Network

Underwater networks are crucial for monitoring the marine ecosystem, enabling data collection to support the preservation and protection of natural resources. Among the various technologies available, acoustic and optical communications stand out for their superior performance in underwater environments. Acoustic technologies are suitable for long-range communications, typically operating over hundreds of meters up to several kilometers, albeit with low data rates ranging from a few hundred bps to few tens of kbps. In contrast, optical technologies excel in providing high data rates, often between 1 and 10 Mbps, but only over short distances (e.g., 50 m) in controlled conditions. To leverage the strengths of these technologies, recent research has proposed multi-modal underwater systems; however, these solutions generally rely on single-level or at most dual-level architectures, limiting the benefits of a structured hierarchical approach. In this review paper, after discussing related work on multi-technology acoustic and optical networks, we highlight relevant design guidelines for multi-technology, multi-level underwater architectures, explicitly considering three layers: a deep acoustic layer, an intermediate optical layer, and an upper RF-enabled surface layer. For illustration, we also discuss a PoC of such a hierarchical architecture under development at the University of Catania, Italy, in the Area Marina Isole dei Ciclopi natural reserve. The PoC includes optical nodes capable of transmitting up to 10 Mbps over short ranges and acoustic nodes (both software defined and not) supporting rates of tens of kbps over hundreds of meters and being adaptive to network conditions, interconnected through hybrid multi-technology nodes deployed across the three network levels. By assigning specific technologies to appropriate layers, the architecture enhances scalability, robustness, and adaptability to dynamic underwater conditions. This design strategy not only improves data transmission efficiency but also ensures seamless operation across diverse marine scenarios, making it an effective solution for a wide range of underwater monitoring applications. Full article

IoT applications are increasingly common, yet they often rely on expensive, externally managed authentication services. This paper introduces a novel, self-contained authentication method for IoT applications which leverages fog computing principles to lower operational costs and infrastructure complexity. The proposed system, fogauth, combines device serial numbers with cryptographically generated UUIDs to establish secure identification without third-party services. A static cloud-side architecture coupled with a lightweight, locally hosted API enables secure authentication through object-storage operations. Performance testing demonstrates comparable security performance to commercial cloud-based authentication while reducing long-term operational costs and maintaining latency at below 2 minutes in production conditions. fogauth provides a scalable and economically viable alternative for companies seeking to reduce cloud dependency and minimize long-term costs associated with IoT application security. To support reproducibility, a complete open-source implementation and validation dataset are provided, allowing independent replication and extension of the system. Full article

Future programmable networks such as 5G/6G and large-scale IoT deployments demand dynamic and intelligent bandwidth control mechanisms to ensure stable Quality of Service (QoS) under highly variable traffic conditions. Conventional queue-based schedulers and emerging machine learning techniques still struggle with slow reaction to congestion, unstable fairness, and high computational costs. To address these challenges, this paper proposes a Dynamic Predictive Feedback (DPF) mechanism that integrates clustered-LSTM based short-term traffic prediction with meta-control driven adaptive bandwidth adjustment in a Software-Defined Networking (SDN) architecture. The prediction module proactively estimates future queue depth and arrival rates using in-band network telemetry (INT), while the feedback controller continuously adjusts scheduling weights based on congestion risk and fairness metrics. Extensive emulation experiments conducted under Static, Bursty IoT, Mixed, and Stress workloads show that DPF consistently outperforms state-of-the-art solutions, including A-WFQ and DRL-based schedulers, achieving up to 32% higher throughput, up to 40% lower latency, and 10–12% lower CPU and memory usage. Moreover, DPF demonstrates strong fairness (Jain’s Index ≥ 0.96), high adaptability, and minimal performance variance across scenarios. These results confirm that DPF is a scalable and resource-efficient solution capable of supporting the demands of future programmable, 5G/6G-ready network infrastructures. Full article

Among the 15 beamlines in the first phase of the High-Energy Photon Source (HEPS) in China, the maximum peak data generation volume can reach 1 PB per day, with the maximum peak data generation rate reaching 3.2 Tb/s. This poses significant challenges to the underlying network system. To meet the storage, computing, and analysis needs of HEPS scientific data, this paper designed a high-performance and scalable network architecture based on RoCE (RDMA over Converged Ethernet). Test results demonstrate that the RoCE-based HEPS data center network system achieves high bandwidth and ultra-low latency, stably maintains reliable transmission performance during the interaction of scientific data storage, computing, and analysis, and exhibits excellent scalability to adapt to the future expansion of HEPS beamlines. Full article

Modern Software-Defined Wide Area Networks (SD-WANs) require adaptive controller placement addressing multi-objective optimization where latency minimization, load balancing, and fault tolerance must be simultaneously optimized. Traditional static approaches fail under dynamic network conditions with evolving traffic patterns and topology changes. This paper presents a novel hybrid framework integrating Gaussian Mixture Model (GMM) clustering with Multi-Agent Reinforcement Learning (MARL) for dynamic controller placement. The approach leverages probabilistic clustering for intelligent MARL initialization, reducing exploration requirements. Centralized Training with Decentralized Execution (CTDE) enables distributed optimization through cooperative agents. Experimental evaluation using real-world topologies demonstrates a noticeable reduction in the latency, improvement in network balance, and significant computational efficiency versus existing methods. Dynamic adaptation experiments confirm superior scalability during network changes. The hybrid architecture achieves linear scalability through problem decomposition while maintaining real-time responsiveness, establishing practical viability. Full article

Current federated identity management systems lack contextual awareness of workflows across independent systems, creating security gaps and workflow integrity challenges. This article details the design and implementation of Alohomora, a distributed workflow-aware authentication system that maintains cross-system workflow context through path-bound tokens. Alohomora complements existing identity providers such as OAuth and SAML by adding workflow orchestration capabilities while leveraging standard authentication protocols for initial user verification. The system introduces workflow graphs as a formal model for representing dependencies between functions across heterogeneous systems and employs a distributed caching architecture with collaboration groups for scalable session management. In a typical deployment scenario, an employee onboarding workflow across human resources services, account provisioning, and benefits systems forms a trust group where Alohomora enforces ordered step execution, validates prerequisite completion at each transition, and generates cryptographic completion assertions upon workflow finalization. Extensive performance evaluation under concurrent user requests demonstrates polynomial performance characteristics with superior scalability compared to centralized OAuth introspection. The results show that Alohomora maintains high throughput under heavy load while providing strong, secure access control through workflow path binding and distributed trust orchestration. The prototype implementation is available as open source. Full article

Heterogeneous wireless sensor networks (HWSNs), comprising super nodes and normal sensors, offer a promising solution for monitoring diverse environments. However, their deployment is constrained by the limited battery life of sensors. To address this issue, clustering and routing techniques have been employed to conserve energy. Nevertheless, existing approaches often struggle with suboptimal energy distribution and weak network coverage. Additionally, they mostly failed to exploit other energy saving techniques such as sleep scheduling. This paper proposes a novel genetic algorithm (GA)-based approach to optimize sleep scheduling, routing, and clustering in HWSNs. The method comprises two phases, namely join sleep scheduling and tree construction, and clustering of normal nodes. Inspired by the concept of unequal clustering, the HWSN is split into some rings in the first phase, and the number of awake super nodes in each ring keeps the same. This approach addresses the challenges of balancing energy consumption and network lifetime. Furthermore, including network coverage and energy-related criteria in the proposed GA yields long-lasting network operation. Through rigorous simulations, we demonstrate that, on average, our algorithm reduces energy consumption and improves network coverage by 23% and 21.9%, respectively, and extends network lifetime by 501 rounds, compared to the state-of-the-art methods. Full article

This paper presents a real-time handover and link assignment framework for low-Earth-orbit (LEO) satellite networks operating in dense urban canyons. The proposed Markov chain-guided simulated annealing (MCSA) algorithm optimizes user-to-satellite assignments under dynamic channel and capacity constraints. By incorporating Markov chains to guide state transitions, MCSA achieves faster convergence and more effective exploration than conventional simulated annealing. Simulations conducted in Ku-band urban canyon environments show that the framework achieves an average user satisfaction of about 97%, providing an approximately 10% improvement over genetic algorithm (GA) results. It also delivers 10–15% higher resource utilization, lower blocking rates comparable to integer linear programming (ILP), and superior runtime scalability with linear complexity $O(k·|U|·|S\left|\right)$. These results confirm that MCSA provides a scalable and robust real-time mobility management solution for next-generation LEO satellite systems. Full article

Orbital angular momentum (OAM) beams exhibit divergence during transmission, which constrains the capacity of communication system channels. To address these challenges, intelligent reflecting surfaces (IRSs), which can independently manipulate incident electromagnetic waves by adjustment of their amplitude and phase, are employed to construct IRS-assisted OAM communication systems. By introducing additional information pathways, IRSs enhance diversity gain. We studied the simulations of two placement methods for an IRS: arbitrary placement and standard placement. In the case of arbitrary placement, the beam reflected by the IRS can be decomposed into different OAM modes, producing various reception powers corresponding to each OAM mode component. This improves the signal-to-noise ratio (SNR) at the receiver, thereby enhancing channel capacity. In particular, when the IRS is symmetrically and uniformly positioned at the center of the main transmission axis, its elements can be approximated as a uniform circular array (UCA). This configuration not only achieves optimal reception along the direction of the maximum gain of the orbital angular momentum beam but also reduces the antenna radius required at the receiver to half or even less. Full article

Vehicular Ad-Hoc Networks (VANETs) play a critical role in Intelligent Transportation Systems (ITS), enabling communication between vehicles and roadside infrastructure. This paper proposes an Adaptive Context-Aware VANET Routing (ACAVR) protocol designed to handle the challenges of high mobility, dynamic topology, and variable vehicle density in urban environments. The proposed protocol integrates context-aware routing, dynamic clustering, and geographic forwarding to enhance performance under diverse traffic conditions. Simulation results demonstrate that ACAVR achieves higher throughput, improved packet delivery ratio, lower end-to-end delay, and reduced routing overhead compared to existing routing schemes. The proposed ACAVR outperforms benchmark protocols such as DyTE, RGoV, and CAEL, improving PDR by 12–18%, reducing delay by 10–15%, and increasing throughput by 15–22%. Full article

This paper investigates cooperative behavior among Autonomous Systems (ASs) within a federated network environment designed to support collaborative shared-technology deployment. It makes use of the concept of an AS federation, where independently managed systems adhere to a shared standard while maintaining implementation flexibility. Using a systematic game-theoretic framework, the study models various coalition structures—including full cooperation, partial coalitions, and defection—across several canonical cooperative games. The analysis evaluates the effects of different cooperation strategies and resource-sharing schemes on payoff distribution and coalition stability. Simulation results over short- and medium-to-long-term horizons demonstrate that cooperative coalition formation, especially with fair payoff allocation, consistently outperforms solitary strategies. The study also identifies key thresholds affecting partial coalition viability and explores the impact of defection on overall federation performance. By linking theoretical game models with practical deployment challenges in heterogeneous networked systems, this work offers valuable insights for designing mechanisms that promote effective cooperation in complex, resource-constrained environments. Full article

As network automation and self-organizing networks (SONs) rapidly evolve, edge devices increasingly demand lightweight, real-time, and high-precision classification algorithms to support critical tasks such as traffic identification, intrusion detection, and fault diagnosis. In recent years, cross-entropy (CE) loss has been widely adopted in deep learning classification tasks due to its computational efficiency and ease of optimization. However, traditional CE methods primarily focus on class separability without explicitly constraining intra-class compactness and inter-class boundaries in the feature space, thereby limiting their generalization performance on complex classification tasks. To address this issue, we propose a novel classification loss framework—Contrastive Geometric Cross-Entropy (CGCE). Without incurring additional computational or memory overhead, CGCE explicitly introduces learnable class representation vectors and constructs the loss function based on the dot-product similarity between features and these class representations, thus explicitly reinforcing geometric constraints in the feature space. This mechanism effectively enhances intra-class compactness and inter-class separability. Theoretical analysis further demonstrates that minimizing the CGCE loss naturally induces clear and measurable geometric class boundaries in the feature space, a desirable property absent from traditional CE methods. Furthermore, CGCE can seamlessly incorporate the prior knowledge of pretrained models, converging rapidly within only a few training epochs (for example, on the CIFAR-10 dataset using the ViT model, a single training epoch is sufficient to reach 99% of the final training accuracy.) Experimental results on both text and image classification tasks show that CGCE achieves accuracy improvements of up to 2% over traditional CE methods, exhibiting stronger generalization capabilities under challenging scenarios such as class imbalance, few-shot learning, and noisy labels. These findings indicate that CGCE has significant potential as a superior alternative to traditional CE methods. Full article

Elastic optical networks (EONs) must allocate resources dynamically to accommodate heterogeneous, high-bandwidth demands. However, the continuous setup and teardown of connections with different bit rates can fragment the spectrum and lead to blocking. The blocking predictors enable proactive defragmentation and resource reallocation within network controllers. In this paper, we propose two novel deep learning models (based on CNN–BiLSTM and CNN–LSTM) to predict blocking in EONs by combining spatial feature extraction from spectrum snapshots using 2D convolutional layers with temporal sequence modeling. This hybrid spatio-temporal design learns how local fragmentation patterns evolve over time, allowing it to detect impending blocking scenarios more accurately than conventional methods. We evaluate our model on the simulated NSFNET topology and compare it against multiple baselines, namely 1D CNN, 2D CNN, k-nearest neighbors (KNN), and support vector machines (SVMs). The results show that the proposed CNN–BiLSTM/LSTM models consistently achieve higher performance. The CNN–BiLSTM model achieved the highest accuracy in blocking prediction, while the CNN–LSTM model shows slightly lower accuracy; however, it has much lower complexity and a faster learning time. Full article

Connected and Autonomous Vehicles are promising for advancing traffic safety and efficiency. However, the increased connectivity makes these vehicles vulnerable to a broad array of cyber threats. This paper presents a novel hybrid approach for intrusion detection in in-vehicle networks, specifically focusing on the Controller Area Network bus. Ensemble learning techniques are combined with sophisticated optimization techniques and dynamic adaptation mechanisms to develop a robust, accurate, and computationally efficient intrusion detection system. The proposed system is evaluated on real-world automotive network datasets that include various attack types (e.g., Denial of Service, fuzzy, and spoofing attacks). With these results, the proposed hybrid adaptive system achieves an unprecedented accuracy of 99.995% with a 0.00001% false positive rate, which is significantly more accurate than traditional methods. In addition, the system is very robust to novel attack patterns and is tolerant to varying computational constraints and is suitable for deployment on a real-time basis in various automotive platforms. As this research represents a significant advancement in automotive cybersecurity, a scalable and proactive defense mechanism is necessary to safely operate next-generation vehicles. Full article

As 5G and beyond networks grow in heterogeneity, complexity, and scale, traditional Intrusion Detection Systems (IDS) struggle to maintain accurate and precise detection mechanisms. A promising alternative approach to this problem has involved the use of Deep Learning (DL) techniques; however, DL-based IDS suffer from issues relating to interpretation, performance variability, and high computational overheads. These issues limit their practical deployment in real-world applications. In this study, CiNeT is introduced as a novel DL-based IDS employing Convolutional Neural Networks (CNN) within a bijective encoding–decoding framework between network traffic features (such as IPv6, IPv4, Timestamp, MAC addresses, and network data) and their RGB representations. This transformation facilitates our DL IDS in detecting spatial patterns without sacrificing fidelity. The bijective pipeline enables complete traceability from detection decisions to their corresponding network traffic features, enabling a significant initiative towards solving the ‘black-box’ problem inherent in Deep Learning models, thus facilitating digital forensics. Finally, the DL IDS has been evaluated on three datasets, UNSW NB-15, InSDN, and ToN_IoT, with analysis conducted on accuracy, GPU usage, memory utilisation, training, testing, and validation time. To summarise, this study presents a new CNN-based IDS with an end-to-end pipeline between network traffic data and their RGB representation, which offers high performance and enhanced interpretability through revisable transformation. Full article

The successful integration of Terrestrial and Non-Terrestrial Networks (T/NTNs) in 6G is poised to revolutionize demanding domains like Earth Observation (EO) and Intelligent Transportation Systems (ITSs). Still, it requires Distributed Machine Learning (DML) frameworks that are scalable, private, and efficient. Existing methods, such as Federated Learning (FL) and Split Learning (SL), face critical limitations in terms of client computation burden and latency. To address these challenges, this paper proposes a novel hierarchical DML paradigm. We first introduce Federated Split Transfer Learning (FSTL), a foundational framework that synergizes FL, SL, and Transfer Learning (TL) to enable efficient, privacy-preserving learning within a single client group. We then extend this concept to the Generalized FSTL (GFSTL) framework, a scalable, multi-group architecture designed for complex and large-scale networks. GFSTL orchestrates parallel training across multiple client groups managed by intermediate servers (RSUs/HAPs) and aggregates them at a higher-level central server, significantly enhancing performance. We apply this framework to a unified T/NTN architecture that seamlessly integrates vehicular, aerial, and satellite assets, enabling advanced applications in 6G ITS and EO. Comprehensive simulations using the YOLOv5 model on the Cityscapes dataset validate our approach. The results show that GFSTL not only achieves faster convergence and higher detection accuracy but also substantially reduces communication overhead compared to baseline FL, and critically, both detection accuracy and end-to-end latency remain essentially invariant as the number of participating users grows, making GFSTL especially well suited for large-scale heterogeneous 6G ITS deployments. We also provide a formal latency decomposition and analysis that explains this scaling behavior. This work establishes GFSTL as a robust and practical solution for enabling the intelligent, connected, and resilient ecosystems required for next-generation transportation and environmental monitoring. Full article

The Internet of Things allows us to implement concepts such as Education 4.0 by connecting sensors, actuators, and applications. In the case of direct and explicit connections, we refer to ensembles that can consist of devices and applications. When realizing spatially distributed applications, there are scenarios in which these ensembles must coordinate with each other. In software development, this process is referred to as orchestration or choreography. This paper describes a software framework that provides orchestration or choreography for self-explaining ensembles using predefined rules based on a self-description of all involved components. The framework is capable of generating user instructions or explanations for smart environments that cover interaction details. The approach also forms a basis to provide information about event-based coordination. In a case study, we investigated the technical perception of a coordinated spatial learning game application (an ambient serious game). Most participants perceived the application as cohesive and found it responsive. These results suggest that our framework provides a solid foundation for implementing coordinated applications within smart environments that appear as unified applications. Full article

The rapid expansion of communication networks and increasingly complex service demands have presented significant challenges to the intelligent management of network resources. To address these challenges, we have proposed a network self-optimization framework integrating the predictive capabilities of the Large Language Model (LLM) with the decision-making capabilities of multi-agent Reinforcement Learning (RL). Specifically, historical network traffic data are converted into structured inputs to forecast future traffic patterns using a GPT-2-based prediction module. Concurrently, a Multi-Agent Deep Deterministic Policy Gradient (MADDPG) algorithm leverages real-time sensor data—including link delay and packet loss rates collected by embedded network sensors—to dynamically optimize bandwidth allocation. This sensor-driven mechanism enables the system to perform real-time optimization of bandwidth allocation, ensuring accurate monitoring and proactive resource scheduling. We evaluate our framework in a heterogeneous network simulated using Mininet under diverse traffic scenarios. Experimental results show that the proposed method significantly reduces network latency and packet loss, as well as improves robustness and resource utilization, highlighting the effectiveness of integrating sensor-driven RL optimization with predictive insights from LLMs. Full article

Network monitoring is becoming increasingly challenging as networks grow in scale, speed, and complexity. The evolution of monitoring approaches reflects a shift from device-centric, localized techniques toward network-wide observability enabled by modern networking paradigms. Early methods like SNMP polling and NetFlow provided basic insights but struggled with real-time visibility in large, dynamic environments. The emergence of Software-Defined Networking (SDN) introduced centralized control and a global view of network state, opening the door to more coordinated and programmable measurement strategies. More recently, programmable data planes (e.g., P4-based switches) and in-band telemetry frameworks have allowed fine grained, line rate data collection directly from traffic, reducing overhead and latency compared to traditional polling. These developments mark a move away from single point or per flow analysis toward holistic monitoring woven throughout the network fabric. In this survey, we systematically review the state of the art in network-wide monitoring. We define key concepts (topologies, flows, telemetry, observability) and trace the progression of monitoring architectures from traditional networks to SDN to fully programmable networks. We introduce a taxonomy spanning local device measures, path level techniques, global network-wide methods, and hybrid approaches. Finally, we summarize open research challenges and future directions, highlighting that modern networks demand monitoring frameworks that are not only scalable and real-time but also tightly integrated with network control and automation. Full article