granularity feature extraction approach.	10.1109/TNSM.2026.3671203
Beibei Li	B-TWGA: A Trusted Gateway Architecture Based on Blockchain for Internet of Things	2026	Early Access	Internet of Things Blockchains Security	Internet of Things (IoT) terminals are commonly used for data sensing and edge control. The communication links between these hardware devices are critical points that are vulnerable to security attacks. Moreover, these links are usually composed of resource-constrained nodes that cannot implement strong security protections. To address these security threats, we introduce a Blockchain-based Trustworthy Gateway Architecture (B-TWGA), which does not rely on additional thirdparty management institutions or hardware facilities, nor does it require central control. Our proposal further considers the possibility of Denial of Service (DoS) attacks in blockchain transactions, ensuring secure storage and seamless interaction within the network. The proposed scheme offers advantages such as tamper-proofing, protection against malicious attacks, and reliability while maintaining operational simplicity. Experimental results demonstrate that B-TWGA maintains stable trust levels even when 40% of the network nodes are malicious, effectively mitigates trust degradation caused by vote-stuffing and switch attacks, and ensures high transaction processing performance, achieving an average throughput of 97.55% for storage transactions with practical response times below 0.7s for typical trust file sizes.	10.1109/TNSM.2026.3671208
Ying-Chin Chen, Chit-Jie Chew, Wei-Bin Lee, Iuon-Chang Lin, Jun-San Lee	IROVF:Industrial Role-Oriented Verification Framework for safeguarding manufacture line deployment	2026	Early Access	Security Manufacturing Standards	Traditionally, industrial control systems operate in isolated networks with proprietary solutions. As smart factories and digital twins have become inevitable with AI advancement, the rapid adoption of Industrial Internet of Things (IIoT) devices has significantly increased cybersecurity risks. More precisely, the complexity of industrial environments, which includes production processes and device roles, creates substantial challenges for secure deployment. The authors introduce a bottom-up, industrial role-oriented verification framework (IROVF) for manufacturing line deployment. IROVF incorporates SCADA's MTU and RTU components, which are mapped to distinct device roles. This provides authentication and least-privilege principles that are tailored to factory environments. The proposed framework designs an alarm strategy, which can be helpful to detect and report potential operational disruptions during runtime, thus minimizing impact on system availability. Experimental results demonstrate the superior security coverage of the proposed framework compared to existing research, while a comprehensive application scenario validates its practical applicability. The scalable security parameters of IROVF allow organizations to select appropriate security levels based on their specific requirements. IROVF provides an effective security solution for modern industrial control systems during deployment phases.	10.1109/TNSM.2026.3672975
Pietro Spadaccino, Paolo Di Lorenzo, Sergio Barbarossa, Antonia M. Tulino, Jaime Llorca	SPARQ: An Optimization Framework for the Distribution of AI-Intensive Applications under Non-Linear Delay Constraints	2026	Early Access	Computational modeling Delays Resource management	Next-generation real-time compute-intensive applications, such as extended reality, multi-user gaming, and autonomous transportation, are increasingly composed of heterogeneous AI-intensive functions with diverse resource requirements and stringent latency constraints. While recent advances have enabled very efficient algorithms for joint service placement, routing, and resource allocation for increasingly complex applications, current models fail to capture the non-linear relationship between delay and resource usage that becomes especially relevant in AI-intensive workloads. In this paper, we extend the cloud network flow optimization framework to support queueing-delay-aware orchestration of distributed AI applications over edge-cloud infrastructures. We introduce two execution models, Guaranteed-Resource (GR) and Shared-Resource (SR), that more accurately capture how computation and communication delays emerge from system-level resource constraints. These models incorporate M/M/1 and M/G/1 queue dynamics to represent dedicated and shared resource usage, respectively. The resulting optimization problem is non-convex due to the non-linear delay terms. To overcome this, we develop SPARQ, an iterative approximation algorithm that decomposes the problem into two convex sub-problems, enabling joint optimization of service placement, routing, and resource allocation under nonlinear delay constraints. The modeling approach is validated against real-world data. Simulation results demonstrate that the SPARQ not only offers a more faithful representation of system delays, but also substantially improves resource efficiency and the overall cost-delay tradeoff compared to existing state-of-the-art methods.	10.1109/TNSM.2026.3673194