Search Results (1,786)

System call telemetry is essential for understanding runtime behavior in cloud-native infrastructures, but existing eBPF-based monitors suffer from high per-event overhead, unreliable delivery under load, and limited context for correlating multi-step activities. These issues reduce scalability, create blind spots in telemetry streams, and complicate the analysis of complex workload behaviors. This work presents Aquila, a lightweight telemetry framework that emphasizes efficiency, reliability, and semantic fidelity. Aquila employs a dual-path kernel pipeline that separates fixed-size metadata from variable-length attributes, reducing serialization costs and enabling high-throughput event processing. It introduces priority-aware buffering and explicit drop detection to retain loss-sensitive events while providing visibility into overload conditions. In the user space, kernel traces are enriched with Kubernetes metadata, mapping low-level system calls to pods, containers, and namespaces. Evaluation under representative workloads shows that Aquila improves scalability, reduces event loss, and enhances the semantic completeness of system call telemetry compared with existing approaches. Full article

The Practical Byzantine Fault Tolerance (PBFT) algorithm, while fundamental to consortium blockchains, suffers from performance degradation and vulnerability of leader nodes in large-scale scenarios. Existing improvements often prioritize performance while lacking systematic consideration of the structural characteristics of the nodes and network coverage. In this paper, a new network topology-aware Byzantine fault-tolerant algorithm NetTopoBFT is proposed for the supply chain and other application scenarios that require strict transaction finality but moderate throughput. Firstly, it innovatively combines the weighted signed network with the consortium chain, constructs a two-layer Bayesian smoothing node evaluation model, and evaluates the nodes through the two-dimensional evaluation of ‘behavioral reputation plus structural importance’. Then, to reduce the risk of being attacked, it uses Verifiable Random Function (VRF) to decide the leader. Furthermore, it uses a duplicate coverage-driven waitlisting mechanism to enhance the robustness and connectivity of the system. Theoretical analysis and experiment results show that NetTopoBFT significantly improves the quality of consensus nodes under the premise of guaranteeing decentralization, realizes the simultaneous optimization of communication overhead, security and network coverage. It provides a new idea for designing consensus mechanism of consortium blockchains. Full article

Hierarchical Reinforcement Learning (HRL) is effective for long-horizon and sparse-reward tasks by decomposing complex decision processes, but its real-world application remains limited due to instability between levels, inefficient subgoal scheduling, delayed responses, and poor interpretability. To address these challenges, we propose Timed and Bionic Circuit Hierarchical Reinforcement Learning (TBC-HRL), a biologically inspired framework that integrates two mechanisms. First, a timed subgoal scheduling strategy assigns a fixed execution duration $\tau$ to each subgoal, mimicking rhythmic action patterns in animal behavior to improve inter-level coordination and maintain goal consistency. Second, a Neuro-Dynamic Bionic Circuit Network (NDBCNet), inspired by the neural circuitry of C. elegans, replaces conventional fully connected networks in the low-level controller. Featuring sparse connectivity, continuous-time dynamics, and adaptive responses, NDBCNet models temporal dependencies more effectively while offering improved interpretability and reduced computational overhead, making it suitable for resource-constrained platforms. Experiments across six dynamic and complex simulated tasks show that TBC-HRL consistently improves policy stability, action precision, and adaptability compared with traditional HRL, demonstrating the practical value and future potential of biologically inspired structures in intelligent control systems. Full article

Automated collision avoidance is a central topic in multi-agent systems that consist of mobile agents. One simple approach to pursue system-wide performance is a centralized algorithm, which, however, becomes computationally expensive when involving a large number of agents. There have thus been proposed fully distributed collision avoidance algorithms that can naturally handle many-to-many encounter situations. The DSSA⁺ is one of those algorithms, which is heuristic and incomplete but has lower communication and computation overheads than other counterparts. However, the DSSA⁺ and some other distributed collision avoidance algorithms basically optimize the agents’ behavior only in the short term, not caring about the total efficiency in their paths. This may result in some agents’ paths with over-deviation or over-stagnation. In this paper, we present Distributed Stochastic Search algorithm with a deep Q-network (DSSQ), in which the agents can generate time-efficient collision-free paths while they learn independently whether to detour or change speeds by Deep Reinforcement Learning. A key idea in the learning principle of the DSSQ is to let the agents pursue their individual optimality. We have experimentally confirmed that a sequence of short-term system-optimal solutions found by the DSSA⁺ gradually becomes long-term individually optimal for every agent. Full article

With the continuous growth of global communication demands, the space-ground integrated optical network (SGION), composed of the satellite optical network (SON) and terrestrial optical network (TON), has gradually become a critical component of global communication systems due to its wide coverage, low latency, and large bandwidth. However, although the high directivity of laser communication can significantly enhance the security of data transmission, it still carries the risk of being eavesdropped on during the process of service routing. To resist eavesdropping attacks during service transmission in the SGION, this paper proposes a secure routing scheme named dynamic multipath secure routing (DMSR). In DMSR, a metric called the service eavesdropping ratio (SER) is defined to quantify the service leakage severity. The objective of DMSR is to reduce each service’s SER by switching its routing path proactively. To realize DMSR, heuristic algorithms are developed to sequentially search for optimal routing paths for service path switching in the TON and SGION. Finally, simulation results demonstrate that DMSR can achieve trade-offs between secure service transmission and network performance at different levels by adjusting its system parameters. Furthermore, the DMSR scheme significantly reduces the SER compared to the baseline schemes, while introducing acceptable increases in computation overhead and service latency. Full article

The End–Edge–Cloud (EEC) paradigm hierarchically orchestrates Internet of Things (IoT) devices, edge nodes, and cloud, optimizing system performance for both delay-sensitive data and compute-intensive processing tasks. Securing IoT data sharing in the EEC-driven paradigm while maintaining data traceability poses critical challenges. In this paper we propose STDSM, a symmetry-enhanced secure and traceable data sharing model for the EEC-driven data sharing paradigm. STDSM enables IoT data owners to share data securely by attaching symmetric security labels (for secrecy and integrity) to their data. This mechanism symmetrically controls both data outflow and inflow. Furthermore, STDSM can also track data user identity. Subsequently, the security properties of STDSM, including data confidentiality, integrity, and identity traceability, are formally verified; the verification takes 280 ms, using a novel approach that combines High-Level Petri Net modeling with the satisfiability modulo theories library and the Z3 solver. In addition, our experimental results show that STDSM reduces time overhead by up to 15% while providing enhanced traceability. Full article

The Hamiltonian Monte Carlo (HMC) method is effective for Bayesian inference but suffers from synchronization overhead in distributed settings. We propose two variants: a distributed HMC (DHMC) baseline with synchronized, globally exact gradient evaluations and a communication-avoiding leapfrog HMC (CALF-HMC) method that interleaves local surrogate micro-steps with a single–global Metropolis–Hastings correction per trajectory. Implemented on Apache Spark/PySpark and evaluated on a large synthetic logistic regression ($N={10}^7$, $d=100$, workers $J\in \{4,8,16,32\}$), DHMC attained an average acceptance of $0.986$, mean ESS of 1200, and wall-clock of $64.1$ s per evaluation run, yielding $\approx 18.7$ ESS/s; CALF-HMC achieved an acceptance of $0.942$, mean ESS of $5.1$, and $14.8$ s, i.e., ≈0.34 ESS/s under the tested surrogate configuration. While DHMC delivered higher ESS/s due to robust mixing under conservative integration, CALF-HMC reduced the per-trajectory runtime and exhibited more favorable scaling as inter-worker latency increased. The study contributes (i) a systems-oriented communication cost model for distributed HMC, (ii) an exact, communication-avoiding leapfrog variant, and (iii) practical guidance for ESS/s-optimized tuning on clusters. Full article

The rapid development of the Internet of Things (IoT) poses significant problems in securing heterogeneous, massive, and high-volume network traffic against cyber threats. Traditional intrusion detection systems (IDSs) are often found to be poorly scalable, or are ineffective computationally, because of the presence of redundant or irrelevant features, and they suffer from high false positive rates. Addressing these limitations, this study proposes a hybrid intelligent model that combines quantum computing, chaos theory, and deep learning to achieve efficient feature selection and effective intrusion classification. The proposed system offers four novel modules for feature optimization: chaotic swarm intelligence, quantum diffusion modeling, transformer-guided ranking, and multi-agent reinforcement learning, all of which work with a graph-based classifier enhanced with quantum attention mechanisms. This architecture allows as much as 75% feature reduction, while achieving 4% better classification accuracy and reducing computational overhead by 40% compared to the best-performing models. When evaluated on benchmark datasets (NSL-KDD, CICIDS2017, and UNSW-NB15), it shows superior performance in intrusion detection tasks, thereby marking it as a viable candidate for scalable and real-time IoT security analytics. Full article

Virtual Machine Introspection (VMI) is a powerful technology used to detect and analyze malicious software inside Virtual Machines (VMs) from the outside. Asynchronous access to the VM’s memory can be insufficient for efficient monitoring of what is happening inside of a VM. Active VMI introduces breakpoints to intercept VM execution at relevant points. Especially for frequently visited breakpoints, and even more so for production systems, it is crucial to keep performance overhead as low as possible. In this paper, we present an empirical study that compares the performance of four VMI breakpoint-implementation variants—EPT switching (SLAT view switching) with and without fast single-stepping acceleration, instruction repair, and instruction emulation—from two VMI applications (DRAKVUF, SmartVMI) with the XEN hypervisor on 20 Intel Core i processors ranging from the fourth to the thirteenth generation. Instruction emulation was the fastest method across all 20 tested platforms. Modern processors such as the Intel Core i7 12700H and Intel Core i9 13900HX achieved median breakpoint-processing times as low as 15 µs for the emulation mechanism. The slowest method was instruction repair, followed by EPT switching and EPT switching with FSS. The order was the same for all measurements, indicating that this is a strong and generalizable result. Full article

This paper presents a novel method for locally estimating vehicle density on highways based on vehicle-to-vehicle (V2V) communication, a communication mode within intelligent transport systems (ITSs), enabled via IEEE 802.11p and 3GPP C-V2X technologies. Awareness messages (AMs), such as basic safety messages (BSMs, SAE J2735) and cooperative awareness messages (CAMs, ETSI EN 302 637-2), are periodically broadcast by vehicles and can be leveraged to sense the presence of nearby vehicles. Unlike existing approaches that directly combine the number of sensed vehicles with measured packet reception ratio (PRR) of the AM, our method accounts for the deviations in PRR caused by imperfect channel conditions. To address this, we estimate the actual packet reception probability (PRP)–distance curve by exploiting its inherent downward trend along with multiple measured PRR points. From this curve, two metrics are introduced: node awareness probability (NAP) and average awareness ratio (AAR), the latter representing the ratio of sensed vehicles to the total number of vehicles. The real density is then estimated using the number of sensed vehicles and AAR, mitigating the underestimation issues common in V2V-based methods. Simulation results across densities ranging from 0.02 vehs/m to 0.28 vehs/m demonstrate that our method improves estimation accuracy by up to 37% at an actual density of 0.28 vehs/m, compared with methods relying solely on received AMs, without introducing additional communication overhead. Additionally, we demonstrate a practical application where the basic safety message (BSM) transmission rate is dynamically adjusted based on the estimated density, thereby improving traffic management efficiency. Full article

Real-time operating systems (RTOSs) are widely used in embedded systems to ensure deterministic task execution, predictable responses, and concurrent operations, which are crucial for time-sensitive applications. However, the growing complexity of embedded systems, increased network connectivity, and dynamic software updates significantly expand the attack surface, exposing RTOSs to a variety of security threats, including memory corruption, privilege escalation, and side-channel attacks. Traditional security mechanisms often impose additional overhead that can compromise real-time guarantees. In this work, we present a Risk-aware Permission Adjustment (RPA) framework, implemented on CHERIoT RTOS, which is a CHERI-based operating system. RPA aims to detect anomalous behavior in real time, quantify security risks, and dynamically adjust permissions to mitigate potential threats. RPA maintains system continuity, enforces fine-grained access control, and progressively contains the impact of violations without interrupting critical operations. The framework was evaluated through targeted fault injection experiments, including 20 real-world CVEs and 15 abstract vulnerability classes, demonstrating its ability to mitigate both known and generalized attacks. Performance measurements indicate minimal runtime overhead while significantly reducing system downtime compared to conventional CHERIoT and FreeRTOS implementations. Full article

Following the stablecoin legislation (GENIUS Act) enacted under the second Trump administration in 2025, blockchain has become core digital economy infrastructure. However, privacy risks from decentralization and transparency constrain adoption in regulated industries, requiring solutions that harmonize blockchain architecture with regulatory compliance. Existing research relies on reactive auditing or post-execution rule checking, which wastes computational resources or provides only basic encryption or access controls without comprehensive privacy compliance. The proposed Artificial Intelligence-enhanced Regulatory Proof-of-Compliance (AIRPoC) framework addresses this gap through a two-phase consensus mechanism that integrates AI legal agents with semantic web technologies for autonomous regulatory compliance enforcement. Unlike existing research, AIRPoC implements a dual-layer architecture where AI-powered regulatory validation precedes consensus execution, ensuring that only compliant transactions proceed to blockchain finalization. The system employs AI legal agents that automatically construct and update regulatory databases via multi-oracle networks, using SPARQL-based inference engines for real-time General Data Protection Regulation (GDPR) compliance validation. A simulation-based experimental evaluation conducted across 24 tests with 116,200 transactions in a controlled environment demonstrates 88.9% compliance accuracy, with 9502 transactions per second (TPS) versus 11,192 TPS for basic Proof-of-Stake (PoS) (4.5% overhead). This research represents a paradigm shift to dynamic, transaction-based regulatory models that preserve blockchain efficiency. Full article

As cyberattacks grow increasingly sophisticated, the timely exchange of Cyber Threat Intelligence (CTI) has become essential to enhancing situational awareness and enabling proactive defense. Several challenges exist in CTI sharing, including the timely dissemination of threat information, the need for privacy and confidentiality, and the accessibility of data even in unstable network conditions. In addition to security and privacy, latency and throughput are critical performance metrics when selecting a suitable platform for CTI sharing. Substantial efforts have been devoted to developing effective solutions for CTI sharing. Several existing CTI sharing systems adopt either centralized or blockchain-based architectures. However, centralized models suffer from scalability bottlenecks and single points of failure, while the slow and limited transactions of blockchain make it unsuitable for real-time and reliable CTI sharing. To address these challenges, we propose a DDS-based framework that automates data sanitization, STIX-compliant structuring, and real-time dissemination of CTI. Our prototype evaluation demonstrates low latency, linear throughput scaling at configured send rates up to 125 messages per second, with 100% delivery success across all scenarios, while sustaining low CPU and memory overheads. The findings of this study highlight the unique ability of DDS to overcome the timeliness, security, automation, and reliability challenges of CTI sharing. Full article

For orthogonal time–frequency space (OTFS) systems in high-mobility scenarios, traditional signal detection algorithms face challenges due to their reliance on channel state information (CSI), requiring excessive pilot overhead. Meanwhile, based on convolutional neural network (CNN) detection suffer from insufficient signal feature extraction, the message passing (MP) algorithm exhibits low efficiency in iterative signal updates. This paper proposes a signal detection method for an OTFS system based on feature fusion and a CNN (MP-WCNN), which employs wavelet decomposition to extract multi-scale signal features, combining MP enhancement for feature fusion and constructing high-dimensional feature tensors through channel-wise concatenation as CNN input to achieve signal detection. Experimental results demonstrate that the proposed MP-WCNN method achieves approximately 9 dB signal-to-noise ratio (SNR) gain compared to the MP algorithm at the same bit error rate (BER). Furthermore, the proposed method operates without requiring pilot assistance for CSI acquisition. Full article

The increasing digitization and decentralization of modern energy systems have heightened their vulnerability to sophisticated cyber threats, necessitating advanced, scalable, and privacy-preserving detection frameworks. This paper introduces a novel Federated Quantum Machine Learning (FQML) framework tailored for anomaly detection in multi-agent energy environments. By integrating parameterized quantum circuits (PQCs) at the local agent level with secure federated learning protocols, the framework enhances detection accuracy while preserving data privacy. A trimmed-mean aggregation scheme and differential privacy mechanisms are embedded to defend against Byzantine behaviors and data-poisoning attacks. The problem is formally modeled as a constrained optimization task, accounting for quantum circuit depth, communication latency, and adversarial resilience. Experimental validation on synthetic smart grid datasets demonstrates that FQML achieves high detection accuracy (≥96.3%), maintains robustness under adversarial perturbations, and reduces communication overhead by 28.6% compared to classical federated baselines. These results substantiate the viability of quantum-enhanced federated learning as a practical, hardware-conscious approach to distributed cybersecurity in next-generation energy infrastructures. Full article