Journal of Network and Systems Management

Khan, Aman; Dhiman, Arti; Baswade, Anand M.

doi: 10.1007/s10922-026-10091-0pmid: N/A

Wireless communications can be affected by high-speed mobility environments, potentially affecting the user experience. For example, the deployment of a dense cluster of LEO satellite-based 5G base stations to serve masses of users with real-time services might experience communication interruption due to frequent handovers because of high mobility and long distance. Also, the integration of heterogeneous networks to fulfill user demands brings out different scenarios of handovers to deal with. Aiming to reduce the handover latency of legacy handover schemes, a fast handover scheme based on a pre-registration mechanism is proposed. The paper proposes a dwell-time estimation-based handover scheme that computes the serving time of a base station and performs a-priori registration of User Equipment (UE) at its target base station. A path duplication approach is introduced to reduce handover latency and the probability of handover failure. A network scenario is considered where the UE has the capability to connect to terrestrial or satellite networks depending upon the signal quality. This gives rise to handover scenarios, such as inter-satellite and integrated satellite-terrestrial handovers. The paper analytically models each of the handover scenarios followed by its performance evaluation in terms of handover delay and probability of handover failure for variable processing delay of a base station (gNB) as well as for variable UE velocity. The performance comparison with the legacy handover shows a reduction of handover latency by 28.22% and 36.23% in each of the inter-satellite and integrated satellite-terrestrial handover scenarios, respectively.

Bencheikh Lehocine, Madjed; Belhadef, Hacene; Djaaboub, Salim

doi: 10.1007/s10922-026-10083-0pmid: N/A

While network security continues to evolve, efficient and scalable network intrusion detection systems (IDS) are more critical than ever. However, their deployment presents significant challenges due to their high computational and memory requirements. This resource burden often leads to performance bottlenecks and scalability issues in real-world scenarios. The present paper relies on a preprocessing method that transforms raw network traffic into grayscale images (28 × 28 pixels) and introduces a novel approach that leverages image texture features to achieve significant dimensionality reduction of network traffic data. Our approach achieves an accuracy of 99,97% and 99,85% for binary and multiclass classification respectively while reducing feature space from 784 to just 3 features, preserving essential characteristics and significantly lowering computational overhead. By integrating XGBoost as a classifier model, we show that high intrusion detection accuracy can be achieved with minimal computational resources. The approach has been tested on the InSDN dataset, suggesting its potential robustness for the detection of various attack classes. Experimental results reveal that our approach not only maintains competitive detection metrics but also appears to reduce processing overhead and memory requirements. Our findings suggest that image texture-based features efficiently bridge the gap between detection accuracy and resource efficiency in modern IDS implementations, providing a practical solution for resource-constrained environments.

Bilen, Tuğçe; Özdem, Mehmet

doi: 10.1007/s10922-026-10060-7pmid: N/A

Ultra-dense edge computing environments pose significant challenges for maintaining Service-Level Agreement (SLA) guarantees due to dynamic workloads, heterogeneous tenant requirements, and shared resource contention. While centralized reinforcement learning can adapt to changing conditions, it often suffers from scalability and privacy limitations, whereas fully independent learning strategies fail to coordinate resource usage across tenants sharing the same infrastructure. In this work, we propose a modular Federated Reinforcement Learning (FRL) framework for multi-tenant resource allocation in edge systems. The architecture operates as a closed-loop control pipeline consisting of real-time telemetry collection, graph-based state construction to capture tenant–node contention, federated policy learning using Proximal Policy Optimization (PPO) at each tenant with asynchronous aggregation, and an execution layer that enforces resource adjustments. To align learning with SLA objectives, we design an SLA-aware reward that balances latency violations, resource efficiency, and action stability. Extensive simulations in a large-scale ultra-dense edge scenario show that the proposed framework consistently reduces SLA violations, improves resource utilization balance, stabilizes control actions, and achieves higher global rewards compared to centralized, independent, and static allocation baselines.

Goutal, Abdelhak; Moktefi, Mohand; Bouallouche-Medjkoune, Louiza

doi: 10.1007/s10922-026-10072-3pmid: N/A

This paper presents a novel modulation technique called Dynamic Frequency Shift Keying (Dynamic FSK), designed for modern Internet of Things (IoT) networks where devices are low-power, low-cost, and often deployed in dense environments. Unlike conventional Frequency Shift Keying (FSK) schemes with fixed frequency dictionaries, Dynamic FSK introduces a dynamic frequency generation mechanism, in which each transmitted frequency is derived within its dedicated tone from the data symbol, a scaling factor, and an auxiliary term for redundancy and validation. A greedy spectral partitioning algorithm is applied to maximize transmitted bits while minimizing frequency transitions, enabling per-symbol modulation with very low computational load, well suited for constrained IoT hardware. Dynamic FSK is evaluated against three widely used schemes–16-FSK, Chirp Spread Spectrum (CSS), and 64-Quadrature Amplitude Modulation (64-QAM)–under two representative channel models: ideal Additive White Gaussian Noise (AWGN) and degraded Rayleigh fading with interference and frequency drift. GNU Radio simulations demonstrate that Dynamic FSK achieves superior resilience in terms of throughput and latency under increasing network density, while maintaining low energy consumption. The evaluation also considers spectral efficiency and a point-to-point bit error rate (BER) analysis to assess bandwidth utilization and physical-layer robustness. To enable cross-metric comparison, a Global Efficiency Index (GEI) is introduced, combining energy, latency, and throughput. Dynamic FSK consistently outperforms the benchmark schemes in terms of GEI and shows high robustness under degraded conditions. These results highlight its potential as a practical and scalable modulation for future IoT deployments.

Kumar, Rohit; Agrawal, Neha; Tapaswi, Shashikala

doi: 10.1007/s10922-026-10093-ypmid: N/A

The inherent limitations of existing 5G networks have catalyzed the evolution of Beyond-5G (B5G) technologies to address the growing demands of intelligent and data-intensive applications across diverse sectors. Concurrently, global environmental and climatic challenges have amplified the urgency for sustainable technological solutions. Such solutions are critical for reshaping the development trajectory of highly digitized and industrialized societies, particularly in addressing pressing issues related to energy efficiency and environmental sustainability. These concerns are further intensified by the challenges associated with recycling and managing the increasing volumes of electronic equipment and Internet of Things (IoT) devices. Consequently, there is a compelling need to design and implement sustainable solutions tailored to B5G-enabled applications in order to mitigate anticipated future challenges. These sustainability driven solutions are expected to accommodate the evolving service requirements of heterogeneous computing paradigms, including cloud, edge, and fog computing environments. Achieving this objective necessitates the seamless integration of communication, computing, and caching functionalities, commonly referred to as 3C convergence. This integration presents significant opportunities for innovation across application domains such as industrial systems, healthcare, education, and intelligent transportation. The advanced capabilities inherent in B5G technologies are poised to substantially enhance the efficiency, scalability, and responsiveness of Cloud/ Edge/Fog (CEF) networks, thereby enabling improved service delivery. In this context, the present work aims to provide a comprehensive review of existing research and literature on B5G-aware CEF networks. It systematically examines the associated opportunities and challenges while exploring potential pathways for the effective integration and deployment of these advanced network architectures across a wide range of application domains.

Thi My Binh, Nguyen; Son Tung, Tran; Dung, Tran Le; Duc Luong, Ho Viet

doi: 10.1007/s10922-026-10080-3pmid: N/A

Dynamic underwater wireless sensor networks (UWSNs) play a crucial role in marine monitoring and surveillance, but their performance is severely constrained by limited energy resources and harsh environmental dynamics. This paper studies the Maximum Lifetime Target Coverage (MLTC-UWSN) problem, which aims to prolong network lifetime while guaranteeing complete target coverage and connectivity under a probabilistic sensing model. We propose EGA-MLTC, an enhanced genetic algorithm that integrates improved crossover, mutation, and diversity-preserving mechanisms within a key-time scheduling framework, enabling effective extraction of disjoint sensor covers that adapt to sensor state variations. The proposed approach is evaluated against baseline metaheuristics, including Differential Evolution (DE) and Harmony Search (HMS), under diverse network scales, sensor densities, and environmental conditions. Simulation results show that EGA-MLTC consistently achieves longer operational lifetimes and more robust coverage than competing methods. These findings establish EGA-MLTC as a practical and scalable solution for efficient and reliable operation of dynamic UWSNs.

Ding, Junjun; Zhong, Yunxue; Meng, Haofei; Yu, Wenwu; Song, Yubo

doi: 10.1007/s10922-026-10077-ypmid: N/A

Attribute-based access control provides expressive policies but is difficult to scale in dynamic systems that lack curated access control logs and manually designed attribute schemas. Existing methods either mine symbolic rules from structured logs, which are brittle under behavioral variation, or train black box classifiers that do not expose policy structure. This paper presents DACL, a framework that performs structured representation learning from network behavior augmented with security labels and identifier to entity bindings obtained from intrusion detection and asset inventories. DACL constructs a hybrid latent space with factorized variational modeling and vector quantization, separates behavioral factors that correlate with access decisions, and aligns selected dimensions with semantic attributes through lightweight supervision. Axis aligned predicates in this space are compiled into structured access policies in a format compatible with XACML policy engines. On CIC-IDS2017, CSE-CIC-IDS2018, and UNSW-NB15, DACL achieves F1 scores up to 0.946 and reduces the weighted structural complexity of the learned policies by 27% to 42% relative to symbolic and neural baselines. The resulting policies remain interpretable, can be linked to subject and resource attributes through external inventories, and can be enforced by standard XACML deployments without relying on pre existing attribute-based access control logs.

Kassem, Jamil Ahmad; Pous, Helena Rifà; Garcia-Alfaro, Joaquin

doi: 10.1007/s10922-026-10068-zpmid: N/A

When confronted with advanced cyber threats, traditional cybersecurity methods often struggle with system performance and cost-effectiveness. Current approaches using game theory for passive applications, such as Moving Target Defense (MTD), lack flexibility in adapting to varying resource criticalities and rely on rigid cost assumptions that overlook the interdependencies among system components. Additionally, these approaches are complex and grow exponentially more complex with the network. This paper presents the Multiple Target Moving Target Defense (MTD) Model (MT2M), a strategic MTD framework based on Bayesian Stackelberg game theory to optimize cyber defense costs. Optimization is done while considering both resource criticality and node capacity. By transforming a complex, NP-hard cost problem into a linear one, MT2M enables scalable deployment. Numerical simulations demonstrate that the proposed framework achieves comparable security to traditional methods while reducing defense costs by up to \documentclass[12pt]{minimal}\usepackage{amsmath}\usepackage{wasysym}\usepackage{amsfonts}\usepackage{amssymb}\usepackage{amsbsy}\usepackage{mathrsfs}\usepackage{upgreek}\setlength{\oddsidemargin}{-69pt}\begin{document}$$15\%$$\end{document}. This research establishes a framework that can be later expanded to include a more variable and complex network configuration.

Alyaoui, Nouha; Guiloufi, Awatef Benfradj; Baccouch, Oumayma; Chabir, Karim

doi: 10.1007/s10922-026-10088-9pmid: N/A

With the rapid proliferation of connected vehicle technologies, Vehicular Ad-hoc Networks (VANETs) are facing significant challenges in managing network resources due to their highly dynamic topology and frequent link disruptions. The decentralized nature of traditional routing and scheduling protocols often leads to performance degradation, increased latency, and severe congestion. To address these issues, this paper proposes a novel, centralized, and intelligent architecture that leverages Software-Defined Networking (SDN) and the Proximal Policy Optimization (PPO) algorithm. In our framework, the SDN controller provides a global, real-time view of the network state, which serves as the input for a deep reinforcement learning agent based on PPO, which learns to make optimal scheduling and congestion control decisions across the network. Our simulation results, conducted in a realistic vehicular environment, demonstrate that the proposed SDN-PPO architecture significantly outperforms the decentralized PPO approach, SDN-DQN and IEEE 1609.4 in terms of key performance indicators, namely packet delivery rate, end-to-end latency, and throughput. This work shows that the strategic combination of a global SDN view with a stable and robust PPO agent is a highly effective solution for managing the complexity of dynamic vehicular environments.

Peng, Jialiang; Li, An; Yang, Dong; El-Latif, Ahmed A. Abd

doi: 10.1007/s10922-026-10092-zpmid: N/A

The widespread deployment of intelligent devices in the Internet of Things (IoT) has brought significant convenience to daily life and industrial production, but also introduced severe security risks. Malware frequently employs domain generation algorithms to create large numbers of malicious domain names, enabling remote code execution and backdoor implantation attacks on IoT devices. Existing detection methods generally rely on collecting massive domain name datasets from IoT devices for centralized machine learning model training. However, such data is closely linked to user privacy, raising critical concerns. To address this issue, we propose a federated learning-based mechanism for detecting malicious domain names in IoT environments while preserving user privacy. This federated mechanism integrates a pre-trained transfer learning model and is designed to handle heterogeneous domain name distributions across IoT clients. Furthermore, we optimize the local loss function to reduce communication cost and improve convergence stability during federated training. By leveraging the pre-trained model under federated learning, the proposed optimization strategy mitigates the performance degradation caused by data heterogeneity. Extensive experiments on diverse benchmark datasets demonstrate that the proposed federated detection approach outperforms several state-of-the-art baseline methods, achieving superior detection performance while ensuring privacy protection in IoT networks.