Network

Recent advances in quantum computing have prompted urgent consideration of the migration of classical cryptographic systems to post-quantum alternatives. However, it is impossible to fully understand the impact that migrating to current Post-Quantum Cryptography (PQC) algorithms will have on various applications without the actual implementation of quantum-resistant cryptography. On the other hand, PQC algorithms come with complexity and long processing times, which may impact the quality of service (QoS) of many applications. Therefore, PQC-based protocols with practical implementations across various applications are essential. This paper introduces a new framework for PQC standalone and PQC–AES (Advanced Encryption Standard) hybrid public-key encryption (PKE) protocols. Building on prior results, we focus on securing applications such as file transfer, video streaming, and chat-based communication using enhanced PQC-based protocols. The extended PQC-based protocols use a sequence number-based mechanism to effectively counter replay and man-in-the-middle attacks and mitigate standard cybersecurity attack vectors. Experimental evaluations examined encryption/decryption speeds, throughput, and processing overhead for the standalone PQC and the PQC–AES hybrid schemes, benchmarking them against traditional AES-256 in an existing client–server environment. The results demonstrate that the new approaches achieve a significant balance between security and system performance compared to conventional deployments. Furthermore, a comprehensive security analysis confirms the robustness and effectiveness of the proposed PQC-based protocols across diverse attack scenarios. Notably, the PQC–AES hybrid protocol demonstrates greater efficiency for applications handling larger data volumes (e.g., 10–100 KB) with reduced latency, underscoring the practical necessity of carefully balancing security and operational efficiency in the post-quantum migration process. Full article

Cloud computing has witnessed rapid growth and notable technological progress in recent years. Nevertheless, it is still regarded as being in its early developmental phase, with substantial potential remaining to be explored—particularly through integration with emerging technologies such as the Metaverse, Augmented Reality (AR), and Virtual Reality (VR). As the number of service users increases, so does the demand for computational resources, leading data owners to outsource processing tasks to remote cloud servers. The internet-based delivery of cloud computing services consequently expands the attack surface and impacts the trust relationship between the service user and the service provider. To address these challenges, this study proposes a restricted access control framework based on homomorphic encryption (HE) and identity-based encryption (IBE) mechanisms. A formal analysis of the proposed model is also conducted under an unauthenticated communication model. Simulation results indicate that the proposed approach achieves a 20–40% reduction in encryption and decryption times, respectively, compared with existing state-of-the-art homomorphic encryption schemes. The simulation was performed using a 2048-bit key and data size, consistent with current industry standards, to improve key management efficiency. Additionally, the role-based hierarchy was implemented in a Salesforce cloud environment to ensure secure and restricted access control. Full article

As optical networks operate using light-based transmission, assigning wavelengths to the paths taken by traffic demands is a key aspect of their design. This paper revisits the wavelength assignment problem in optical backbone networks, focusing on survivability via 1 + 1 Optical Chanel (OCh) protection, which ensures fault tolerance by duplicating data over two disjoint optical paths. The analysis gives great emphasis to studying the influence of topological parameters on wavelength requirements, with algebraic connectivity being identified as the most significant parameter. The results show that, across a set of 27 real-world networks, the wavelength increment factor, defined as the ratio between the number of wavelengths required with protection and without protection, ranges from 1.49 to 3.07, with a mean value of 2.26. Using synthetic data, formulas were derived to estimate this factor from network parameters, resulting in a mean relative error of 12.7% and errors below 15% in 70% of the real-world cases studied. Full article

Cloud computing faces growing challenges in energy consumption due to the increasing demand for services and resource usage in data centers. To address this issue, we propose a novel energy-efficient virtual machine (VM) placement strategy that integrates reinforcement learning (Q-learning), a Firefly optimization algorithm, and a VM sensitivity classification model based on random forest and self-organizing map. The proposed method, RLVMP, classifies VMs as sensitive or insensitive and dynamically allocates resources to minimize energy consumption while ensuring compliance with service level agreements (SLAs). Experimental results using the CloudSim simulator, adapted with data from Microsoft Azure, show that our model significantly reduces energy consumption. Specifically, under the lr_1.2_mmt strategy, our model achieves a 5.4% reduction in energy consumption compared to PABFD, 12.8% compared to PSO, and 12% compared to genetic algorithms. Under the iqr_1.5_mc strategy, the reductions are even more significant: 12.11% compared to PABFD, 15.6% compared to PSO, and 18.67% compared to genetic algorithms. Furthermore, our model reduces the number of live migrations, which helps minimize SLA violations. Overall, the combination of Q-learning and the Firefly algorithm enables adaptive, SLA-compliant VM placement with improved energy efficiency. Full article

The explosion of connected devices and data transmission in the Internet of Things (IoT) era brings substantial burden on the capability of cloud computing. Moreover, these IoT devices are mostly positioned at the edge of a network and limited in resources. To address these challenges, edge cloud-distributed computing networks emerge. Because of the distributed nature of edge cloud networks, many research works considering software defined networks (SDNs) and network–function–virtualization (NFV) could be key enablers for managing, orchestrating, and load balancing resources. This article provides a comprehensive survey of these emerging technologies, focusing on SDN controllers, orchestration, and the function of artificial intelligence (AI) in enhancing the capabilities of controllers within the edge cloud computing networks. More specifically, we present an extensive survey on the research proposals on the integration of SDN controllers and orchestration with the edge cloud networks. We further introduce a holistic overview of SDN-enabled edge cloud networks and an inclusive summary of edge cloud use cases and their key challenges. Finally, we address some challenges and potential research directions for further exploration in this vital research area. Full article

The Technique for Order Preference by Similarity to Ideal Solution (TOPSIS) is widely recognized as an effective multi-criteria decision-making algorithm for handover management in terrestrial cellular networks, especially in scenarios involving dynamic and multi-faceted criteria. While TOPSIS is widely adopted in terrestrial cellular networks for handover management, its application in satellite networks, particularly in Low Earth Orbit (LEO) constellations, remains limited and underexplored. In this work, the performance of three TOPSIS algorithms is evaluated for handover management in LEO satellite networks, where efficient handover management is crucial due to rapid changes in satellite positions and network conditions. Sensitivity analysis is conducted on Standard Deviation TOPSIS (SD-TOPSIS), Entropy-TOPSIS, and Importance-TOPSIS in the context of LEO satellite networks, assessing their responsiveness to small variations in key performance metrics such as upload speed, download speed, ping, and packet loss. This study uses real-world data from “Starlink-on-the-road-Dataset”. Results show that SD-TOPSIS effectively optimizes handover management in dynamic LEO satellite networks thanks to its lower standard deviation scores and reduced score variation rate, thus demonstrating superior stability and lower sensitivity to small variations in performance metrics values compared to both Entropy-TOPSIS and Importance-TOPSIS. This ensures more consistent decision-making, avoidance of unnecessary handovers, and enhanced robustness in rapidly-changing network conditions, making it particularly suitable for real-time services that require stable, low-latency, and reliable connectivity. Full article

The integration of Internet of Things (IoT) technology into the agricultural sector enables the collection and analysis of large amounts of data, facilitating greater control over internal processes, resulting in cost reduction and improved quality of the final product. One of the main challenges in designing an IoT system is the need for interoperability among devices: different sensors collect information in non-homogeneous formats, which are often incompatible with each other. Therefore, the user of the system is forced to use different platforms and software to consult the data, making the analysis complex and cumbersome. The solution to this problem lies in the adoption of an IoT standard that standardizes the output of the data. This paper first provides an overview of the standards and protocols used in precision farming and then presents a system architecture designed to collect measurements from sensors and translate them into a standard. The standard is selected based on an analysis of the state of the art and tailored to meet the specific needs of precision agriculture. With the introduction of a connector device, the system can accommodate any number of different sensors while maintaining the output data in a uniform format. Each type of sensor is associated with a specific connector that intercepts the data intended for the database and translates it into the standard format before forwarding it to the central server. Finally, examples with real sensors are presented to illustrate the operation of the connectors and their role in an interoperable architecture, aiming to combine flexibility and ease of use with low implementation costs. Full article

The increase in new cyber threats is the result of the rapid growth of using the Internet, thus raising questions about the effectiveness of traditional Intrusion Detection Systems (IDSs). Machine learning (ML) technology is used to enhance cybersecurity in general and especially for reactive approaches, such as traditional IDSs. In several instances, it is seen that a single assailant may direct their efforts towards different servers belonging to an organization. This behavior is often perceived by IDSs as infrequent attacks, thus diminishing the effectiveness of detection. In this context, this paper aims to create a machine learning-based IDS model able to detect malicious traffic received by different organizational network interfaces. A centralized proxy server is designed to receive all the incoming traffic at the organization’s servers, scan the traffic by using the proposed IDS, and then redirect the traffic to the requested server. The proposed IDS was evaluated by using three datasets: CIC-MalMem-2022, CIC-IDS-2018, and CIC-IDS-2017. The XGBoost model showed exceptional performance in rapid detection, achieving 99.96%, 99.73%, and 99.84% accuracy rates within short time intervals. The Stacking model achieved the highest level of accuracy among the evaluated models. The developed IDS demonstrated superior accuracy and detection time outcomes compared with previous research in the field. Full article

With the widespread deployment of various emerging intelligent applications, information timeliness is crucial for intelligent decision-making in vehicular networks, where vehicular edge computing (VEC) has become an important paradigm to enhance computing capabilities by offloading tasks to edge nodes. To promote the information timeliness in VEC, an optimization problem is formulated to minimize the age of information (AoI) by jointly optimizing task offloading and subcarrier allocation. Due to the time-varying channel and the coupling of the continuous and discrete optimization variables, the problem exhibits non-convexity, which is difficult to solve using traditional mathematical optimization methods. To efficiently tackle this challenge, we employ a hybrid proximal policy optimization (HPPO)-based deep reinforcement learning (DRL) method by designing the mixed action space involving both continuous and discrete variables. Moreover, an action masking mechanism is designed to filter out invalid actions in the action space caused by limitations in the effective communication distance between vehicles. As a result, a mask-assisted HPPO (MHPPO) method is proposed by integrating the action masking mechanism into the HPPO. Simulation results show that the proposed MHPPO method achieves an approximately 28.9% reduction in AoI compared with the HPPO method and about a 23% reduction compared with the mask-assisted deep deterministic policy gradient (MDDPG). Full article

Localization plays a crucial role in wireless sensor networks (WSNs) and it has sparked significant research interest. GPSs provide quite accurate positioning estimations, but they are ineffective indoors and in environments like underwater. Power usage and cost are further disadvantages, and so many alternatives have been proposed. Many works in the literature still base localization on RSSI measurements and often rely on methods to mitigate the effects of fluctuations in values, so it is important to know real values of RSSIs measured using common devices. This work presents the main localization techniques and exploits a real testbed to collect and evaluate RSSI measurements. An accuracy evaluation and a comparison among several localization techniques are also provided. Full article

Information-centric networking (ICN) is a promising approach to address the limitations of current host-centric IP-based networking. ICN models feature ubiquitous in-network caching to provide faster and more reliable content delivery, name-based routing to provide better scalability, and self-certifying contents to ensure better security. Due to the differences in the core architecture of ICN compared to existing IP-based networks, it requires special considerations to provide quality-of-service (QoS) or quality-of-experience (QoE) support for applications based on ICNs. This paper discusses the latest advances in QoS and QoE research for ICNs. First, an overview of ICN architectures is given, followed by a summary of different factors that influence QoS and QoE. Approaches for improving QoS and QoE in ICNs are then discussed in five main categories: in-network caching, name resolution and routing, transmission and flow control, software-defined networking, and media-streaming-based strategies. Finally, open research questions for providing QoS and QoE support in ICNs are outlined for future research. Full article

Blockchains are designed to produce a secure, append-only sequence of transactions. Establishing transaction sequentiality is typically achieved by underlying consensus protocols that either prevent forks entirely (no-forking-ever) or make forks short-lived. The main challenges facing blockchains are to achieve this no-forking condition while achieving high throughput, low response time, and low energy costs. This paper presents the Bounce blockchain protocol along with throughput and response time experiments. The core of the Bounce system is a set of satellites that partition time slots. The satellite for slot i signs a commit record that includes the hash of the commit record of slot $i-1$ as well as a sequence of zero or more Merkle tree roots whose corresponding Merkle trees each has thousands or millions of transactions. The ledger consists of the transactions in the sequence of the Merkle trees corresponding to the roots of the sequence of commit records. Thus, the satellites work as arbiters that decide the next block(s) for the blockchain. Satellites orbiting around the Earth are harder to tamper with and harder to isolate than terrestrial data centers, though our protocol could work with terrestrial data centers as well. Under reasonable assumptions—intermittently failing but non-Byzantine (i.e., non-traitorous) satellites, possibly Byzantine Ground Stations, and “exposure-averse” administrators—the Bounce System achieves high availability and a no-fork-ever blockchain. Our experiments show that the protocol achieves high transactional throughput (5.2 million transactions per two-second slot), low response time (less than three seconds for “premium” transactions and less than ten seconds for “economy” transactions), and minimal energy consumption (under 0.05 joules per transaction). Moreover, given five more cloud sites of the kinds currently available in CloudLab, Clemson, we show how the design could achieve throughputs of 15.2 million transactions per two second slot with the same response time profile. Full article

The security of a network is based on the foundation of confidentiality, integrity, and availability, often referred to as the CIA triad. The privacy of data over a network, maintained by confidentiality, has long been one of the major issues in network settings. With the decoupling of the data plane and control plane in the software-defined networking (SDN) environment, this challenge is significantly amplified. This paper aims to address the challenges of confidentiality in SDN by introducing a genetic algorithm-based hybrid encryption network policy to secure messages across the network. The proposed approach achieved an average entropy of 0.989, revealing a significant improvement in the strength of the encryption with the hybrid mechanism. However, the method exhibited processing overhead, significantly increasing the transmission time for encrypted messages compared to unencrypted transmission. Compared to standalone AES, DES, and RSA, this approach shows better encryption randomness, but a trade-off between security and network performance is evident in the absence of load-balancing techniques. Full article

The paper intends to contribute to readers’ comprehension of the Greek telecommunications market, focusing on the strategic decisions associated with network tower-sharing analysis in Greece. The Greek telecommunications industry is described for the first time following the Structure–Conduct–Performance (SCP) paradigm of Industrial Organisation (IO), as a methodological tool of analysis. In that respect, an SCP model in its extended form is constructed, aiming to examine how structure, conduct, and performance interrelate to each other. More precisely, the SCP model explains how strategic decisions regarding tower infrastructure sharing between 2013–2022 were developed, as a result of a series of interactions and feedback effects, amongst market structure, operators’ conducts, and performances, resulting in strengthening competition and reshaping market structure with the entrance of a new player in the Greek mobile market, an independent TowerCo (Athens, Greece) in Greece. International tendencies and competition issues influencing domestic growth potentialities and alternative operators’ concentration will be addressed, too. The paper concludes with presenting a basically qualitative, explanatory interpretive analysis of the perspectives of network tower-sharing analysis in the Greek telecommunication industry, including policy recommendations for the near future and thoughts on future research, as well. Full article

Machine learning (ML) promises advances in automation and threat detection for the future generations of communication networks. However, new threats are introduced, as adversaries target ML systems with malicious data. Adversarial attacks on tree-based ML models involve crafting input perturbations that exploit non-smooth decision boundaries, causing misclassifications. These so-called evasion attacks are imperceptible, as they do not significantly alter the input data distribution and have been shown to degrade the performance of tree-based models across various tasks. Adversarial training and genetic algorithms have been proposed as potential defenses against these attacks. In this paper, we explore the robustness of tree-based models for network intrusion detection systems. This study evaluates an optimization approach inspired by genetic algorithms to generate adversarial samples and studies the impact of adversarial training on the accuracy of attack detection. This paper exposed random forest and extreme gradient boosting classifiers to various adversarial samples generated from communication network-related CIC-IDS2019 and 5G-NIDD datasets. The results indicate that the improvements of robustness to adversarial attacks come with a cost to the accuracy of the network intrusion detection models. These costs can be optimized with intelligent, use case-specific feature engineering. Full article

The Advanced Message Queuing Protocol (AMQP) is a widely used communication standard in IoT systems due to its robust and reliable message delivery capabilities. However, its increasing adoption has made it a target for various cyber threats, including Distributed Denial of Service (DDoS), Man-in-the-Middle (MitM), and brute force attacks. This study presents a comprehensive analysis of AMQP-specific vulnerabilities and introduces a statistical model for the detection and classification of malicious activities in IoT networks. Leveraging a custom-designed IoT testbed, realistic attack scenarios were simulated, and a dataset encompassing normal, malicious, and mixed traffic was generated. Unique attack signatures were identified and validated through repeated experiments, forming the foundation of a signature-based detection mechanism tailored for AMQP networks. The proposed model demonstrated high accuracy in detecting and classifying attack-specific traffic while maintaining a low false positive rate for benign traffic. Notable results include effective detection of RST packets in DDoS scenarios, precise classification of MitM attack patterns, and identification of brute force attempts on AMQP systems. This research highlights the efficacy of signature-based approaches in enhancing IoT security and offers a benchmark for future machine learning-driven detection systems. By addressing AMQP-specific challenges, the study contributes to the development of resilient and secure IoT ecosystems. Full article

The issue of organizing efficient interaction between vehicle-to-everything (V2X) system elements has become increasingly critical in recent years. Utilizing V2X technology enables achieving the necessary balance of safety, reducing system load, and ensuring a high degree of vehicle automation. This study aims to develop a simulation system for V2X applications in various element placement configurations and conduct a numerical analysis of several V2X system interaction schemes. The research analyzes various methods, including clustering, edge computing, and fog computing, aimed at minimizing system losses. The results demonstrate that each proposed model can be effectively implemented on mobile nodes. The results also provide insights into the average expected request processing times, thereby enhancing the organization of the V2X system. The authors propose a model that enables the distribution of system parameters and resources for diverse computational tasks, which is essential for the successful implementation and utilization of V2X technology. Full article

Sequential decision-making in dynamic and interconnected environments is a cornerstone of numerous applications, ranging from communication networks and finance to distributed blockchain systems and IoT frameworks. The multi-armed bandit (MAB) problem is a fundamental model in this domain that traditionally assumes independent and identically distributed (iid) rewards, which limits its effectiveness in capturing the inherent dependencies and state dynamics present in some real-world scenarios. In this paper, we lay a theoretical framework for a modified MAB model in which each arm’s reward is generated by a hidden Markov process. In our model, each arm undergoes Markov state transitions independent of play in a way that results in varying reward distributions and heightened uncertainty in reward observations. The number of states for each arm can be up to three states. A key challenge arises from the fact that the underlying states governing each arm’s rewards remain hidden at the time of selection. To address this, we adapt traditional index-based policies and develop a modified index approach tailored to accommodate Markovian transitions and enhance selection efficiency for our model. Our proposed proposed Markovian Upper Confidence Bound (MC-UCB) policy achieves logarithmic regret. Comparative analysis with the classical UCB algorithm reveals that MC-UCB consistently achieves approximately a 15% reduction in cumulative regret. This work provides significant theoretical insights and lays a robust foundation for future research aimed at optimizing decision-making processes in complex, networked systems with hidden state dependencies. Full article

In a global context where reducing the carbon footprint has become an urgent necessity, this article presents a hybrid CNN-LSTM prediction model to estimate CO₂ emission rates of Paris road traffic using spatio-temporal data. Our hybrid prediction model relies on a real-time road traffic database that we built by fusing several APIs and datasets. In particular, we trained two specialized models: a CNN to extract spatial patterns and an LSTM to capture temporal dynamics. By merging their outputs, we leverage both spatial and temporal dependencies, ensuring more accurate predictions. Thus, this article aims to compare various strategies and configurations, allowing us to identify the optimal architecture and parameters for our CNN-LSTM model. Moreover, to refine the predictive learning evolution of our hybrid model, we used optimization techniques like gradient descent to monitor the learning progress. The results show that our hybrid CNN-LSTM model achieved an R² value of 0.91 and an RMSE of 0.086, outperforming conventional models regarding CO₂ emission rate prediction accuracy. These results validate the efficiency and relevance of using hybrid CNN-LSTM models for the spatio-temporal modelling of CO₂ emissions in the context of road traffic. Full article