The Tactile Internet of Things(TIoT)promises transformative applications—ranging from remote surgery to industrial robotics—by incorporating haptic feedback into traditional IoT systems.Yet TIoT’s stringent require...The Tactile Internet of Things(TIoT)promises transformative applications—ranging from remote surgery to industrial robotics—by incorporating haptic feedback into traditional IoT systems.Yet TIoT’s stringent requirements for ultra-low latency,high reliability,and robust privacy present significant challenges.Conventional centralized Federated Learning(FL)architectures struggle with latency and privacy constraints,while fully distributed FL(DFL)faces scalability and non-IID data issues as client populations expand and datasets become increasingly heterogeneous.To address these limitations,we propose a Clustered Distributed Federated Learning(CDFL)architecture tailored for a 6G-enabled TIoT environment.Clients are grouped into clusters based on data similarity and/or geographical proximity,enabling local intra-cluster aggregation before inter-cluster model sharing.This hierarchical,peer-to-peer approach reduces communication overhead,mitigates non-IID effects,and eliminates single points of failure.By offloading aggregation to the network edge and leveraging dynamic clustering,CDFL enhances both computational and communication efficiency.Extensive analysis and simulation demonstrate that CDFL outperforms both centralized FL and DFL as the number of clients grows.Specifically,CDFL demonstrates up to a 30%reduction in training time under highly heterogeneous data distributions,indicating faster convergence.It also reduces communication overhead by approximately 40%compared to DFL.These improvements and enhanced network performance metrics highlight CDFL’s effectiveness for practical TIoT deployments.These results validate CDFL as a scalable,privacy-preserving solution for next-generation TIoT applications.展开更多
The Internet of Things(IoT)is a smart infrastructure where devices share captured data with the respective server or edge modules.However,secure and reliable communication is among the challenging tasks in these netwo...The Internet of Things(IoT)is a smart infrastructure where devices share captured data with the respective server or edge modules.However,secure and reliable communication is among the challenging tasks in these networks,as shared channels are used to transmit packets.In this paper,a decision tree is integrated with other metrics to form a secure distributed communication strategy for IoT.Initially,every device works collaboratively to form a distributed network.In this model,if a device is deployed outside the coverage area of the nearest server,it communicates indirectly through the neighboring devices.For this purpose,every device collects data from the respective neighboring devices,such as hop count,average packet transmission delay,criticality factor,link reliability,and RSSI value,etc.These parameters are used to find an optimal route from the source to the destination.Secondly,the proposed approach has enabled devices to learn from the environment and adjust the optimal route-finding formula accordingly.Moreover,these devices and server modules must ensure that every packet is transmitted securely,which is possible only if it is encrypted with an encryption algorithm.For this purpose,a decision tree-enabled device-to-server authentication algorithm is presented where every device and server must take part in the offline phase.Simulation results have verified that the proposed distributed communication approach has the potential to ensure the integrity and confidentiality of data during transmission.Moreover,the proposed approach has outperformed the existing approaches in terms of communication cost,processing overhead,end-to-end delay,packet loss ratio,and throughput.Finally,the proposed approach is adoptable in different networking infrastructures.展开更多
The rapid proliferation of Internet of Things(IoT)devices has heightened security concerns,making intrusion detection a pivotal challenge in safeguarding these networks.Traditional centralized Intrusion Detection Syst...The rapid proliferation of Internet of Things(IoT)devices has heightened security concerns,making intrusion detection a pivotal challenge in safeguarding these networks.Traditional centralized Intrusion Detection Systems(IDS)often fail to meet the privacy requirements and scalability demands of large-scale IoT ecosystems.To address these challenges,we propose an innovative privacy-preserving approach leveraging Federated Learning(FL)for distributed intrusion detection.Our model eliminates the need for aggregating sensitive data on a central server by training locally on IoT devices and sharing only encrypted model updates,ensuring enhanced privacy and scalability without compromising detection accuracy.Key innovations of this research include the integration of advanced deep learning techniques for real-time threat detection with minimal latency and a novel model to fortify the system’s resilience against diverse cyber-attacks such as Distributed Denial of Service(DDoS)and malware injections.Our evaluation on three benchmark IoT datasets demonstrates significant improvements:achieving 92.78%accuracy on NSL-KDD,91.47%on BoT-IoT,and 92.05%on UNSW-NB15.The precision,recall,and F1-scores for all datasets consistently exceed 91%.Furthermore,the communication overhead was reduced to 85 MB for NSL-KDD,105 MB for BoT-IoT,and 95 MB for UNSW-NB15—substantially lower than traditional centralized IDS approaches.This study contributes to the domain by presenting a scalable,secure,and privacy-preserving solution tailored to the unique characteristics of IoT environments.The proposed framework is adaptable to dynamic and heterogeneous settings,with potential applications extending to other privacy-sensitive domains.Future work will focus on enhancing the system’s efficiency and addressing emerging challenges such as model poisoning attacks in federated environments.展开更多
The rapid development of Internet technology makes it possible to integrate GIS with the Internet,forming Internet GIS.Internet GIS is based on a distributed client/server architecture and TCP/IP & IIOP.When const...The rapid development of Internet technology makes it possible to integrate GIS with the Internet,forming Internet GIS.Internet GIS is based on a distributed client/server architecture and TCP/IP & IIOP.When constructing and designing Internet GIS,we face the problem of how to express information units of Internet GIS.In order to solve this problem,this paper presents a distributed hypermap model for Internet GIS.This model provides a solution to organize and manage Internet GIS information units.It also illustrates relations between two information units and in an internal information unit both on clients and servers.On the basis of this model,the paper contributes to the expressions of hypermap relations and hypermap operations.The usage of this model is shown in the implementation of a prototype system.展开更多
LDoS (Low-rate Denial of Service) attack, exploiting the flaws in the congestion avoidance mechanism of TCP protocol,is periodic, stealthy, and with high efficiency. Since BGP uses TCP as a transport protocol, it is...LDoS (Low-rate Denial of Service) attack, exploiting the flaws in the congestion avoidance mechanism of TCP protocol,is periodic, stealthy, and with high efficiency. Since BGP uses TCP as a transport protocol, it is subject to LDoS attacks as well. LDoS attacks can cause table reset, route flapping of BGP protocol. A deliberately constructed distributed low-rate DOS attacks can even generate surge of updates throughout the Internet. In this paper, we investigate the promotion of attack efficiency of this novel attack, and then propose an attack model to simulate the LDoS attack. Experiments prove that this attack model can exponentially lower the attack costs and improve the attack effect.展开更多
With the rapid development of Internet of Things (IoT),the issue of trust in distributed routing systems has attracted more research attention.The existing trust management frameworks,however,suffer from some possible...With the rapid development of Internet of Things (IoT),the issue of trust in distributed routing systems has attracted more research attention.The existing trust management frameworks,however,suffer from some possible attacks in hostile environments,such as false accusation,collusion,on-off,and conflicting behavior.Therefore,more comprehensive models should be proposed to predict the trust level of nodes on potential routes more precisely,and to defeat several kinds of possible attacks.This paper makes an attempt to design an attack-resistant trust management model based on beta function for distributed routing strategy in IoT.Our model can evaluate and propagate reputation in distributed routing systems.We first describe possible attacks on existing systems.Our model is then proposed to establish reliable trust relations between self-organized nodes and defeat possible attacks in distributed routing systems.We also propose a theoretical basis and skeleton of our model.Finally,some performance evaluations and security analyses are provided to show the effectiveness and robustness of our model compared with the existing systems.展开更多
The Internet service provider(ISP)is the heart of any country’s Internet infrastructure and plays an important role in connecting to theWorld WideWeb.Internet exchange point(IXP)allows the interconnection of two or m...The Internet service provider(ISP)is the heart of any country’s Internet infrastructure and plays an important role in connecting to theWorld WideWeb.Internet exchange point(IXP)allows the interconnection of two or more separate network infrastructures.All Internet traffic entering a country should pass through its IXP.Thus,it is an ideal location for performing malicious traffic analysis.Distributed denial of service(DDoS)attacks are becoming a more serious daily threat.Malicious actors in DDoS attacks control numerous infected machines known as botnets.Botnets are used to send numerous fake requests to overwhelm the resources of victims and make them unavailable for some periods.To date,such attacks present a major devastating security threat on the Internet.This paper proposes an effective and efficient machine learning(ML)-based DDoS detection approach for the early warning and protection of the Saudi Arabia Internet exchange point(SAIXP)platform.The effectiveness and efficiency of the proposed approach are verified by selecting an accurate ML method with a small number of input features.A chi-square method is used for feature selection because it is easier to compute than other methods,and it does not require any assumption about feature distribution values.Several ML methods are assessed using holdout and 10-fold tests on a public large-size dataset.The experiments showed that the performance of the decision tree(DT)classifier achieved a high accuracy result(99.98%)with a small number of features(10 features).The experimental results confirmthe applicability of using DT and chi-square for DDoS detection and early warning in SAIXP.展开更多
In recent years,the Industrial Internet and Industry 4.0 came into being.With the development of modern industrial intelligent manufacturing technology,digital twins,Web3 and many other digital entity applications are...In recent years,the Industrial Internet and Industry 4.0 came into being.With the development of modern industrial intelligent manufacturing technology,digital twins,Web3 and many other digital entity applications are also proposed.These applications apply architectures such as distributed learning,resource sharing,and arithmetic trading,which make high demands on identity authentication,asset authentication,resource addressing,and service location.Therefore,an efficient,secure,and trustworthy Industrial Internet identity resolution system is needed.However,most of the traditional identity resolution systems follow DNS architecture or tree structure,which has the risk of a single point of failure and DDoS attack.And they cannot guarantee the security and privacy of digital identity,personal assets,and device information.So we consider a decentralized approach for identity management,identity authentication,and asset verification.In this paper,we propose a distributed trusted active identity resolution system based on the inter-planetary file system(IPFS)and non-fungible token(NFT),which can provide distributed identity resolution services.And we have designed the system architecture,identity service process,load balancing strategy and smart contract service.In addition,we use Jmeter to verify the performance of the system,and the results show that the system has good high concurrent performance and robustness.展开更多
The inherent complexity and uncertainty of multi-operator multi-robot (MOMR) tele-operation system make its safeguard an essential problem. Hazardous factors in the system are analyzed using fault tree analysis(FTA...The inherent complexity and uncertainty of multi-operator multi-robot (MOMR) tele-operation system make its safeguard an essential problem. Hazardous factors in the system are analyzed using fault tree analysis(FTA) technology, and three-layer interactive safety architecture with information flow is designed in modules to control the factors according to the holistic control mode. After that, distributed virtual environment (DVE) including the characteristics of virtual guide (VG) technology is discussed to help the operators achieve some tasks through the visibility of control commands, time-delay, movement collision and operators' intentions. Finally an experiment is implemented to test the efficiency of safety control architecture by using two robots to place some building blocks in the same workspace.展开更多
The adopters of IoT face challenges with the surging Internet-based attacks on their IoT assets and inefficiencies within the technology. Unfortunately, IoT is overly distributed, still evolving and facing implementat...The adopters of IoT face challenges with the surging Internet-based attacks on their IoT assets and inefficiencies within the technology. Unfortunately, IoT is overly distributed, still evolving and facing implementation and security challenges. Given the above scenario, we argue that the IoT network should always be decentralized design, and security should be built by design. The paper is the design and construction of a decentralized IoT security framework, with the goal of making emerging IoT systems more resilient to attacks and supporting complex communication and resource sharing. The framework improves efficiency and scalability in IoT, exposes vulnerable subsystems and components as possible weak links to system compromise, and meets the requirements of a heterogeneous computing environment. Other features of the framework including efficient resource sharing, fault tolerance, and distributed storage support the Internet of Things. We discuss the design requirements and carry out the implementation of Proof of Concept and evaluation of our framework. Two underlying technologies: the actor model and the blockchain were used for the implementation. Our reason for choosing the actor model and blockchain is to compare its suitability for IoT integration in parallel. Hence, evaluation of the system is performed based on computational and memory efficiency, security, and scalability. We conclude from the evaluations that the actor-based implementation has better scalability than the block-chain-based implementation. Also, the blockchain seems to be computationally more intensive than the actors and less suitable for IoT systems.展开更多
Distributed Luby Transform (DLT) codes have been proposed to improve the robustness and system throughputs for multisource single-sink networks by exploiting the benefits of Network Coding (NC) at a single relay. ...Distributed Luby Transform (DLT) codes have been proposed to improve the robustness and system throughputs for multisource single-sink networks by exploiting the benefits of Network Coding (NC) at a single relay. All the proposed schemes such as the DLT and Soliton-Like Rateless Coding (SLRC) have attempted to maintain Robust Soliton Distribution (RSD) or Soliton-Like Distribution (SLD) for the output data at the relay. This rzsult in some source symbols to be discarded, thereby degrading the throughput. In this paper, we have proposed a novel method called the Full DLT (FDLT) coding scheme to be applied in the InterPlaNetary (IPN) Internet scenario comprising two sources and one relay The aim of the proposed scheme is to fully utilise the source symbols so as to reduce the overheads and improve energy efficiencies at the sources while maintaining low overhead at the relay. In addition, almost no buffer is needed in the proposed scheme so the relay can have limited storage space, and the proposed scheme is resilient to the churn rates of the nodes. The simulation results have shown that the proposed scheme outperforms the aforementioned schemes with respect to source overheads and total overhead in addition to preserving the benefits of NC and LT codes.展开更多
Dear Editor,This letter studies the distributed Nash equilibrium seeking problem of aggregative game,in which the decision of each player obeys second-order dynamics and is constrained by nonidentical convex sets.To s...Dear Editor,This letter studies the distributed Nash equilibrium seeking problem of aggregative game,in which the decision of each player obeys second-order dynamics and is constrained by nonidentical convex sets.To seek the generalized Nash equilibrium(GNE),a projectionbased distributed algorithm via constant step-sizes is developed with linear convergence.In particular,a variable tracking technique is incorporated to estimate the aggregative function,and an event-triggered mechanism is designed to reduce the communication cost.Finally,a numerical example demonstrates the theoretical results.展开更多
Dear Editor,Through distributed machine learning,multi-UAV systems can achieve global optimization goals without a centralized server,such as optimal target tracking,by leveraging local calculation and communication w...Dear Editor,Through distributed machine learning,multi-UAV systems can achieve global optimization goals without a centralized server,such as optimal target tracking,by leveraging local calculation and communication with neighbors.In this work,we implement the stochastic gradient descent algorithm(SGD)distributedly to optimize tracking errors based on local state and aggregation of the neighbors'estimation.However,Byzantine agents can mislead neighbors,causing deviations from optimal tracking.We prove that the swarm achieves resilient convergence if aggregated results lie within the normal neighbors'convex hull,which can be guaranteed by the introduced centerpoint-based aggregation rule.In the given simulated scenarios,distributed learning using average,geometric median(GM),and coordinate-wise median(CM)based aggregation rules fail to track the target.Compared to solely using the centerpoint aggregation method,our approach,which combines a pre-filter with the centroid aggregation rule,significantly enhances resilience against Byzantine attacks,achieving faster convergence and smaller tracking errors.展开更多
The Internet of Vehicles(IoV)operates in highly dynamic and open network environments and faces serious challenges in secure and real-time authentication and consensus mechanisms.Existing methods often suffer from com...The Internet of Vehicles(IoV)operates in highly dynamic and open network environments and faces serious challenges in secure and real-time authentication and consensus mechanisms.Existing methods often suffer from complex certificate management,inefficient consensus protocols,and poor resilience in high-frequency communication,resulting in high latency,poor scalability,and unstable network performance.To address these issues,this paper proposes a secure and efficient distributed authentication scheme for IoV with reputation-driven consensus and SM9.First,this paper proposes a decentralized authentication architecture that utilizes the certificate-free feature of SM9,enabling lightweight authentication and key negotiation,thereby reducing the complexity of key management.To ensure the traceability and global consistency of authentication data,this scheme also integrates blockchain technology,applying its inherent invariance.Then,this paper introduces a reputation-driven dynamic node grouping mechanism that transparently evaluates and groups’node behavior using smart contracts to enhance network stability.Furthermore,a new RBSFT(Reputation-Based SM9 Friendly-Tolerant)consensus mechanism is proposed for the first time to enhance consensus efficiency by optimizing the PBFT algorithm.RBSFT aims to write authentication information into the blockchain ledger to achieve multi-level optimization of trust management and decision-making efficiency,thereby significantly improving the responsiveness and robustness in high-frequency IoV scenarios.Experimental results show that it excels in authentication,communication efficiency,and computational cost control,making it a feasible solution for achieving IoV security and real-time performance.展开更多
Vehicle Edge Computing(VEC)and Cloud Computing(CC)significantly enhance the processing efficiency of delay-sensitive and computation-intensive applications by offloading compute-intensive tasks from resource-constrain...Vehicle Edge Computing(VEC)and Cloud Computing(CC)significantly enhance the processing efficiency of delay-sensitive and computation-intensive applications by offloading compute-intensive tasks from resource-constrained onboard devices to nearby Roadside Unit(RSU),thereby achieving lower delay and energy consumption.However,due to the limited storage capacity and energy budget of RSUs,it is challenging to meet the demands of the highly dynamic Internet of Vehicles(IoV)environment.Therefore,determining reasonable service caching and computation offloading strategies is crucial.To address this,this paper proposes a joint service caching scheme for cloud-edge collaborative IoV computation offloading.By modeling the dynamic optimization problem using Markov Decision Processes(MDP),the scheme jointly optimizes task delay,energy consumption,load balancing,and privacy entropy to achieve better quality of service.Additionally,a dynamic adaptive multi-objective deep reinforcement learning algorithm is proposed.Each Double Deep Q-Network(DDQN)agent obtains rewards for different objectives based on distinct reward functions and dynamically updates the objective weights by learning the value changes between objectives using Radial Basis Function Networks(RBFN),thereby efficiently approximating the Pareto-optimal decisions for multiple objectives.Extensive experiments demonstrate that the proposed algorithm can better coordinate the three-tier computing resources of cloud,edge,and vehicles.Compared to existing algorithms,the proposed method reduces task delay and energy consumption by 10.64%and 5.1%,respectively.展开更多
The Industrial Internet of Things(IIoT)is increasingly vulnerable to sophisticated cyber threats,particularly zero-day attacks that exploit unknown vulnerabilities and evade traditional security measures.To address th...The Industrial Internet of Things(IIoT)is increasingly vulnerable to sophisticated cyber threats,particularly zero-day attacks that exploit unknown vulnerabilities and evade traditional security measures.To address this critical challenge,this paper proposes a dynamic defense framework named Zero-day-aware Stackelberg Game-based Multi-Agent Distributed Deep Deterministic Policy Gradient(ZSG-MAD3PG).The framework integrates Stackelberg game modeling with the Multi-Agent Distributed Deep Deterministic Policy Gradient(MAD3PG)algorithm and incorporates defensive deception(DD)strategies to achieve adaptive and efficient protection.While conventional methods typically incur considerable resource overhead and exhibit higher latency due to static or rigid defensive mechanisms,the proposed ZSG-MAD3PG framework mitigates these limitations through multi-stage game modeling and adaptive learning,enabling more efficient resource utilization and faster response times.The Stackelberg-based architecture allows defenders to dynamically optimize packet sampling strategies,while attackers adjust their tactics to reach rapid equilibrium.Furthermore,dynamic deception techniques reduce the time required for the concealment of attacks and the overall system burden.A lightweight behavioral fingerprinting detection mechanism further enhances real-time zero-day attack identification within industrial device clusters.ZSG-MAD3PG demonstrates higher true positive rates(TPR)and lower false alarm rates(FAR)compared to existing methods,while also achieving improved latency,resource efficiency,and stealth adaptability in IIoT zero-day defense scenarios.展开更多
Curved geostructures,such as tunnels,are commonly encountered in geotechnical engineering and are critical to maintaining structural stability.Ensuring their proper performance through field monitoring during their se...Curved geostructures,such as tunnels,are commonly encountered in geotechnical engineering and are critical to maintaining structural stability.Ensuring their proper performance through field monitoring during their service life is essential for the overall functionality of geotechnical infrastructure.Distributed Brillouin sensing(DBS)is increasingly applied in geotechnical projects due to its ability to acquire spatially continuous strain and temperature distributions over distances of up to 150 km using a single optical fibre.However,limited by the complex operations of distributed optic fibre sensing(DFOS)sensors in curved structures,previous reports about exploiting DBS in geotechnical structural health monitoring(SHM)have mostly been focused on flat surfaces.The lack of suitable DFOS installation methods matched to the spatial characteristics of continuous monitoring is one of the major factors that hinder the further application of this technique in curved structures.This review paper starts with a brief introduction of the fundamental working principle of DBS and the inherent limitations of DBS being used on monitoring curved surfaces.Subsequently,the state-of-the-art installation methods of optical fibres in curved structures are reviewed and compared to address the most suitable scenario of each method and their advantages and disadvantages.The installation challenges of optical fibres that can highly affect measurement accuracy are also discussed in the paper.展开更多
Dear Editor,The letter deals with the distributed state and fault estimation of the whole physical layer for cyber-physical systems(CPSs) when the cyber layer suffers from DoS attacks. With the advancement of embedded...Dear Editor,The letter deals with the distributed state and fault estimation of the whole physical layer for cyber-physical systems(CPSs) when the cyber layer suffers from DoS attacks. With the advancement of embedded computing, communication and related hardware technologies, CPSs have attracted extensive attention and have been widely used in power system, traffic network, refrigeration system and other fields.展开更多
基金supported by the Deanship of Scientific Research(DSR),King Abdulaziz University,Jeddah,under grant No.GPIP:2040-611-2024。
文摘The Tactile Internet of Things(TIoT)promises transformative applications—ranging from remote surgery to industrial robotics—by incorporating haptic feedback into traditional IoT systems.Yet TIoT’s stringent requirements for ultra-low latency,high reliability,and robust privacy present significant challenges.Conventional centralized Federated Learning(FL)architectures struggle with latency and privacy constraints,while fully distributed FL(DFL)faces scalability and non-IID data issues as client populations expand and datasets become increasingly heterogeneous.To address these limitations,we propose a Clustered Distributed Federated Learning(CDFL)architecture tailored for a 6G-enabled TIoT environment.Clients are grouped into clusters based on data similarity and/or geographical proximity,enabling local intra-cluster aggregation before inter-cluster model sharing.This hierarchical,peer-to-peer approach reduces communication overhead,mitigates non-IID effects,and eliminates single points of failure.By offloading aggregation to the network edge and leveraging dynamic clustering,CDFL enhances both computational and communication efficiency.Extensive analysis and simulation demonstrate that CDFL outperforms both centralized FL and DFL as the number of clients grows.Specifically,CDFL demonstrates up to a 30%reduction in training time under highly heterogeneous data distributions,indicating faster convergence.It also reduces communication overhead by approximately 40%compared to DFL.These improvements and enhanced network performance metrics highlight CDFL’s effectiveness for practical TIoT deployments.These results validate CDFL as a scalable,privacy-preserving solution for next-generation TIoT applications.
基金supported by the Princess Nourah bint Abdulrahman University Riyadh,Saudi Arabia,through Project number(PNURSP2025R235).
文摘The Internet of Things(IoT)is a smart infrastructure where devices share captured data with the respective server or edge modules.However,secure and reliable communication is among the challenging tasks in these networks,as shared channels are used to transmit packets.In this paper,a decision tree is integrated with other metrics to form a secure distributed communication strategy for IoT.Initially,every device works collaboratively to form a distributed network.In this model,if a device is deployed outside the coverage area of the nearest server,it communicates indirectly through the neighboring devices.For this purpose,every device collects data from the respective neighboring devices,such as hop count,average packet transmission delay,criticality factor,link reliability,and RSSI value,etc.These parameters are used to find an optimal route from the source to the destination.Secondly,the proposed approach has enabled devices to learn from the environment and adjust the optimal route-finding formula accordingly.Moreover,these devices and server modules must ensure that every packet is transmitted securely,which is possible only if it is encrypted with an encryption algorithm.For this purpose,a decision tree-enabled device-to-server authentication algorithm is presented where every device and server must take part in the offline phase.Simulation results have verified that the proposed distributed communication approach has the potential to ensure the integrity and confidentiality of data during transmission.Moreover,the proposed approach has outperformed the existing approaches in terms of communication cost,processing overhead,end-to-end delay,packet loss ratio,and throughput.Finally,the proposed approach is adoptable in different networking infrastructures.
基金supported and funded by the Deanship of Graduate Studies and Scientific Research at Qassim University for financial support(QU-APC-2025).
文摘The rapid proliferation of Internet of Things(IoT)devices has heightened security concerns,making intrusion detection a pivotal challenge in safeguarding these networks.Traditional centralized Intrusion Detection Systems(IDS)often fail to meet the privacy requirements and scalability demands of large-scale IoT ecosystems.To address these challenges,we propose an innovative privacy-preserving approach leveraging Federated Learning(FL)for distributed intrusion detection.Our model eliminates the need for aggregating sensitive data on a central server by training locally on IoT devices and sharing only encrypted model updates,ensuring enhanced privacy and scalability without compromising detection accuracy.Key innovations of this research include the integration of advanced deep learning techniques for real-time threat detection with minimal latency and a novel model to fortify the system’s resilience against diverse cyber-attacks such as Distributed Denial of Service(DDoS)and malware injections.Our evaluation on three benchmark IoT datasets demonstrates significant improvements:achieving 92.78%accuracy on NSL-KDD,91.47%on BoT-IoT,and 92.05%on UNSW-NB15.The precision,recall,and F1-scores for all datasets consistently exceed 91%.Furthermore,the communication overhead was reduced to 85 MB for NSL-KDD,105 MB for BoT-IoT,and 95 MB for UNSW-NB15—substantially lower than traditional centralized IDS approaches.This study contributes to the domain by presenting a scalable,secure,and privacy-preserving solution tailored to the unique characteristics of IoT environments.The proposed framework is adaptable to dynamic and heterogeneous settings,with potential applications extending to other privacy-sensitive domains.Future work will focus on enhancing the system’s efficiency and addressing emerging challenges such as model poisoning attacks in federated environments.
文摘The rapid development of Internet technology makes it possible to integrate GIS with the Internet,forming Internet GIS.Internet GIS is based on a distributed client/server architecture and TCP/IP & IIOP.When constructing and designing Internet GIS,we face the problem of how to express information units of Internet GIS.In order to solve this problem,this paper presents a distributed hypermap model for Internet GIS.This model provides a solution to organize and manage Internet GIS information units.It also illustrates relations between two information units and in an internal information unit both on clients and servers.On the basis of this model,the paper contributes to the expressions of hypermap relations and hypermap operations.The usage of this model is shown in the implementation of a prototype system.
文摘LDoS (Low-rate Denial of Service) attack, exploiting the flaws in the congestion avoidance mechanism of TCP protocol,is periodic, stealthy, and with high efficiency. Since BGP uses TCP as a transport protocol, it is subject to LDoS attacks as well. LDoS attacks can cause table reset, route flapping of BGP protocol. A deliberately constructed distributed low-rate DOS attacks can even generate surge of updates throughout the Internet. In this paper, we investigate the promotion of attack efficiency of this novel attack, and then propose an attack model to simulate the LDoS attack. Experiments prove that this attack model can exponentially lower the attack costs and improve the attack effect.
基金supported by the National Natural Science Foundation of China under Grant No.61100219the Fundamental Research Funds for the Central Universities under Grant No.2012JBM010the Key Program of National Natural Science Foundation of China under Grant No.60833002
文摘With the rapid development of Internet of Things (IoT),the issue of trust in distributed routing systems has attracted more research attention.The existing trust management frameworks,however,suffer from some possible attacks in hostile environments,such as false accusation,collusion,on-off,and conflicting behavior.Therefore,more comprehensive models should be proposed to predict the trust level of nodes on potential routes more precisely,and to defeat several kinds of possible attacks.This paper makes an attempt to design an attack-resistant trust management model based on beta function for distributed routing strategy in IoT.Our model can evaluate and propagate reputation in distributed routing systems.We first describe possible attacks on existing systems.Our model is then proposed to establish reliable trust relations between self-organized nodes and defeat possible attacks in distributed routing systems.We also propose a theoretical basis and skeleton of our model.Finally,some performance evaluations and security analyses are provided to show the effectiveness and robustness of our model compared with the existing systems.
文摘The Internet service provider(ISP)is the heart of any country’s Internet infrastructure and plays an important role in connecting to theWorld WideWeb.Internet exchange point(IXP)allows the interconnection of two or more separate network infrastructures.All Internet traffic entering a country should pass through its IXP.Thus,it is an ideal location for performing malicious traffic analysis.Distributed denial of service(DDoS)attacks are becoming a more serious daily threat.Malicious actors in DDoS attacks control numerous infected machines known as botnets.Botnets are used to send numerous fake requests to overwhelm the resources of victims and make them unavailable for some periods.To date,such attacks present a major devastating security threat on the Internet.This paper proposes an effective and efficient machine learning(ML)-based DDoS detection approach for the early warning and protection of the Saudi Arabia Internet exchange point(SAIXP)platform.The effectiveness and efficiency of the proposed approach are verified by selecting an accurate ML method with a small number of input features.A chi-square method is used for feature selection because it is easier to compute than other methods,and it does not require any assumption about feature distribution values.Several ML methods are assessed using holdout and 10-fold tests on a public large-size dataset.The experiments showed that the performance of the decision tree(DT)classifier achieved a high accuracy result(99.98%)with a small number of features(10 features).The experimental results confirmthe applicability of using DT and chi-square for DDoS detection and early warning in SAIXP.
基金supported by the National Natural Science Foundation of China(No.92267301).
文摘In recent years,the Industrial Internet and Industry 4.0 came into being.With the development of modern industrial intelligent manufacturing technology,digital twins,Web3 and many other digital entity applications are also proposed.These applications apply architectures such as distributed learning,resource sharing,and arithmetic trading,which make high demands on identity authentication,asset authentication,resource addressing,and service location.Therefore,an efficient,secure,and trustworthy Industrial Internet identity resolution system is needed.However,most of the traditional identity resolution systems follow DNS architecture or tree structure,which has the risk of a single point of failure and DDoS attack.And they cannot guarantee the security and privacy of digital identity,personal assets,and device information.So we consider a decentralized approach for identity management,identity authentication,and asset verification.In this paper,we propose a distributed trusted active identity resolution system based on the inter-planetary file system(IPFS)and non-fungible token(NFT),which can provide distributed identity resolution services.And we have designed the system architecture,identity service process,load balancing strategy and smart contract service.In addition,we use Jmeter to verify the performance of the system,and the results show that the system has good high concurrent performance and robustness.
文摘The inherent complexity and uncertainty of multi-operator multi-robot (MOMR) tele-operation system make its safeguard an essential problem. Hazardous factors in the system are analyzed using fault tree analysis(FTA) technology, and three-layer interactive safety architecture with information flow is designed in modules to control the factors according to the holistic control mode. After that, distributed virtual environment (DVE) including the characteristics of virtual guide (VG) technology is discussed to help the operators achieve some tasks through the visibility of control commands, time-delay, movement collision and operators' intentions. Finally an experiment is implemented to test the efficiency of safety control architecture by using two robots to place some building blocks in the same workspace.
基金supported by National Natural Science Foundation of China(61433004,61603085)the China Postdoctoral Science Foundation(2015M570253)the Fundamental Research Funds for the Central Universities(N150403004)
文摘The adopters of IoT face challenges with the surging Internet-based attacks on their IoT assets and inefficiencies within the technology. Unfortunately, IoT is overly distributed, still evolving and facing implementation and security challenges. Given the above scenario, we argue that the IoT network should always be decentralized design, and security should be built by design. The paper is the design and construction of a decentralized IoT security framework, with the goal of making emerging IoT systems more resilient to attacks and supporting complex communication and resource sharing. The framework improves efficiency and scalability in IoT, exposes vulnerable subsystems and components as possible weak links to system compromise, and meets the requirements of a heterogeneous computing environment. Other features of the framework including efficient resource sharing, fault tolerance, and distributed storage support the Internet of Things. We discuss the design requirements and carry out the implementation of Proof of Concept and evaluation of our framework. Two underlying technologies: the actor model and the blockchain were used for the implementation. Our reason for choosing the actor model and blockchain is to compare its suitability for IoT integration in parallel. Hence, evaluation of the system is performed based on computational and memory efficiency, security, and scalability. We conclude from the evaluations that the actor-based implementation has better scalability than the block-chain-based implementation. Also, the blockchain seems to be computationally more intensive than the actors and less suitable for IoT systems.
基金supported by the National Natural Science Foundation of China under Grant No.61032004the National High Technology Research and Development Program of China (863 Program) under Grants No.2012AA121605,No.2012AA01A503,No.2012AA01A510
文摘Distributed Luby Transform (DLT) codes have been proposed to improve the robustness and system throughputs for multisource single-sink networks by exploiting the benefits of Network Coding (NC) at a single relay. All the proposed schemes such as the DLT and Soliton-Like Rateless Coding (SLRC) have attempted to maintain Robust Soliton Distribution (RSD) or Soliton-Like Distribution (SLD) for the output data at the relay. This rzsult in some source symbols to be discarded, thereby degrading the throughput. In this paper, we have proposed a novel method called the Full DLT (FDLT) coding scheme to be applied in the InterPlaNetary (IPN) Internet scenario comprising two sources and one relay The aim of the proposed scheme is to fully utilise the source symbols so as to reduce the overheads and improve energy efficiencies at the sources while maintaining low overhead at the relay. In addition, almost no buffer is needed in the proposed scheme so the relay can have limited storage space, and the proposed scheme is resilient to the churn rates of the nodes. The simulation results have shown that the proposed scheme outperforms the aforementioned schemes with respect to source overheads and total overhead in addition to preserving the benefits of NC and LT codes.
基金supported by the National Natural Science Foundation of China(62473048,61925303,62088101,62273195,U19B2029).
文摘Dear Editor,This letter studies the distributed Nash equilibrium seeking problem of aggregative game,in which the decision of each player obeys second-order dynamics and is constrained by nonidentical convex sets.To seek the generalized Nash equilibrium(GNE),a projectionbased distributed algorithm via constant step-sizes is developed with linear convergence.In particular,a variable tracking technique is incorporated to estimate the aggregative function,and an event-triggered mechanism is designed to reduce the communication cost.Finally,a numerical example demonstrates the theoretical results.
基金supported By Guangdong Major Project of Basic and Applied Basic Research(2023B0303000009)Guangdong Basic and Applied Basic Research Foundation(2024A1515030153,2025A1515011587)+1 种基金Project of Department of Education of Guangdong Province(2023ZDZX4046)Shen-zhen Natural Science Fund(Stable Support Plan Program 20231122121608001),Ningbo Municipal Science and Technology Bureau(ZX2024000604).
文摘Dear Editor,Through distributed machine learning,multi-UAV systems can achieve global optimization goals without a centralized server,such as optimal target tracking,by leveraging local calculation and communication with neighbors.In this work,we implement the stochastic gradient descent algorithm(SGD)distributedly to optimize tracking errors based on local state and aggregation of the neighbors'estimation.However,Byzantine agents can mislead neighbors,causing deviations from optimal tracking.We prove that the swarm achieves resilient convergence if aggregated results lie within the normal neighbors'convex hull,which can be guaranteed by the introduced centerpoint-based aggregation rule.In the given simulated scenarios,distributed learning using average,geometric median(GM),and coordinate-wise median(CM)based aggregation rules fail to track the target.Compared to solely using the centerpoint aggregation method,our approach,which combines a pre-filter with the centroid aggregation rule,significantly enhances resilience against Byzantine attacks,achieving faster convergence and smaller tracking errors.
基金supported by the National Natural Science Foundation of China(Grant No.61762071,Grant No.61163025).
文摘The Internet of Vehicles(IoV)operates in highly dynamic and open network environments and faces serious challenges in secure and real-time authentication and consensus mechanisms.Existing methods often suffer from complex certificate management,inefficient consensus protocols,and poor resilience in high-frequency communication,resulting in high latency,poor scalability,and unstable network performance.To address these issues,this paper proposes a secure and efficient distributed authentication scheme for IoV with reputation-driven consensus and SM9.First,this paper proposes a decentralized authentication architecture that utilizes the certificate-free feature of SM9,enabling lightweight authentication and key negotiation,thereby reducing the complexity of key management.To ensure the traceability and global consistency of authentication data,this scheme also integrates blockchain technology,applying its inherent invariance.Then,this paper introduces a reputation-driven dynamic node grouping mechanism that transparently evaluates and groups’node behavior using smart contracts to enhance network stability.Furthermore,a new RBSFT(Reputation-Based SM9 Friendly-Tolerant)consensus mechanism is proposed for the first time to enhance consensus efficiency by optimizing the PBFT algorithm.RBSFT aims to write authentication information into the blockchain ledger to achieve multi-level optimization of trust management and decision-making efficiency,thereby significantly improving the responsiveness and robustness in high-frequency IoV scenarios.Experimental results show that it excels in authentication,communication efficiency,and computational cost control,making it a feasible solution for achieving IoV security and real-time performance.
基金supported by Key Science and Technology Program of Henan Province,China(Grant Nos.242102210147,242102210027)Fujian Province Young and Middle aged Teacher Education Research Project(Science and Technology Category)(No.JZ240101)(Corresponding author:Dong Yuan).
文摘Vehicle Edge Computing(VEC)and Cloud Computing(CC)significantly enhance the processing efficiency of delay-sensitive and computation-intensive applications by offloading compute-intensive tasks from resource-constrained onboard devices to nearby Roadside Unit(RSU),thereby achieving lower delay and energy consumption.However,due to the limited storage capacity and energy budget of RSUs,it is challenging to meet the demands of the highly dynamic Internet of Vehicles(IoV)environment.Therefore,determining reasonable service caching and computation offloading strategies is crucial.To address this,this paper proposes a joint service caching scheme for cloud-edge collaborative IoV computation offloading.By modeling the dynamic optimization problem using Markov Decision Processes(MDP),the scheme jointly optimizes task delay,energy consumption,load balancing,and privacy entropy to achieve better quality of service.Additionally,a dynamic adaptive multi-objective deep reinforcement learning algorithm is proposed.Each Double Deep Q-Network(DDQN)agent obtains rewards for different objectives based on distinct reward functions and dynamically updates the objective weights by learning the value changes between objectives using Radial Basis Function Networks(RBFN),thereby efficiently approximating the Pareto-optimal decisions for multiple objectives.Extensive experiments demonstrate that the proposed algorithm can better coordinate the three-tier computing resources of cloud,edge,and vehicles.Compared to existing algorithms,the proposed method reduces task delay and energy consumption by 10.64%and 5.1%,respectively.
基金funded in part by the Humanities and Social Sciences Planning Foundation of Ministry of Education of China under Grant No.24YJAZH123National Undergraduate Innovation and Entrepreneurship Training Program of China under Grant No.202510347069the Huzhou Science and Technology Planning Foundation under Grant No.2023GZ04.
文摘The Industrial Internet of Things(IIoT)is increasingly vulnerable to sophisticated cyber threats,particularly zero-day attacks that exploit unknown vulnerabilities and evade traditional security measures.To address this critical challenge,this paper proposes a dynamic defense framework named Zero-day-aware Stackelberg Game-based Multi-Agent Distributed Deep Deterministic Policy Gradient(ZSG-MAD3PG).The framework integrates Stackelberg game modeling with the Multi-Agent Distributed Deep Deterministic Policy Gradient(MAD3PG)algorithm and incorporates defensive deception(DD)strategies to achieve adaptive and efficient protection.While conventional methods typically incur considerable resource overhead and exhibit higher latency due to static or rigid defensive mechanisms,the proposed ZSG-MAD3PG framework mitigates these limitations through multi-stage game modeling and adaptive learning,enabling more efficient resource utilization and faster response times.The Stackelberg-based architecture allows defenders to dynamically optimize packet sampling strategies,while attackers adjust their tactics to reach rapid equilibrium.Furthermore,dynamic deception techniques reduce the time required for the concealment of attacks and the overall system burden.A lightweight behavioral fingerprinting detection mechanism further enhances real-time zero-day attack identification within industrial device clusters.ZSG-MAD3PG demonstrates higher true positive rates(TPR)and lower false alarm rates(FAR)compared to existing methods,while also achieving improved latency,resource efficiency,and stealth adaptability in IIoT zero-day defense scenarios.
基金support provided by Science Foundation Ireland Frontiers for the Future Programme,21/FFP-P/10090.
文摘Curved geostructures,such as tunnels,are commonly encountered in geotechnical engineering and are critical to maintaining structural stability.Ensuring their proper performance through field monitoring during their service life is essential for the overall functionality of geotechnical infrastructure.Distributed Brillouin sensing(DBS)is increasingly applied in geotechnical projects due to its ability to acquire spatially continuous strain and temperature distributions over distances of up to 150 km using a single optical fibre.However,limited by the complex operations of distributed optic fibre sensing(DFOS)sensors in curved structures,previous reports about exploiting DBS in geotechnical structural health monitoring(SHM)have mostly been focused on flat surfaces.The lack of suitable DFOS installation methods matched to the spatial characteristics of continuous monitoring is one of the major factors that hinder the further application of this technique in curved structures.This review paper starts with a brief introduction of the fundamental working principle of DBS and the inherent limitations of DBS being used on monitoring curved surfaces.Subsequently,the state-of-the-art installation methods of optical fibres in curved structures are reviewed and compared to address the most suitable scenario of each method and their advantages and disadvantages.The installation challenges of optical fibres that can highly affect measurement accuracy are also discussed in the paper.
基金supported by the National Natural Science Foundation of China(62303273,62373226)the National Research Foundation,Singapore through the Medium Sized Center for Advanced Robotics Technology Innovation(WP2.7)
文摘Dear Editor,The letter deals with the distributed state and fault estimation of the whole physical layer for cyber-physical systems(CPSs) when the cyber layer suffers from DoS attacks. With the advancement of embedded computing, communication and related hardware technologies, CPSs have attracted extensive attention and have been widely used in power system, traffic network, refrigeration system and other fields.
