TNSM Searchable Index

Author(s)	Title	Year	Publication	Keywords
Pietro Spadaccino, Paolo Di Lorenzo, Sergio Barbarossa, Antonia M. Tulino, Jaime Llorca	SPARQ: An Optimization Framework for the Distribution of AI-Intensive Applications under Non-Linear Delay Constraints	2026	Early Access	Computational modeling Delays Resource management	Next-generation real-time compute-intensive applications, such as extended reality, multi-user gaming, and autonomous transportation, are increasingly composed of heterogeneous AI-intensive functions with diverse resource requirements and stringent latency constraints. While recent advances have enabled very efficient algorithms for joint service placement, routing, and resource allocation for increasingly complex applications, current models fail to capture the non-linear relationship between delay and resource usage that becomes especially relevant in AI-intensive workloads. In this paper, we extend the cloud network flow optimization framework to support queueing-delay-aware orchestration of distributed AI applications over edge-cloud infrastructures. We introduce two execution models, Guaranteed-Resource (GR) and Shared-Resource (SR), that more accurately capture how computation and communication delays emerge from system-level resource constraints. These models incorporate M/M/1 and M/G/1 queue dynamics to represent dedicated and shared resource usage, respectively. The resulting optimization problem is non-convex due to the non-linear delay terms. To overcome this, we develop SPARQ, an iterative approximation algorithm that decomposes the problem into two convex sub-problems, enabling joint optimization of service placement, routing, and resource allocation under nonlinear delay constraints. The modeling approach is validated against real-world data. Simulation results demonstrate that the SPARQ not only offers a more faithful representation of system delays, but also substantially improves resource efficiency and the overall cost-delay tradeoff compared to existing state-of-the-art methods.	10.1109/TNSM.2026.3673194
Máté Nagy, Tamás Lévai, Felicián Németh, Aurojit Panda, Gianni Antichi, Gábor Rétvári	Elastic Scaling of Real Time Communication Services	2026	Early Access	Media Servers WebRTC	Real-time Communications (RTC) services, including multiparty conferencing, live streaming, and cloud-gaming, rely on a large-scale media plane infrastructure that provides real-time audio/video processing to clients. Unfortunately, offthe- shelf RTC services are not elastically scalable. As a result, operators must provision media servers to meet peak demand, resulting in resource under-utilization and high cost. Given that today microservice orchestrators like Kubernetes allow web-services to scale transparently and econimically, this paper looks at applying the same approach to scale large-scale RTC services. We find that this is challenging for two reasons: (a) the default network dataplane underlying Kubernetes does not meet the compelling traffic management, performance and real-time requirements of RTC; and (b) current autoscaling policies are ill-suited to RTC. We address these challenges by designing a RTC-specific service mesh that pushes media traffic processing into the OS kernel and designing new RTC-specific Kubernetes autoscaling policies. Our evaluation on a functional VoIP test-bed shows that this combination allows to deploy elatically scalable RTC services with 100× lower-jitter and 700× lower RTT than the current state-of-the art.	10.1109/TNSM.2026.3674598
Yanxu Lin, Renzhong Zhong, Jingnan Xie, Yueting Zhu, Byung-Gyu Kim, Saru Kumari, Shakila Basheer, Fatimah Alhayan	Privacy-Preserving Digital Publishing Framework for Next-Generation Communication Networks: A Verifiable Homomorphic Federated Learning Approach	2026	Early Access	Electronic publishing Federated learning Cryptography	Next-generation communication networks are revolutionizing digital publishing through intelligent content distribution and collaborative optimization capabilities. However, existing federated learning approaches face fundamental limitations, including trusted third-party dependencies, excessive communication overhead, and vulnerability to collusion attacks between servers and participants. This paper introduces VHFL-DP, a verifiable homomorphic federated learning framework for digital publishing environments operating within 6G network infrastructures. The framework addresses critical privacy and scalability challenges through four key innovations: a distributed cryptographic key generation protocol that eliminates trusted third-party requirements, Chinese remainder theorem-based dimensionality reduction, auxiliary validation nodes that enable independent verification with constant-time complexity, and an intelligent incentive mechanism that rewards digital publishing platforms based on objective contribution quality metrics. Experimental evaluation on MNIST and Amazon reviews datasets across six baseline methods demonstrates that VHFL-DP achieves superior performance with accuracy improvements of 4.2% over the best baseline method. The framework maintains constant verification time ranging from 2.73 to 2.91 seconds regardless of platform count, increasing from ten to fifty, or dropout rates reaching thirty percent. Security evaluation reveals strong resilience with only 2.4 percentage point accuracy degradation under poisoning attacks compared to 6.7-7.0 points for baseline method, inference attack success near random guessing at 51.3%, and 92.4% successful aggregation under Byzantine adversaries.	10.1109/TNSM.2026.3667167
Junqing Wang, Lejun Zhang, Zhihong Tian, Kejia Zhang, Shen Su, Jing Qiu, Yanbin Sun, Ran Guo	6Global: Dynamic IPv6 Active Address Scanning Assisted by Global Perspective	2026	Early Access	Clustering algorithms Heuristic algorithms 6G mobile communication	Network scanning is crucial for both network management and cybersecurity. However, due to the vast address space of IPv6, brute-force scanning is infeasible. Seed-based target generation algorithms have recently attracted considerable research attention. However, existing target generation algorithms lack a deeper exploration of patterns, leading to poor capture of dense regions and consequently low hitrate. To address this issue, we propose 6Global, a dynamic IPv6 active address scanning method assisted by global perspective. 6Global first performs rapid clustering of seed addresses based on their descriptive attributes. Then, for each cluster, patterns are generated in a bottom-up manner based on entropy, using subranges to represent patterns and resulting in denser patterns. Finally, dynamic scanning is conducted using these patterns. During scanning, the reward of each pattern is dynamically adjusted based on its active density and global statistics, which enhances the capability in capturing dense regions. Experimental results on six seed datasets show that 6Global overall outperforms seven baseline methods and demonstrates significant advantages across multiple datasets.	10.1109/TNSM.2026.3674490
Suraj Kumar, Soumi Chattopadhyay, Chandranath Adak	Anomaly Resilient Temporal QoS Prediction using Hypergraph Convoluted Transformer Network	2026	Early Access	Quality of service Accuracy Transformers	Quality-of-Service (QoS) prediction is a critical task in the service lifecycle, enabling precise and adaptive service recommendations by anticipating performance variations over time in response to evolving network uncertainties and user preferences. However, contemporary QoS prediction methods frequently encounter data sparsity and cold-start issues, which hinder accurate QoS predictions and limit the ability to capture diverse user preferences. Additionally, these methods often assume QoS data reliability, neglecting potential credibility issues such as outliers and the presence of greysheep users and services with atypical invocation patterns. Furthermore, traditional approaches fail to leverage diverse features, including domain-specific knowledge and complex higher-order patterns, essential for accurate QoS predictions. In this paper, we introduce a real-time, trust-aware framework for temporal QoS prediction to address the aforementioned challenges, featuring an end-to- end deep architecture called the Hypergraph Convoluted Transformer Network (HCTN). HCTN combines a hypergraph structure with graph convolution over hyper-edges to effectively address high-sparsity issues by capturing complex, high-order correlations. Complementing this, the transformer network utilizes multi-head attention along with parallel 1D convolutional layers and fully connected dense blocks to capture both fine-grained and coarse-grained dynamic patterns. Additionally, our approach includes a sparsity-resilient solution for detecting greysheep users and services, incorporating their unique characteristics to improve prediction accuracy. Trained with a robust loss function resistant to outliers, HCTN demonstrated state-of-the-art performance on the large-scale WSDREAM-2 datasets for response time and throughput.	10.1109/TNSM.2026.3674650
Mohammed Mahyoub, Wael Jafar, Sami Muhaidat, Halim Yanikomeroglu	STARS: Stability-Aware SFC Orchestration and Associations in LEO Satellite Networks	2026	Early Access	Satellites Resource management Low earth orbit satellites	Low Earth orbit (LEO) satellite networks present critical challenges for security function chain (SFC) orchestration and associations due to rapid topology changes, resource volatility, and heterogeneous service requirements that render conventional SFC optimization approaches ineffective. To tackle this issue, we introduce here STARS, an optimization framework that fundamentally transforms the sequential time-window optimization for SFC orchestration and satellite association through three techniques: (1) Stability-aware regularization that penalizes configuration changes across time windows, thus reducing handovers by 54% and security function migrations by 33%; (2) Temporal decoupling that leverages solutions from prior time windows as warm-start seeds and dynamic repairing using real-time visibility constraints; and (3) Hierarchical decoupling that separates satellite association and SFC placement into computationally efficient stages, thus reducing time complexity. Through rigorous formulation as a mixed-integer non-linear programming (MINLP) and simulation-based evaluation, STARS achieves a 57% reduction in optimization solution time, a 7% reduction in the load of deployed security function instances, and efficient CPU utilization (9.81% increase) compared to benchmark schemes. STARS delivers these substantial benefits without any degradation in end-to-end delay. Note that the reported performance values are based on our specific system parameter choices and simulation setup and may not be universally representative. The co-design of stability mechanisms and decoupling strategies establishes STARS as a new paradigm for resilient satellite network optimization, balancing optimality, continuity, and computational tractability under high LEO satellite dynamicity.	10.1109/TNSM.2026.3674391
Jingyu Wang, Bo He, Jinyu Zhao, Yixin Xuan, Haifeng Sun, Qi Qi, Junzhe Liang, Zirui Zhuang, Jianxin Liao	LLM-powered Intent-driven Configuration Generation for Multi-vendor Networks	2026	Early Access		Network configuration management has become increasingly complex, inefficient, and prone to errors due to frequent updates in command structures and the prevalence of multi-vendor network infrastructures. To tackle these challenges, this paper introduces a novel cognitive communication approach, formulating a new task called intent-driven multi-vendor network configuration generation. Within the broader intent-based networking lifecycle, this task specifically targets the realization and command generation stage—translating natural language operational intents into accurate and syntactically valid network commands compatible with multiple vendors, rather than addressing high-level intent interpretation or decomposition. Three primary challenges are addressed: syntactical command validity, vendor-specific syntax diversity, and outdated or inconsistent network knowledge. We propose ConfGen, a cognitive and intent-driven multi-vendor configuration generation framework that consists of two phases: vendor-agnostic syntax retrieval and syntax-constrained command generation. In the first phase, a cognitive retrieval mechanism and reranking strategy identify the most relevant syntax structures based on user intents, while vendor-specific syntax components are effectively generalized. The second phase employs a Large Language Model (LLM) guided by retrieved syntax constraints and user intents to generate precise and valid network commands. To ensure syntactical correctness and vendor compatibility, syntax-constrained decoding strategies are integrated into the LLM generation process. Extensive experimental evaluations conducted on a novel dataset containing network commands from Huawei, Cisco, Nokia, and Juniper demonstrate the superiority of ConfGen. Results confirm significant performance improvements over state-of-the-art solutions in generating accurate, multi-vendor-compatible network configurations driven by user intent.	10.1109/TNSM.2026.3675409
Yalan Wu, Zhibing Fang, Jiale Huang, Longkun Guo, Jigang Wu	Vehicle Coalition Based Incentive Algorithm for Model Deployment and Task Offloading	2026	Early Access	Inference algorithms Quality of service Artificial neural networks	In vehicular edge computing (VEC), efficient strategies for model deployment and task offloading provide tremendous potential to improve quality of services for deep neural network (DNN) inference. However, existing works fail to co-consider selfishness and cooperation of vehicles and characteristic of DNN inference tasks, which results in a bottleneck of performance improvement for DNN inference in VEC. This paper aims to fill this gap by investigating a joint model deployment and task offloading problem for DNN inference in VEC. We formulate a problem with an objective of maximizing social welfare, under constraints of per task accuracy level, per vehicle/roadside unit utility, etc. To solve the problem, an incentive algorithm, called ICA, is proposed based on coalition game and auction mechanism by joint model deployment and task offloading for DNN inference in VEC. Additionally, an incentive algorithm, called IDA, is proposed based on deep reinforcement learning and auction mechanism to maximize the social welfare. Besides, we prove that the proposed algorithms guarantee essential economic properties, i.e., truthfulness and individual rationality. We also prove that the proposed algorithms converge, and that the final coalition structure generated by ICA is Nash-stable. Extensive simulation results show that the proposed algorithms outperform the state-of-the-art methods for all cases, in terms of social welfare.	10.1109/TNSM.2026.3674158
Mohammad Rasool Momeni, Abdollah Jabbari, Carol Fung	An Efficient and Secure Smart Parking System with Conditional Preservation of Citizens Privacy for Smart Cities	2026	Early Access	Privacy Automated parking Security	The ever-increasing world population and the number of vehicles in use have made it more difficult for drivers to find suitable parking lots in large cities. When public parking is insufficient, private parking space sharing could be a solution to alleviate the problem. In the context of private parking reservation, parking owners and drivers share their parking offers and inquiries that consist of private information, such as identity, parking spot, and desired location. Hence, cyber attacks and data leaks can reveal sensitive information about citizens. Therefore, it could be a major barrier to utilize private parking spots. To address this issue, we propose an efficient, secure, and privacy-preserving smart parking system. We use robust security methods, such as proxy re-encryption and certificateless public-key cryptography, to achieve security. We also employ cutting-edge privacy-enhancing technologies, such as (partially) blind signature and symmetric private information retrieval (SPIR), to preserve citizens’ privacy. Moreover, Shamir’s threshold secret sharing is used to provide conditional privacy. Comprehensive security and privacy analysis using the Random Oracle model and the Scyther tool demonstrates that our design is robust against relevant attacks and effectively protects citizens’ privacy. Ultimately, our performance analysis indicates that the proposed scheme is efficient, lightweight, and feasible. In particular, it achieves an average reduction of approximately 73% in communication overhead.	10.1109/TNSM.2026.3673982
Raffaele Carillo, Francesco Cerasuolo, Giampaolo Bovenzi, Domenico Ciuonzo, Antonio Pescapé	A Federated and Incremental Network Intrusion Detection System for IoT Emerging Threats	2026	Early Access	Training Incremental learning Adaptation models	Ensuring network security is increasingly challenging, especially in the Internet of Things (IoT) domain, where threats are diverse, rapidly evolving, and often device-specific. Hence, Network Intrusion Detection Systems (NIDSs) require (i) being trained on network traffic gathered in different collection points to cover the attack traffic heterogeneity, (ii) continuously learning emerging threats (viz., 0-day attacks), and (iii) be able to take attack countermeasures as soon as possible. In this work, we aim to improve Artificial Intelligence (AI)-based NIDS design & maintenance by integrating Federated Learning (FL) and Class Incremental Learning (CIL). Specifically, we devise a Federated Class Incremental Learning (FCIL) framework–suited for early-detection settings—that supports decentralized and continual model updates, investigating the non-trivial intersection of FL algorithms with state-of-the-art CIL techniques to enable scalable, privacy-preserving training in highly non-IID environments. We evaluate FCIL on three IoT datasets across different client scenarios to assess its ability to learn new threats and retain prior knowledge. The experiments assess potential key challenges in generalization and few-sample training, and compare NIDS performance to monolithic and centralized baselines.	10.1109/TNSM.2026.3675031
Francesco Chiti, Simone Morosi, Laura Pierucci	Multiple SDN Controllers Placement for Integrated Satellite/Terrestrial Network	2026	Early Access	Satellites Satellite broadcasting Low earth orbit satellites	The integration of Terrestrial Networks (TN) and Non Terrestrial Networks (NTN) has been explored within the 3GPP standardization forum, and it is now being extended toward discussions on the future 6G vision. An integrated T/NTN is highly heterogeneous and requires different communication protocols and links for each layer, resulting in increased network management and control complexity. The Software Defined Networking (SDN) paradigm can enable unified and efficient T/NTN management, allowing full resource optimization of the satellites, radio access and core network. This paper proposes an optimized SDN-based T/NTN architecture, where Low Earth Orbit (LEO) satellites are dynamically selected to act as multiple SDN controllers if the terrestrial network becomes saturated or unavailable, or to jointly operate with the terrestrial controllers under the coordination of a central terrestrial controller. From this perspective, the number of the SDN controllers and their placement are of paramount importance. A multi-controller placement strategy is evaluated for the integrated T/NTN using the Simulated Annealing (SA) plus Tabu Search methods to search for the optimal solution in terms of average latency and SDN controllers load, while accounting for the frequent topology variations inherent to LEO satellites. In addition, the design of the SDN architecture for an integrated T/NTN system, and in particular the definition of a distributed SDN control plane (CP) across both the terrestrial and satellite segments, including the specific mechanisms required to enable LEO satellites to operate as controllers, is also addressed. Extensive simulations based on realistic T/NTN topologies, specifically, the terrestrial Agis network and the Iridium NEXT satellite constellation, show that the use of multiple controllers in optimized placements both in terrestrial and satellite segments decreases the average latency and balances the load of each controller. In addition, the proposed controller switching policy adopted for the LEO segment helps to avoid frequent reassignments and improves the reliability of the overall integrated system.	10.1109/TNSM.2026.3673404
Deemah H. Tashman, Soumaya Cherkaoui	Trustworthy AI-Driven Dynamic Hybrid RIS: Joint Optimization and Reward Poisoning-Resilient Control in Cognitive MISO Networks	2026	Early Access	Reconfigurable intelligent surfaces Reliability Optimization	Cognitive radio networks (CRNs) are a key mechanism for alleviating spectrum scarcity by enabling secondary users (SUs) to opportunistically access licensed frequency bands without harmful interference to primary users (PUs). To address unreliable direct SU links and energy constraints common in next-generation wireless networks, this work introduces an adaptive, energy-aware hybrid reconfigurable intelligent surface (RIS) for underlay multiple-input single-output (MISO) CRNs. Distinct from prior approaches relying on static RIS architectures, our proposed RIS dynamically alternates between passive and active operation modes in real time according to harvested energy availability. We also model our scenario under practical hardware impairments and cascaded fading channels. We formulate and solve a joint transmit beamforming and RIS phase optimization problem via the soft actor-critic (SAC) deep reinforcement learning (DRL) method, leveraging its robustness in continuous and highly dynamic environments. Notably, we conduct the first systematic study of reward poisoning attacks on DRL agents in RIS-enhanced CRNs, and propose a lightweight, real-time defense based on reward clipping and statistical anomaly filtering. Numerical results demonstrate that the SAC-based approach consistently outperforms established DRL base-lines, and that the dynamic hybrid RIS strikes a superior trade-off between throughput and energy consumption compared to fully passive and fully active alternatives. We further show the effectiveness of our defense in maintaining SU performance even under adversarial conditions. Our results advance the practical and secure deployment of RIS-assisted CRNs, and highlight crucial design insights for energy-constrained wireless systems.	10.1109/TNSM.2026.3660728
Ying-Chin Chen, Chit-Jie Chew, Wei-Bin Lee, Iuon-Chang Lin, Jun-San Lee	IROVF:Industrial Role-Oriented Verification Framework for safeguarding manufacture line deployment	2026	Early Access	Security Manufacturing Standards	Traditionally, industrial control systems operate in isolated networks with proprietary solutions. As smart factories and digital twins have become inevitable with AI advancement, the rapid adoption of Industrial Internet of Things (IIoT) devices has significantly increased cybersecurity risks. More precisely, the complexity of industrial environments, which includes production processes and device roles, creates substantial challenges for secure deployment. The authors introduce a bottom-up, industrial role-oriented verification framework (IROVF) for manufacturing line deployment. IROVF incorporates SCADA's MTU and RTU components, which are mapped to distinct device roles. This provides authentication and least-privilege principles that are tailored to factory environments. The proposed framework designs an alarm strategy, which can be helpful to detect and report potential operational disruptions during runtime, thus minimizing impact on system availability. Experimental results demonstrate the superior security coverage of the proposed framework compared to existing research, while a comprehensive application scenario validates its practical applicability. The scalable security parameters of IROVF allow organizations to select appropriate security levels based on their specific requirements. IROVF provides an effective security solution for modern industrial control systems during deployment phases.	10.1109/TNSM.2026.3672975
Amin Mohajer, Abbas Mirzaei, Mostafa Darabi, Xavier Fernando	Joint SLA-Aware Task Offloading and Adaptive Service Orchestration with Graph-Attentive Multi-Agent Reinforcement Learning	2026	Early Access	Quality of service Resource management Observability	Coordinated service offloading is essential to meet Quality-of-Service (QoS) targets under non-stationary edge traffic. Yet conventional schedulers lack dynamic prioritization, causing deadline violations for delay-sensitive, lower-priority flows. We present PRONTO, a multi-agent framework with centralized training and decentralized execution (CTDE) that jointly optimizes SLA-aware offloading and adaptive service orchestration. PRONTO builds on Twin Delayed Deep Deterministic Policy Gradient (TD3) and incorporates spatiotemporal, topology-aware graph attention with top-K masking and temperature scaling to encode neighborhood influence at linear coordination cost. Gated Recurrent Units (GRUs) filter temporal features, while a hybrid reward couples task urgency, SLA satisfaction, and utilization costs. A priority-aware slicing policy divides bandwidth and compute between latency-critical and throughput-oriented flows. To improve robustness, we employ stability regularizers (temporal smoothing and confidence-weighted neighbor alignment), mitigating action jitter under bursts. Extensive evaluations show superior QoS and channel utilization, with up to 27.4% lower service delay and over 18% higher SLA Satisfaction Rate (SSR) compared with strong baselines.	10.1109/TNSM.2026.3673188
Junyan Guo, Shuang Yao, Yue Song, Le Zhang, Xu Han, Liyuan Chang	EF-CPPA: Escrow-Free Conditional Privacy-Preserving Authentication Scheme for Real-Time Emergency Messages in Smart Grids	2026	Early Access	Authentication Smart grids Security	Timely and secure emergency message delivery is critical to resilient smart-grid operation and rapid disturbance response. However, existing schemes remain inadequate, leaving smart grids vulnerable to security and privacy threats and causing verification bottlenecks, particularly when nonlinear emergency measurements cannot be homomorphically aggregated, which prevents bandwidth-efficient in-network aggregation and scalable batch verification. We propose EF-CPPA, an escrow-free, conditional privacy-preserving authentication scheme for real-time emergency messaging in smart grids. EF-CPPA enables smart meters to deliver authenticated emergency messages to the CC via power gateways verifiable as legitimate relays, while ensuring the confidentiality, integrity, and unlinkability of embedded nonlinear measurements. EF-CPPA further provides conditional anonymity with accountable tracing, as well as origin authentication, intra-domain verification, and scalable batch verification under bursty multi-meter messaging. An ECDLP-based escrow-free key-generation mechanism reduces reliance on the CC and enables efficient node joining and revocation. Security analysis shows that EF-CPPA achieves existential unforgeability under chosen-message attacks (EUF-CMA) and satisfies the stated security and privacy requirements. Performance evaluation demonstrates low computational, communication, energy, and node-management overhead, making EF-CPPA suitable for security-critical, time-sensitive smart-grid emergency messaging.	10.1109/TNSM.2026.3672754
Wenxue Hu, Lei Sun, Zhangchao Ma, Rong Huang, Yushan Pei, Jianquan Wang	A Novel Time-Window Scheduling Algorithm With Network Calculus Model in Time-Sensitive Networking	2026	Early Access	Job shop scheduling Optimization Switches	Traffic scheduling plays a critical role in Time-Sensitive Networking (TSN) for ensuring high reliability and deterministic latency. In this paper, we propose a novel window-based scheduling approach for the Time-Aware Shaper (TAS). By allowing packets to wait in egress queues before forwarding, our approach relaxes the strict timing constraints imposed by existing packet-based schedulers. We employ a generalized Network Calculus (NC) framework built on an End-to-End (E2E) network model, to analyze the upper-bound latency, which is then used to assess the schedulability of Time-Critical (TC) traffic. Inspired by the Proportional–Integral–Derivative (PID) closed-loop control architecture, we introduce an Incremental PID-based Search (IPS) algorithm to optimize schedulability, where the P, I, and D terms are leveraged to scale update steps, maintain search momentum, and dampen the oscillations, respectively. To accommodate various traffic classes, throughput constraints for non-TC traffic are incorporated as bounds on window lengths. Simulation experiments were performed on a multi-node network topology carrying large traffic volumes. Under optimal PID settings, the proposed IPS algorithm was evaluated against the well-validated Simulated Annealing (SA) method under a unified scheduling framework with identical decision variables and constraints to ensure a fair comparison. Results show that IPS consistently achieves higher schedulability and requires fewer iterations for flow counts ranging from 100 to 600. Furthermore, a real-time simulation platform based on OMNeT++ was developed, and the effectiveness of the proposed wait-allowed scheduling model was validated through optimized GCL configurations.	10.1109/TNSM.2026.3673031
Jing Zhang, Chao Luo, Rui Shao	MTG-GAN: A Masked Temporal Graph Generative Adversarial Network for Cross-Domain System Log Anomaly Detection	2026	Early Access	Anomaly detection Adaptation models Generative adversarial networks	Anomaly detection of system logs is crucial for the service management of large-scale information systems. Nowadays, log anomaly detection faces two main challenges: 1) capturing evolving temporal dependencies between log events to adaptively tackle with emerging anomaly patterns, 2) and maintaining high detection capabilities across varies data distributions. Existing methods rely heavily on domain-specific data features, making it challenging to handle the heterogeneity and temporal dynamics of log data. This limitation restricts the deployment of anomaly detection systems in practical environments. In this article, a novel framework, Masked Temporal Graph Generative Adversarial Network (MTG-GAN), is proposed for both conventional and cross-domain log anomaly detection. The model enhances the detection capability for emerging abnormal patterns in system log data by introducing an adaptive masking mechanism that combines generative adversarial networks with graph contrastive learning. Additionally, MTG-GAN reduces dependency on specific data distribution and improves model generalization by using diffused graph adjacency information deriving from temporal relevance of event sequence, which can be conducive to improve cross-domain detection performance. Experimental results demonstrate that MTG-GAN outperforms existing methods on multiple real-world datasets in both conventional and cross-domain log anomaly detection.	10.1109/TNSM.2026.3654642
Wenjing Jing, Quan Zheng, Siwei Peng, Shuangwu Chen, Xiaobin Tan, Jian Yang	Equivalent Characteristic Time Approximation Based Network Planning for Cache-enabled Networks	2026	Early Access	Planning Resource management Costs	The exponential surge in network traffic has imposed significant challenges on traditional Internet architectures, resulting in high latency and redundant transmissions. Cache-enabled networks alleviate these issues by deploying content closer to end-users, making the planning of such networks a research focus. However, regional heterogeneity in user demand and caching interdependencies among hierarchical nodes complicate the planning process. Most existing approaches rely on simplistic even allocation or empirical methods, which fail to simultaneously meet user performance expectations and minimize deployment costs. This paper proposes a network planning framework based on the Equivalent Characteristic Time Approximation (ECTA). The approach begins by establishing a performance–resource mapping. Using ECTA, we decouple the tightly coupled characteristic time relationships across hierarchical nodes, thereby accurately estimating the required cache capacity and bandwidth needed to achieve user performance targets. Building on this foundation, we formulated the network planning as a constrained convex optimization problem that minimizes deployment cost while satisfying user performance constraints. We conducted extensive experiments on a large-scale simulation platform (ndnSIM) and a real-world cache-enabled network testbed (CENI-HeFei). The results demonstrate that, under identical network topologies and total resource constraints, our method significantly improves cache hit probability while reducing deployment costs compared to homogeneous resource allocation schemes. This work provides a practical theoretical foundation and valuable insights for the design, deployment, and optimization of future cache-enabled networks.	10.1109/TNSM.2026.3670399
Woojin Jeon, Donghyun Yu, Ruei-Hau Hsu, Jemin Lee	Secure Data Sharing Framework with Fine-grained Access Control and Privacy Protection for IoT Data Marketplace	2026	Early Access	Internet of Things Encryption Access control	The proliferation of IoT devices has led to an exponential increase in data generation, creating new opportunities for data marketplaces. However, due to the security and privacy issues arising from the sensitive nature of IoT data, as well as the need for efficient management of vast amounts of IoT data, a robust solution is necessary. Therefore, this paper proposes a secure data sharing framework with fine-grained access control and privacy protection for the internet of things (IoT) data marketplace. For fine-grained access control of the data in the proposed protocol, we develop the hidden attributes and encryption outsourced key-policy attribute-based encryption (HAEO-KP-ABE) that outsources high-complex operations to peripheral devices with high capability to reduce the computation burden of IoT device. It achieves data privacy by hiding attributes in the ciphertext and by preventing entities that do not hold the data consumer’s secret key material (including SA/CS) from running the match test on stored ciphertexts before decryption. It also has an efficient match test algorithm which can verify that the hidden attributes of the ciphertext match the access policy of the data consumer’s private key without revealing those attributes. We demonstrate the proposed protocol satisfies the security features required for the data sharing process in an IoT data marketplace environment. Furthermore, we evaluate the execution time of the proposed protocol according to the number of attributes and show the practicality and efficiency of the proposed protocol compared to the related works.	10.1109/TNSM.2026.3670207
Shaohui Gong, Luohao Tang, Jianjiang Wang, Quan Chen, Cheng Zhu	A Key Node Set Analysis Method For Regional Service Denial In Mega-Constellation Networks	2026	Early Access	Satellites Measurement Analytical models	Mega-constellation networks (MCNs) face the significant threats of regional service denial attacks. To improve the robustness of regional services in MCNs against such attacks, a cost-effective approach is to identify key node sets for targeted protection efforts. This paper formally defines the key node set analysis problem for regional service denial in MCNs and develops a comprehensive solution framework. First, we develop a regional service capability analysis model that considers the dynamic collaboration of multiple satellites within regional communication service scenarios in MCNs, alongside a temporal network model for their collaborative relationships. Next, we design a multi-satellite criticality metric that quantifies the multi-dimensional impacts of satellite node set failures on regional service capabilities. Building on these, we construct a mixed-integer programming-based key node set analysis model to achieve precise identification of key node sets. Finally, simulation experiments are conducted to verify and analyze the proposed methods, providing insights to enhance the robustness of regional services in MCNs.	10.1109/TNSM.2026.3672157