Sign in to use this feature.

Years

Between: -

Subjects

remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline

Journals

Article Types

Countries / Regions

Search Results (106)

Search Parameters:
Keywords = traffic payload

Order results
Result details
Results per page
Select all
Export citation of selected articles as:
48 pages, 5756 KB  
Article
Field-Validated Multisensor Assessment of Haul-Road Degradation and Its Association with Fuel-Use Proxy Burden, Dynamic Response, and Transport-Cycle Stability in Open-Pit Mining
by Shakenov Aman Tulegenovich, Utegenova Assem Yerzhankyzy, Stolpovskikh Ivan Nikitovich, Orumbassarova Ainura Berikbolovna, Boris V. Malozyomov and Nikita V. Martyushev
Mining 2026, 6(3), 49; https://doi.org/10.3390/mining6030049 (registering DOI) - 5 Jul 2026
Abstract
The performance of haul trucks in open-pit mining is strongly affected by haul-road geometry, surface condition, rolling resistance, and operational traffic regimes. However, existing studies often consider road-surface mapping, vehicle dynamic response, and onboard telemetry as separate information streams, which limits the reproducible [...] Read more.
The performance of haul trucks in open-pit mining is strongly affected by haul-road geometry, surface condition, rolling resistance, and operational traffic regimes. However, existing studies often consider road-surface mapping, vehicle dynamic response, and onboard telemetry as separate information streams, which limits the reproducible assessment of how road-related factors are associated with VIMS-derived fuel-use proxy burden, mechanical dynamic response, and transport-cycle instability. This study proposes a field-based, segment-level multisensor framework that integrates unmanned aerial vehicle/light detection and ranging (UAV/LiDAR) road-surface reconstruction, global positioning system/inertial measurement unit (GPS/IMU) trajectory and vibration data, and Caterpillar Vial Information Management System (VIMS) telemetry into a unified spatiotemporal analytical dataset. The methodological contribution consists in the synchronization of heterogeneous data sources at the road-segment level, the calculation of interpretable road-condition and vehicle-response indicators, and the statistical assessment of road-related effects while explicitly accounting for confounding factors such as longitudinal grade, payload state, speed regime, truck class, and operational variability. Unlike studies that use LiDAR mapping, vibration monitoring, or onboard telemetry as separate diagnostic channels, the proposed approach introduces a segment-level analytical framework in which road morphology, truck response, and operational penalties are aligned within the same spatial unit, interpreted under confounder-aware conditions, and verified through repeat-pass reproducibility and robustness checks. The framework was tested on haul roads around the Ekibastuz open-pit coal mine. The field analysis identifies road segments where degraded surface morphology, increased waviness, unfavorable longitudinal profile, and higher rolling resistance coincide with increased mechanical dynamic response, VIMS-derived fuel-use proxy burden, braking instability, and travel-time variability. The results are interpreted as controlled field-supported associations rather than as isolated causal effects. The proposed maintenance ranking should therefore be regarded as a decision-support output, while the operational effectiveness of specific repair interventions requires future before–after validation. Full article
25 pages, 12560 KB  
Article
Edge-Cloud V2X Telemetry Pipeline and Operator Dashboard for Site-Level Supervisory Monitoring of Autonomous Mobile Units in Outdoor Industrial Sites
by Eun-Seong Pak, Bok-Joong Yoon, Kil-Soo Lee, Yong-Chul Cha and Hwa-Young Kim
Appl. Sci. 2026, 16(13), 6682; https://doi.org/10.3390/app16136682 - 3 Jul 2026
Viewed by 152
Abstract
Outdoor industrial sites, including logistics terminals, construction yards, and civil infrastructure worksites, increasingly require supervisory systems for monitoring autonomous mobile units under variable wireless and operational conditions. This study presents an edge-cloud telemetry platform that connects V2X on-board and roadside units to a [...] Read more.
Outdoor industrial sites, including logistics terminals, construction yards, and civil infrastructure worksites, increasingly require supervisory systems for monitoring autonomous mobile units under variable wireless and operational conditions. This study presents an edge-cloud telemetry platform that connects V2X on-board and roadside units to a normalized data pipeline and an operator dashboard. The architecture assigns frame reception and data validation to the edge layer, while cloud services perform stream ingestion, storage, querying, and visualization using a Kafka-Elasticsearch-Grafana stack. A fixed supervisory schema was defined for position, heading, speed, mission state, battery level, and error flags so that virtual fields used in early validation can later be replaced by measured signals without changing downstream interfaces. Physical field validation was conducted using a single test vehicle in a construction-site emulation environment to evaluate communication continuity and dashboard refresh behavior. Multi-unit applicability was examined at the architecture and schema levels, and a preliminary payload-level capacity estimate was derived using the telemetry frequency and payload-length assumptions. Under the tested site conditions, the system maintained continuous reception and visualization over an approximately 700 m distance from the RSU-side reference location. The measured end-to-end display delay averaged 0.78 s, with a standard deviation of 0.059 s and a maximum of 0.96 s. Under a 10 Hz status-message condition, the estimated pure-payload traffic was approximately 23 kbps per mobile unit. These results indicate that V2X-based edge-cloud telemetry can provide a practical baseline for supervisory monitoring in outdoor industrial sites, while simultaneous multi-vehicle validation, detailed network-load evaluation, and long-term field testing remain necessary future work. Full article
Show Figures

Figure 1

36 pages, 1360 KB  
Article
MM-NIDS: A Novel Multimodal Ensemble Fusion Network Intrusion Detection System Using Numeric, Text, Graph, and Quantum Representations
by Samar AboulEla and Rasha Kashef
Sensors 2026, 26(13), 4196; https://doi.org/10.3390/s26134196 - 2 Jul 2026
Viewed by 177
Abstract
The proliferation of digital infrastructures and the Internet of Things (IoT) has led to a rapid increase in interconnected devices, exposing modern systems to increasingly sophisticated cyber threats. Intrusion detection in such environments remains a major challenge due to limited device resources, evolving [...] Read more.
The proliferation of digital infrastructures and the Internet of Things (IoT) has led to a rapid increase in interconnected devices, exposing modern systems to increasingly sophisticated cyber threats. Intrusion detection in such environments remains a major challenge due to limited device resources, evolving attack vectors, and diverse traffic patterns. Traditional systems often fall short in scalability and adaptability when facing these modern threats. Thispaper introduces MM-NIDS, a novel multimodal fusion framework for NetFlow-based intrusion detection. The framework combines four complementary NetFlow-derived data representations (numerical, textual, graph-based, and quantum-inspired), each modeled using transformer-based architectures, including FT-Transformer and ELECTRA-Small. Feature embeddings are constructed using robust engineering techniques, while predictions from the four base models are integrated through five post hoc fusion strategies: averaging-based fusion, weighted averaging, confidence-based fusion, and two meta-fusion methods based on a Multi-Layer Perceptron (MLP) and Extreme Gradient Boosting (XGBoost). Extensive cross-dataset evaluations on four public NetFlow-based benchmarks confirm the system’s robustness, with the text-based model (M2) consistently achieving the highest individual performance. Fusion approaches provided modest and dataset-dependent improvements in detection balance, especially for underrepresented attacks. A detectability hypothesis was proposed and validated, showing that NetFlow features are particularly effective for volumetric and scan-based attacks but less so for stealthy, payload-driven threats. These findings highlight the potential of MM-NIDS for deployment in critical infrastructure, industrial IoT, and smart environments, suggesting that future work should incorporate deeper semantic or payload-level features to enhance the detection of evasive threats further. Full article
(This article belongs to the Special Issue Cyber Security and Privacy in Internet of Things (IoT))
17 pages, 1895 KB  
Article
Energy-Efficient Dynamic Retransmission Timeouts with Enhanced Stability for Constrained Application Protocol-Based Internet of Things Networks via Edge Intelligence-Assisted Cross-Layer Congestion Control
by Suyoung Choi
Electronics 2026, 15(13), 2884; https://doi.org/10.3390/electronics15132884 - 1 Jul 2026
Viewed by 152
Abstract
The co-existence of event-driven critical traffic and time-driven periodic traffic inevitably exacerbates cross-layer network congestion in resource-constrained edge environments. Although hybrid protocol architectures integrating the Constrained Application Protocol (CoAP) at the edge and Quick UDP Internet Connections (QUIC) in the core network have [...] Read more.
The co-existence of event-driven critical traffic and time-driven periodic traffic inevitably exacerbates cross-layer network congestion in resource-constrained edge environments. Although hybrid protocol architectures integrating the Constrained Application Protocol (CoAP) at the edge and Quick UDP Internet Connections (QUIC) in the core network have emerged, existing gateways manage these protocols independently, failing to provide an organic congestion control mechanism. To overcome these limitations, this paper proposes an ultra-lightweight Edge Intelligence (EI)-assisted end-to-end (E2E) CoAP-QUIC cross-layer congestion control framework powered by Proximal Policy Optimization (PPO). The proposed scheme introduces an ultra-lightweight traffic classification mechanism that instantly distinguishes traffic classes by parsing the existing two-bit type field in the CoAP header, effectively bypassing the payload inspection overhead. On the basis of this, the PPO agent shapes its reward function in real time, actively shifting optimization weights between delay reduction and throughput optimization. This dual-action control directly mitigates congestion by dynamically tuning the QUIC congestion window and CoAP back-off timers to prevent edge buffer saturation. Extensive simulations using Network Simulator 3 (NS-3) demonstrate that the proposed framework significantly outperforms state-of-the-art baselines, bounding end-to-end latency for critical traffic under 100 ms and improving overall energy efficiency by 21.5% while achieving a 98.2% packet delivery ratio. Full article
Show Figures

Figure 1

23 pages, 1133 KB  
Article
Time Dependent Truck–Drone Green Vehicle Routing Problem with Pickup and Delivery in Large Cities
by Xiancheng Zhou, Qingling Tang, Shuyi Zhang and Kun Yang
Electronics 2026, 15(13), 2781; https://doi.org/10.3390/electronics15132781 - 24 Jun 2026
Viewed by 113
Abstract
Recognizing the limitations of traditional vehicle routing models in urban environments, this work presents the Time-Dependent Truck-Drone Green Vehicle Routing Problem with Pickup and Delivery (TDTDGVRPPD) to simultaneously optimize environmental impact and operational efficiency. We first develop a truck fuel consumption and carbon [...] Read more.
Recognizing the limitations of traditional vehicle routing models in urban environments, this work presents the Time-Dependent Truck-Drone Green Vehicle Routing Problem with Pickup and Delivery (TDTDGVRPPD) to simultaneously optimize environmental impact and operational efficiency. We first develop a truck fuel consumption and carbon emission model that accounts for the effects of time-varying speeds and real-time loads during delivery. A nonlinear energy consumption model is then proposed for drones, considering payload weight. Based on these models, a mathematical formulation is developed to minimize the total operational cost, including truck and drone usage costs, truck fuel and carbon emission costs, drone energy consumption costs, truck–drone coordination time costs, and time-window violation penalties. The model also incorporates truck no-entry zones, time-varying speeds, and customers’ simultaneous pickup and delivery demands. An Improved Whale Optimization Algorithm (IWOA) hybridized with Variable Neighborhood Search (VNS) is developed to solve the problem. Simulation results show that the proposed model and algorithm effectively optimize truck departure times to avoid traffic congestion, reduce truck–drone coordination time, and lower total logistics costs and energy consumption, thereby contributing to energy conservation and emission reduction in logistics operations. Full article
(This article belongs to the Special Issue Intelligent Transportation Systems and Sustainable Smart Cities)
Show Figures

Figure 1

35 pages, 4344 KB  
Article
From Opaque Streams to Explainable Systems: Semantic MQTT Integration at the Edge
by Niklas Doerner and Maria Maleshkova
Future Internet 2026, 18(7), 334; https://doi.org/10.3390/fi18070334 (registering DOI) - 24 Jun 2026
Viewed by 141
Abstract
Industrial systems increasingly rely on MQTT-based message streaming to enable automated, data-driven production processes at the network edge. While semantic models such as the SSN/SOSA ontology enable machine-interpretable descriptions of observations and actuations, an explicit model of message transport is rarely considered. Consequently, [...] Read more.
Industrial systems increasingly rely on MQTT-based message streaming to enable automated, data-driven production processes at the network edge. While semantic models such as the SSN/SOSA ontology enable machine-interpretable descriptions of observations and actuations, an explicit model of message transport is rarely considered. Consequently, MQTT-based communication remains opaque, particularly regarding information processing, hindering the semantic analysis of application-specific topic structures and the behavior of transport protocols. To close this gap, this work introduces the revised MQTT4SSN ontology as a key contribution, extending existing semantic models with protocol-aware representations of MQTT entities, control packets, and transport-level interactions. MQTT4SSN enables end-to-end semantic traceability, from sensor observations and actuator controls to the underlying message transmission within distributed systems. Building on this contribution, the MQTT2RDF integration framework incorporates MQTT4SSN as its core to capture live MQTT traffic and represent both payload meaning and transport-level provenance within an RDF knowledge graph. This work presents a novel approach for representing edge computing and information processing over MQTT, addressing two key challenges. First, the framework supports semantic interpretation of topic hierarchies and provides configurable mappings between MQTT topics, payload structures, and observation or actuation semantics. This approach facilitates the setup of edge computing systems and enables context-aware subscription management and structured data formatting, thereby improving interoperability between heterogeneous deployments. Second, transport-level provenance analytics provide a semantic basis for query-based detection, classification support, and diagnostic analysis of malformed or incomplete MQTT communication. The approach provides explainable, traceable information processing through transport provenance, which is essential for safety-critical industrial environments. The contributions are validated through an industrial use case from a production environment, demonstrating its applicability for system monitoring, troubleshooting, and semantic analytics of MQTT-based infrastructures. Full article
(This article belongs to the Special Issue Intelligent Computing and Information Processing)
Show Figures

Figure 1

41 pages, 2309 KB  
Article
CertiFlash: A Cryptographic Framework for Secure Firmware and Logic Updates in SCADA and Industrial IoT Networks
by Pruthviraj Pawar and Gregory Epiphaniou
Electronics 2026, 15(13), 2780; https://doi.org/10.3390/electronics15132780 - 24 Jun 2026
Viewed by 139
Abstract
Across the world’s electrical substations, water-treatment plants, and manufacturing lines, a single engineer with valid credentials and a laptop can today push new control logic to a programmable logic controller (PLC) and change the physical behaviors of safety-critical equipment within minutes. Firmware and [...] Read more.
Across the world’s electrical substations, water-treatment plants, and manufacturing lines, a single engineer with valid credentials and a laptop can today push new control logic to a programmable logic controller (PLC) and change the physical behaviors of safety-critical equipment within minutes. Firmware and ladder-logic updates on SCADA and industrial IoT systems are privileged operations: an attacker installing a malicious update controls the physical process. Existing protections concentrate install authority in a single party with no externally verifiable record; compromise of the vendor key, the engineering workstation, or any operator credential suffices to deliver an attacker-chosen payload to a PLC. CertiFlash binds every update to four independent approvals: a vendor signature, a FROST-Ed25519 threshold signature from an operator quorum, a per-session nonce from the PLC, and a monotonic counter. Every decision is recorded in an append-only Merkle transparency log. The PLC verifies the aggregate with a standard RFC 8032 Ed25519 verifier, requiring no FROST-specific device code. Four security properties (authenticity, authorization, rollback resistance, auditability) are machine-checked in Tamarin under a Dolev–Yao adversary with up to t − 1 compromised operators and corroborated through ten attack scenarios. The implementation runs with concurrent Modbus TCP and Siemens S7 traffic, blocks all attacks, signs in 27–192 ms (k = 3–10), keeps ML-DSA-65 within 6% of Ed25519 from 1 KiB to 10 MiB, and sustains 30.1 updates/s on 100 PLCs. The operator-quorum signature remains FROST-Ed25519: the design is partially post-quantum in the evaluated version. The framework maps to IEC 62443-3-3 SR 3.4 and NIS2 Article 21(2)(d–e). Full article
29 pages, 2592 KB  
Article
A Cooperative Multi-Agent QTRAN Framework for Artificial Intelligence-Driven Cognitive V2X in the Internet of Vehicles
by Ramzi Bouzoubia, Sofiane Zaidi, Lazhar Khamer, Mostafa Ogab and Carlos T. Calafate
Appl. Sci. 2026, 16(12), 6188; https://doi.org/10.3390/app16126188 - 18 Jun 2026
Viewed by 269
Abstract
Resource allocation for cognitive Vehicle-to-Everything (V2X) networks is challenging due to dynamic spectrum sharing, strong interference coupling, and stringent latency constraints for safety-critical Vehicle-to-Vehicle (V2V) traffic. Although recent Multi-Agent Reinforcement Learning (MARL) approaches report promising gains, many evaluations are conducted at limited and [...] Read more.
Resource allocation for cognitive Vehicle-to-Everything (V2X) networks is challenging due to dynamic spectrum sharing, strong interference coupling, and stringent latency constraints for safety-critical Vehicle-to-Vehicle (V2V) traffic. Although recent Multi-Agent Reinforcement Learning (MARL) approaches report promising gains, many evaluations are conducted at limited and fixed network scales, which restricts insights into scalability under dense spectrum reuse. This paper investigates cooperative multi-agent learning for interference-aware and deadline-constrained V2X resource management. We propose a Q-value Transformation (QTRAN)-based value decomposition framework under centralized training with decentralized execution (CTDE) for joint resource-block and power allocation among V2V agents. The proposed approach is implemented in a realistic V2V/V2I simulator incorporating Manhattan grid mobility, fast fading, explicit cross-tier and co-channel interference, and per-link payload/deadline dynamics. Beyond communication-level performance, improved timely delivery of V2V safety messages can support cooperative maneuvering, collision avoidance, platooning, and infrastructure-assisted traffic management. Extensive simulations across varying numbers of V2V agents benchmark QTRAN against independent learning baselines including MARL and centralized single-agent learning (SARL). Results show that QTRAN improves performance compared with the selected learning baselines and enhances the throughput–reliability trade-off under interference-coupled spectrum reuse. For instance, at NV2V=20, QTRAN achieves a V2V rate of 0.194±0.004 and a V2I rate of 9.117±0.213, while reaching a V2V success rate of 0.812±0.017 with a low Deadline Miss Ratio of 0.001±0.000. At higher density (NV2V=50), QTRAN sustains strong reliability (V2V success rate of 0.719±0.006 and Completion Ratio of 0.716±0.006) while maintaining competitive infrastructure throughput (V2I rate of 9.251±0.114). These results indicate that QTRAN effectively captures non-linear interference interactions, enabling coordinated decentralized spectrum and power decisions under the adopted density-based evaluation setting, thereby enhancing V2V reliability and throughput in cognitive Internet of Vehicles. Full article
Show Figures

Figure 1

41 pages, 18483 KB  
Article
An Energy-Aware Post-Quantum Ascon–ML-KEM Cryptographic Framework for Low-Latency UAV Remote Sensing Communications
by Nedal Y. Al-Tamimi, Mahmoud AlJamal, Mohammad Q. Al-Jamal, Ayoub Alsarhan, Sami Aziz Alshammari, Nayef H. Alshammari, Khalid Hamad Alnafisah and Mohammed Kamel Aleinzi
Cryptography 2026, 10(3), 39; https://doi.org/10.3390/cryptography10030039 - 16 Jun 2026
Viewed by 253
Abstract
UAV-based remote sensing systems are increasingly deployed in smart surveillance, disaster response, environmental monitoring, and critical infrastructure inspection. In these applications, aerial sensing platforms must transmit telemetry, control commands, and observation data securely and reliably under strict latency, energy, and computational constraints. However, [...] Read more.
UAV-based remote sensing systems are increasingly deployed in smart surveillance, disaster response, environmental monitoring, and critical infrastructure inspection. In these applications, aerial sensing platforms must transmit telemetry, control commands, and observation data securely and reliably under strict latency, energy, and computational constraints. However, existing security approaches often fail to jointly provide lightweight payload confidentiality, quantum-resilient key establishment, and adaptive communication protection suitable for dynamic and resource-constrained aerial sensing environments. To address this challenge, this paper proposes an energy-aware post-quantum hybrid cryptographic framework for secure and low-latency UAV remote sensing communications in UAV–IoT mission networks. The proposed framework integrates Ascon-based authenticated encryption for low-overhead protection of remote sensing payloads and mission telemetry, ML-KEM-based post-quantum session-key establishment for long-term resilience against quantum-era threats, and an AI-driven adaptive rekeying mechanism that dynamically adjusts key-refresh decisions according to threat level, residual energy, mobility state, channel stability, anomaly density, traffic sensitivity, link type, and mission progression. Accordingly, rekeying is treated not as a static maintenance process but as an intelligent and context-aware cryptographic control function that adapts communication security to evolving mission and sensing conditions. The framework is evaluated across twenty progressively demanding scenarios involving different UAV counts, sensor densities, payload sizes, communication modes, and adversarial settings relevant to real-time remote sensing operations. Experimental results demonstrate a secure delivery rate of 99.2%, attack detection and mitigation effectiveness of 98.9%, end-to-end encryption latency of 8.7 ms, throughput of 5.03 Mbps, energy overhead of 11.6 mJ/session, rekeying overhead of 2.9 mJ/event, session resilience of 96.4%, and integrity verification success of 99.1%. These findings show that the proposed framework provides a practical and scalable contribution to post-quantum secure UAV remote sensing by unifying lightweight authenticated encryption, ML-KEM-based quantum-resilient key establishment, and AI-driven adaptive rekeying within a resilient aerial–terrestrial communication architecture. Full article
Show Figures

Figure 1

27 pages, 1800 KB  
Article
TLS-Aware Anomaly Detection for Encrypted IoT Traffic Using a β-Variational Autoencoder with ANOVA–Mutual Information Feature Selection
by Muhammad Nouman, Raja Ujjan and Muhsin Hassanu
Future Internet 2026, 18(6), 310; https://doi.org/10.3390/fi18060310 - 8 Jun 2026
Viewed by 287
Abstract
The rapid growth of the Internet of Things (IoT) has increased dependency on Transport Layer Security (TLS) for securing device communications, enhancing confidentiality while reducing the visibility required by traditional intrusion detection systems. As payload inspection becomes impractical in encrypted environments, anomaly detection [...] Read more.
The rapid growth of the Internet of Things (IoT) has increased dependency on Transport Layer Security (TLS) for securing device communications, enhancing confidentiality while reducing the visibility required by traditional intrusion detection systems. As payload inspection becomes impractical in encrypted environments, anomaly detection must instead rely on flow-level statistics and TLS metadata. This is challenging because IoT traffic is heterogeneous, non-stationary, and distributionally inconsistent across datasets, while many existing studies rely on single-dataset evaluation and therefore provide limited evidence of real-world generalisation. We introduce a TLS-aware anomaly detection framework that combines a β-Variational Autoencoder (β-VAE) with a hybrid ANOVA–Mutual Information (ANOVA–MI) feature-selection pipeline. The incremental contribution lies not in the individual use of these components, but in their integrated application to encrypted IoT anomaly detection under strict cross-dataset evaluation, where feature filtering, probabilistic latent regularisation, and threshold transferability are jointly examined without retraining or recalibration on target datasets. The framework models benign encrypted IoT traffic using probabilistic latent representations and identifies anomalies through reconstruction-error-based scoring. Network flows from the BoT-IoT, IoT-23, and ToN-IoT datasets were processed using Zeek and CICFlowMeter to construct a unified metadata feature space incorporating flow statistics and TLS attributes such as JA3 and JA3S fingerprints. The model was trained on benign BoT-IoT traffic and evaluated in both in-dataset and cross-dataset scenarios. The model achieves strong in-dataset performance on BoT-IoT (ROC-AUC 0.9996; F1 0.9922) and retains robust anomaly-ranking and threshold-based detection capability under cross-dataset domain shift (IoT-23: ROC-AUC 0.9882, F1 0.9422; ToN-IoT: ROC-AUC 0.9465, F1 0.8732). A comparative evaluation against deterministic autoencoders and classical baselines further indicates that the proposed β-VAE achieves stronger cross-dataset anomaly-ranking performance than the compared methods. These findings support the suitability of probabilistic latent modelling for privacy-preserving anomaly detection in encrypted IoT environments. Full article
(This article belongs to the Section Cybersecurity)
Show Figures

Graphical abstract

32 pages, 3129 KB  
Article
IoTDI-ImbS: A Precise Identification Model and Algorithm for IoT Devices from Network Traffic
by Junhao Qian, Shuang Zhao, Zhihao Wang and Zhihua Li
Sensors 2026, 26(11), 3530; https://doi.org/10.3390/s26113530 - 3 Jun 2026
Viewed by 324
Abstract
With the rapid development of the Internet of Things (IoT) and the increase in the frequency of cyberattacks, accurate identification of IoT end devices is critical to their security. Existing identification methods are based on raw, statistical, and deep features of network traffic, [...] Read more.
With the rapid development of the Internet of Things (IoT) and the increase in the frequency of cyberattacks, accurate identification of IoT end devices is critical to their security. Existing identification methods are based on raw, statistical, and deep features of network traffic, each with their own advantages and disadvantages. Raw feature-based methods have difficulty performing feature extraction and insufficient information. As such, the recognition accuracy of statistical feature-based methods is limited by the distinguishment machine learning classifiers, and the deep feature-based methods do not take into account the problem of large differences in traffic samples, which leads to low recognition accuracy in some devices. For this reason, this paper proposes the IoTDI-ImbS method. The method selects the network traffic payload information as the original features and converts them into grayscale images; uses a generative adversarial network-based IoT terminal devices traffic generation (NTGAN) algorithm to generate traffic samples for devices with fewer samples through generative adversarial network to solve the sample imbalance problem; and constructs a ResNet18-BiLSTM model, mining spatial features with ResNet18 and extracting temporal features with BiLSTM to improve recognition accuracy. The experimental results on different sizes of IoT terminal device datasets show that IoTDI-ImbS has performance advantages over other methods in recognition accuracy, better leverages the sample imbalance problem in the dataset, and provides a more effective solution for IoT device recognition. Experimental results on the UNSW and IoT Sentinel dataset demonstrate that IoTDI-ImbS significantly outperforms baseline methods. Specifically, on the UNSW dataset, our method achieves an overall accuracy of 99.1% and an F1-score of 0.985. After integrating the NTGAN module, the identification accuracy for minority classes improved by approximately 3.5%. On the IoT Sentinel dataset, the model maintains a high precision of 98.7%, proving its robustness in diverse IoT environments. Full article
(This article belongs to the Section Internet of Things)
Show Figures

Figure 1

23 pages, 619 KB  
Article
A Transformer-Based Intrusion Detection System for Zero-Day Attack Detection in IoT Networks
by Murtadha D. Hssayeni and Imadeldin Mahgoub
Future Internet 2026, 18(6), 282; https://doi.org/10.3390/fi18060282 - 25 May 2026
Viewed by 483
Abstract
The possibility of zero-day attacks on Internet of Things (IoT) networks is high, particularly in dynamic and heterogeneous IoT environments, including emerging battlefield scenarios (IoBT). Detecting these attacks requires adaptive and generalizable security mechanisms. Due to the unique and unknown signatures of these [...] Read more.
The possibility of zero-day attacks on Internet of Things (IoT) networks is high, particularly in dynamic and heterogeneous IoT environments, including emerging battlefield scenarios (IoBT). Detecting these attacks requires adaptive and generalizable security mechanisms. Due to the unique and unknown signatures of these attacks, they go undetected using signature-based Intrusion Detection Systems (IDSs) on the one side. On the other side, current anomaly-based IDSs that employ traditional machine learning on statistical features struggle to adapt and generalize to unknown networks, which is the case in IoBT. Transformer-based deep learning models have shown the capability of learning complex sequential patterns. This ability can be leveraged to analyze packet payloads that encompass opcodes capable of executing malicious patterns within an IoT network. In this work, we propose a dual-stage Transformer IDS that operates on the raw payload of network packets to detect zero-day attacks. Due to the lack of IoBT datasets, we evaluate the algorithm on three comprehensive IoT traffic benchmarks—MQTT-IoT, IoT-23, and CIC-IoT-2022—which have a high number of IoT devices and various attacks. Importantly, model evaluation is performed in two cross-validation settings to address the key operational challenges associated with unseen scenarios and networks. The evaluation settings are split-at-scenario to evaluate the detection ability of zero-day attacks and split-at-dataset to evaluate the model’s generalizability to new environments. In the former, the average increase in the F1-score of the proposed algorithm over the baseline model is 44% in detecting four zero-day attacks presented in the MQTT-IoT dataset. In the latter, the average increase in the F1-score is 16% in detecting malicious attacks across the three datasets. These results show the benefit of advanced AI in securing the next generation of IoT systems in future Internet applications. Full article
(This article belongs to the Special Issue State-of-the-Art Future Internet Technology in USA 2026–2027)
Show Figures

Graphical abstract

41 pages, 1267 KB  
Article
An Adaptive Rule-Based Engine for Application-Layer Security
by Mihai-Cătălin Cujbă, Costin-Gabriel Chiru, Ion Bica and Iulian Tiţă
Appl. Sci. 2026, 16(11), 5220; https://doi.org/10.3390/app16115220 - 22 May 2026
Viewed by 340
Abstract
We present a composable, pipeline-based rules engine for detecting application-level intrusions in HTTP traffic with adaptive rule generation capabilities. Rules are expressed in JSON chain multi-step decoders (Base64, hex, XOR, zlib, gzip) with matching primitives (word boundaries, regular expressions, substring sets) to detect [...] Read more.
We present a composable, pipeline-based rules engine for detecting application-level intrusions in HTTP traffic with adaptive rule generation capabilities. Rules are expressed in JSON chain multi-step decoders (Base64, hex, XOR, zlib, gzip) with matching primitives (word boundaries, regular expressions, substring sets) to detect obfuscated payloads. To enable adaptation to novel attack patterns, we integrate a large language model (LLM) component as a second-opinion layer that automatically generates validated detection rules for previously unseen threats, combining the adaptability of machine learning with the interpretability of explicit rules. We evaluate the system on two standard benchmarks (CSIC 2010 and HttpParamsDataset) and present a head-to-head comparison with ModSecurity and the OWASP Core Rule Set, achieving 98.1% and 98.3% detection rates with F1 scores above 0.97 on both datasets while maintaining false positive rates below 0.51%. Full article
(This article belongs to the Special Issue Novel Approaches for Cybersecurity and Cyber Defense)
Show Figures

Figure 1

24 pages, 1406 KB  
Review
Dynamic Estimation of Truck Emissions for Environmental Management: Multi-Source Data Fusion, Physics-Constrained Modeling, and Applications
by Yansen Gao, Yan Yan, Liang Song and Xiaomin Dai
Appl. Sci. 2026, 16(11), 5190; https://doi.org/10.3390/app16115190 - 22 May 2026
Viewed by 248
Abstract
Conventional truck emission accounting methods based on average activity levels and static emission factors are increasingly inadequate for dynamic regulation and policy comparison at high spatiotemporal resolution. This review synthesizes recent progress in dynamic truck emission estimation from four perspectives: multi-source data support, [...] Read more.
Conventional truck emission accounting methods based on average activity levels and static emission factors are increasingly inadequate for dynamic regulation and policy comparison at high spatiotemporal resolution. This review synthesizes recent progress in dynamic truck emission estimation from four perspectives: multi-source data support, key feature extraction, physics-constrained emission modeling, and governance-oriented applications. The literature was collected from Web of Science Core Collection and ScienceDirect for the period 2014–2026, supplemented by backward reference checking, and was analyzed through a progressive framework linking data, features, models, and governance tasks. Unlike previous reviews that usually discuss emission inventories, conventional emission models, or data-driven prediction methods separately, this review highlights an integrated governance-oriented chain that connects multi-source data fusion, mechanism-related feature construction, physics-constrained modeling, and environmental management applications. Existing studies suggest that multi-source data, including GPS trajectories, on-board diagnostics (OBDs), on-board monitoring (OBM), portable emissions measurement system (PEMS) measurements, traffic flow monitoring, and road network attributes, provide an important basis for representing real-world operating processes. Meanwhile, key features have expanded from surface-level variables such as vehicle velocity to mechanism-related factors, including payload, road grade, engine operating conditions, vehicle-specific power, and roadway context. Truck emission modeling has also evolved from unconstrained or weakly constrained approaches toward frameworks that place greater emphasis on physical consistency, interpretability, and result credibility. In parallel, application scenarios have extended from emission quantification to high-emission vehicle identification, dynamic inventory development, hotspot detection, policy comparison, and transport optimization. These developments can support policymakers, transportation planners, and environmental agencies in moving from aggregate emission accounting toward targeted and process-based truck emission governance. Current research, however, still faces challenges related to data consistency, model generalizability, uncertainty propagation, and real-time application. Future work should focus on standardized datasets, hybrid AI–physics modeling frameworks, uncertainty-aware validation, real-time deployment in intelligent transportation systems, and improved links between dynamic estimation and practical environmental management. Full article
Show Figures

Graphical abstract

23 pages, 4279 KB  
Article
Impact of Server-Side Aggregation on Federated Traffic Classification Under Heterogeneous Data Distributions
by Salam Allawi Hussein and Sándor R. Répás
Big Data Cogn. Comput. 2026, 10(6), 167; https://doi.org/10.3390/bdcc10060167 - 22 May 2026
Viewed by 1800
Abstract
The growing prevalence of encrypted network traffic has rendered traditional payload-based inspection ineffective, shifting attention toward flow-level statistical analysis combined with machine learning. At the same time, privacy regulations and distributed network architectures make centralised data collection increasingly impractical, motivating federated learning as [...] Read more.
The growing prevalence of encrypted network traffic has rendered traditional payload-based inspection ineffective, shifting attention toward flow-level statistical analysis combined with machine learning. At the same time, privacy regulations and distributed network architectures make centralised data collection increasingly impractical, motivating federated learning as a privacy-preserving alternative. Despite its promise, deploying federated learning for encrypted traffic classification in realistic environments remains challenging, particularly under heterogeneous client data distributions that arise when different network sites observe different subsets of services. This paper examines how server-side aggregation affects federated QUIC traffic classification under such heterogeneous conditions. We use a five-class Google QUIC dataset and represent each flow with eight statistical features derived from packet size and timing. We compare a centralised baseline with federated learning under three client partitions: mixed-label clients (C1), service-based single-class clients (C2), and hash-based semi-IID clients (C3). For each case, we evaluate four Flower aggregation strategies: FedAvg, FedAdam, FedAvgM, and FedYogi. Results show that client distribution has a greater impact on performance than the choice of aggregation strategy. Federated models match or closely approach centralised performance in C1 and C3, with accuracy up to 0.9969 and macro-AUC near 1.0. In C2, accuracy drops due to extreme label skew, but adaptive aggregation mitigates the effect. FedYogi achieves the best C2 accuracy of 0.9287, while FedAvgM attains the highest C2 macro-AUC of 0.9885. ROC curves and confusion matrices confirm that the choice of aggregation matters mainly under severe heterogeneity. Full article
Show Figures

Figure 1

Back to TopTop