Search Results (1,140)

Software-defined networking (SDN) is a transformative approach for managing modern network architectures, particularly in Internet-of-Things (IoT) applications. However, ensuring the optimal SDN performance and security often needs a robust sensitivity analysis (SA). To complement existing SA methods, this study proposes a new SA framework that integrates design of experiments (DOE) and machine-learning (ML) techniques. Although existing SA methods have been shown to be effective and scalable, most of these methods have yet to hybridize anomaly detection and classification (ADC) and data augmentation into a single, unified framework. To fill this gap, a targeted application of well-established existing techniques is proposed. This is achieved by hybridizing these existing techniques to undertake a more robust SA of a typified SDN-reliant IoT network. The proposed hybrid framework combines Latin hypercube sampling (LHS)-based DOE and generative adversarial network (GAN)-driven data augmentation to improve SA and support ADC in SDN-reliant IoT networks. Hence, it is called DOE-GAN-SA. In DOE-GAN-SA, LHS is used to ensure uniform parameter sampling, while GAN is used to generate synthetic data to augment data derived from typified real-world SDN-reliant IoT network scenarios. DOE-GAN-SA also employs a classification and regression tree (CART) to validate the GAN-generated synthetic dataset. Through the proposed framework, ADC is implemented, and an artificial neural network (ANN)-driven SA on an SDN-reliant IoT network is carried out. The performance of the SDN-reliant IoT network is analyzed under two conditions: namely, a normal operating scenario and a distributed-denial-of-service (DDoS) flooding attack scenario, using throughput, jitter, and response time as performance metrics. To statistically validate the experimental findings, hypothesis tests are conducted to confirm the significance of all the inferences. The results demonstrate that integrating LHS and GAN significantly enhances SA, enabling the identification of critical SDN parameters affecting the modeled SDN-reliant IoT network performance. Additionally, ADC is also better supported, achieving higher DDoS flooding attack detection accuracy through the incorporation of synthetic network observations that emulate real-time traffic. Overall, this work highlights the potential of hybridizing LHS-based DOE, GAN-driven data augmentation, and ANN-assisted SA for robust network behavioral analysis and characterization in a new hybrid framework. Full article

Rapid advancements in peer-to-peer (P2P) streaming technologies have significantly impacted digital communication, enabling scalable, decentralized, and real-time content distribution. Despite these advancements, challenges persist, including dynamic topology management, high latency, security vulnerabilities, and unfair resource sharing (e.g., free rider). While software-defined networking (SDN) and blockchain individually address aspects of these limitations, their combined potential for comprehensive optimization remains underexplored. This study proposes a distributed SDN (DSDN) architecture enhanced with blockchain support to provide secure, scalable, and reliable P2P video streaming. We identified research gaps through critical analysis of the literature. We systematically compared traditional P2P, SDN-enhanced, and hybrid architectures across six performance metrics: latency, throughput, packet loss, authentication accuracy, packet delivery ratio, and control overhead. Simulations with 200 peers demonstrate that the proposed hybrid SDN–blockchain framework achieves a latency of 140 ms, a throughput of 340 Mbps, an authentication accuracy of 98%, a packet delivery ratio of 97.8%, a packet loss ratio of 2.2%, and a control overhead of 9.3%, outperforming state-of-the-art solutions such as NodeMaps, the reinforcement learning-based routing framework (RL-RF), and content delivery networks-P2P networks (CDN-P2P). This work establishes a scalable and attack-resilient foundation for next-generation P2P streaming. Full article

Traditional Software-Defined Wide Area Network (SD-WAN) solutions lack adaptive load-balancing mechanisms, leading to inefficient traffic distribution, increased latency, and performance degradation. This paper presents an Application-Aware Dynamic Load Balancing (AADLB) framework designed for open-source SD-WAN environments. The proposed solution enables dynamic traffic routing based on real-time network performance indicators, including CPU utilization, memory usage, connection delay, and packet loss, while considering application-specific requirements. Unlike conventional load-balancing methods, such as Weighted Round Robin (WRR), Weighted Fair Queuing (WFQ), Priority Queuing (PQ), and Deficit Round Robin (DRR), AADLB continuously updates traffic weights based on application requirements and network conditions, ensuring optimal resource allocation and improved Quality of Service (QoS). The AADLB framework leverages a heuristic-based dynamic weight assignment algorithm to redistribute traffic in a multi-cloud environment, mitigating congestion and enhancing system responsiveness. Experimental results demonstrate that compared to these traditional algorithms, the proposed AADLB framework improved CPU utilization by an average of 8.40%, enhanced CPU stability by 76.66%, increased RAM utilization stability by 6.97%, slightly reduced average latency by 2.58%, and significantly enhanced latency consistency by 16.74%. These improvements enhance SD-WAN scalability, optimize bandwidth usage, and reduce operational costs. Our findings highlight the potential of application-aware dynamic load balancing in SD-WAN, offering a cost-effective and scalable alternative to proprietary solutions. Full article

As network environments become increasingly dynamic and users’ Quality of Service (QoS) demands grow more diverse, efficient and adaptive routing strategies are urgently needed. However, traditional routing strategies suffer from limitations such as poor adaptability to fluctuating traffic, lack of differentiated service handling, and slow convergence in complex network scenarios. To this end, we propose a routing strategy based on multi-agent deep deterministic policy gradient for differentiated QoS services (RS-MADDPG) in a software-defined networking (SDN) environment. First, network state information is collected in real time and transmitted to the control layer for processing. Then, the processed information is forwarded to the intelligent layer. In this layer, multiple agents cooperate during training to learn routing policies that adapt to dynamic network conditions. Finally, the learned policies enable agents to perform adaptive routing decisions that explicitly address differentiated QoS requirements by incorporating a custom reward structure that dynamically balances throughput, delay, and packet loss according to traffic type. Simulation results demonstrate that RS-MADDPG achieves convergence approximately 30 training cycles earlier than baseline methods, while improving average throughput by 3%, reducing latency by 7%, and lowering packet loss rate by 2%. Full article

This study aims to investigate the mechanical behavior of cement mortar and concrete through a hybrid approach that integrates artificial intelligence (AI) techniques with finite element modeling (FEM). Support Vector Machine (SVM) models with Radial Basis Function (RBF) and polynomial kernels, along with Multilayer Perceptron (MLP) neural networks, were employed to predict the compressive strength (Fc) and flexural strength (Fs) of cement mortar incorporating nano-silica (NS) and micro-silica (MS). The dataset comprises 89 samples characterized by six input parameters: water-to-cement ratio (W/C), sand-to-cement ratio (S/C), nano-silica-to-cement ratio (NS/C), micro-silica-to-cement ratio (MS/C), and curing age. Simultaneously, the axial compressive behavior of C20-grade concrete was numerically simulated using the Concrete Damage Plasticity (CDP) model in ABAQUS, with stress–strain responses benchmarked against the analytical models proposed by Mander, Hognestad, and Kent–Park. Due to the inherent limitations of the finite element software, it was not possible to define material models incorporating NS and MS; therefore, the simulations were conducted using the mechanical properties of conventional concrete. The SVM-RBF model demonstrated the highest predictive accuracy with RMSE values of 0.163 (R² = 0.993) for Fs and 0.422 (R² = 0.999) for Fc, while the Mander model showed the best agreement with experimental results among the FEM approaches. The study demonstrates that both the SVM-RBF and CDP-based modeling approaches serve as robust and complementary tools for accurately predicting the mechanical performance of cementitious composites. Furthermore, this research addresses the limitations of conventional FEM in capturing the effects of NS and MS, as well as the existing gap in integrated AI-FEM frameworks for blended cement mortars. Full article

A typical Software-Defined Vehicular Network (SDVN) is open to various cyberattacks because of its centralized controller-based framework. A cyberattack, such as a Distributed Denial of Service (DDoS) attack, can easily overload the central SDVN controller. Thus, we require a functional DDoS attack recognition system that can differentiate malicious traffic from normal data traffic. The proposed architecture comprises hybrid Classical-Quantum Machine Learning (QML) methods for detecting DDoS threats. In this work, we have considered three different QML methods, such as Classical-Quantum Neural Networks (C-QNN), Classical-Quantum Boltzmann Machines (C-QBM), and Classical-Quantum K-Means Clustering (C-QKM). Emulations were conducted using a custom-built vehicular network with random movements and varying speeds between 0 and 100 kmph. Also, the performance of these QML methods was analyzed for two different datasets. The results obtained show that the hybrid Classical-Quantum Neural Network (C-QNN) method exhibited better performance in comparison with the other two models. The proposed hybrid C-QNN model achieved an accuracy of 99% and 90% for the UNB-CIC-DDoS dataset and Kaggle DDoS dataset, respectively. The hybrid C-QNN model combines PennyLane’s quantum circuits with traditional methods, whereas the Classical-Quantum Boltzmann Machine (C-QBM) leverages quantum probability distributions for identifying anomalies. Full article

As IoT (internet of things) devices grow in prominence, safeguarding them from cyberattacks is becoming a pressing challenge. To bootstrap IoT security, device identification or authentication is crucial for establishing trusted connections among devices without prior trust. In this regard, radio frequency fingerprinting (RFF) is gaining attention because it is more efficient and requires fewer computational resources compared to resource-intensive cryptographic methods, such as digital signatures. RFF works by identifying unique manufacturing defects in the radio circuitry of IoT devices by analyzing over-the-air signals that embed these imperfections, allowing for the identification of the transmitting hardware. Recent studies on RFF often leverage advanced classification models, including classical machine learning techniques such as K-Nearest Neighbor (KNN) and Support Vector Machine (SVM), as well as modern deep learning architectures like Convolutional Neural Network (CNN). In particular, CNNs are well-suited as they use multidimensional mapping to detect and extract reliable fingerprints during the learning process. However, a significant limitation of these approaches is that they require large datasets and necessitate retraining when new devices not included in the initial training set are added. This retraining can cause service interruptions and is costly, especially in large-scale IoT networks. In this paper, we propose a novel solution to this problem: RFF using Siamese networks, which eliminates the need for retraining and allows for seamless authentication in IoT deployments. The proposed Siamese network is trained using in-phase and quadrature (I/Q) samples from 10 different Software-Defined Radios (SDRs). Additionally, we present a new algorithm, the Similarity-Based Embedding Classification (SBEC) for RFF. We present experimental results that demonstrate that the Siamese network effectively distinguishes between malicious and trusted devices with a remarkable 98% identification accuracy. Full article

Software-Defined Wide-Area Networks (SD-WAN) efficiently manage and route traffic across multiple WAN connections, enhancing the reliability of modern enterprise networks. However, the performance of SD-WANs is largely affected due to malicious activities of unauthorized and faulty nodes. To solve these issues, many machine-learning-based malicious-node-detection techniques have been proposed. However, these techniques are vulnerable to various issues such as low classification accuracy and privacy leakage of network entities. Furthermore, most operations of traditional SD-WANs are dependent on a third-party or a centralized party, which leads to issues such single point of failure, large computational overheads, and performance bottlenecks. To solve the aforementioned issues, we propose a Blockchain Federated-Learning-Enabled Trust Framework for Secure East–West Communication in Multi-Controller SD-WANs (BFL-SDWANTrust). The proposed model ensures local model learning at the edge nodes while utilizing the capabilities of federated learning. In the proposed model, we ensure distributed training without requiring central data aggregation, which preserves the privacy of network entities while simultaneously improving generalization across heterogeneous SD-WAN environments. We also propose a blockchain-based network that validates all network communication and malicious node-detection transactions without the involvement of any third party. We evaluate the performance of our proposed BFL-SDWANTrust on the InSDN dataset and compare its performance with various benchmark malicious-node-detection models. The simulation results show that BFL-SDWANTrust outperforms all benchmark models across various metrics and achieves the highest accuracy (98.8%), precision (98.0%), recall (97.0%), and F1-score (97.7%). Furthermore, our proposed model has the shortest training and testing times of 12 s and 3.1 s, respectively. Full article

In recent years, self-autonomous intelligent transportation applications such as drones and autonomous vehicles have seen rapid development and deployment across various countries. Within the domain of artificial intelligence, self-autonomous agents are defined as software entities capable of independently operating drones in an intelligent transport system (ITS) without human intervention. The integration of these agents into autonomous vehicles and their deployment across distributed cloud networks have increased significantly. These systems, which include drones, ground vehicles, and aircraft, are used to perform a wide range of tasks such as delivering passengers and packages within defined operational boundaries. Despite their growing utility, practical implementations face significant challenges stemming from the heterogeneity of network resources, as well as persistent issues related to security, privacy, and processing costs. To overcome these challenges, this study proposes a novel blockchain-enabled self-autonomous intelligent transport system designed for drone workflow applications. The proposed system architecture is based on a remote method invocation (RMI) client–server model and incorporates a serverless computing framework to manage processing costs. Termed the self-autonomous blockchain-enabled cost-efficient system (SBECES), the framework integrates a client and system agent mechanism governed by Q-learning and deep-learning-based policies. Furthermore, it incorporates a blockchain-based hash validation and fault-tolerant (HVFT) mechanism to ensure data integrity and operational reliability. A deep reinforcement learning (DRL)-enabled adaptive scheduler is utilized to manage drone workflow execution while meeting quality of service (QoS) constraints, including deadlines, cost-efficiency, and security. The overarching objective of this research is to minimize the total processing costs that comprise execution, communication, and security overheads, while maximizing operational rewards and ensuring the timely execution of drone-based tasks. Experimental results demonstrate that the proposed system achieves a 30% reduction in processing costs and a 29% improvement in security and privacy compared to existing state-of-the-art solutions. Full article

While autonomous driving systems and intelligent transportation infrastructures become increasingly software-defined and network-connected, ensuring their cybersecurity has become a critical component of traffic safety. Large language models (LLMs) have recently shown promise in automating aspects of penetration testing, yet most existing approaches remain limited to simple, single-step exploits. They struggle to handle complex, multi-stage vulnerabilities that demand precise coordination, contextual reasoning, and knowledge reuse. This is particularly problematic in safety-critical domains, such as autonomous vehicles, where subtle software flaws can cascade across interdependent subsystems. In this work, we present CurriculumPT, a novel LLM-based penetration testing framework specifically designed for the security of intelligent systems. CurriculumPT combines curriculum learning and a multi-agent system to enable LLM agents to progressively acquire and apply exploitation skills across common vulnerabilities and exposures-based tasks. Through a structured progression from simple to complex vulnerabilities, agents build and refine an experience knowledge base that supports generalization to new attack surfaces without requiring model fine-tuning. We evaluate CurriculumPT on 15 real-world vulnerabilities scenarios and demonstrate that it outperforms three state-of-the-art baselines by up to 18 percentage points in exploit success rate, while achieving superior efficiency in execution time and resource usage. Our results confirm that CurriculumPT is capable of autonomous, scalable penetration testing and knowledge transfer, laying the groundwork for intelligent security auditing of modern autonomous driving systems and other cyberphysical transportation platforms. Full article

Wireless sensor networks (WSNs) have gained significant attention across various industries and scientific fields. Localization, a crucial aspect of WSNs, involves accurately determining node positions to track events and execute actions. Despite the development of numerous localization algorithms, real-world environments pose challenges such as anisotropy, noise, and faults. To improve accuracy amidst these complexities, researchers are increasingly adopting advanced methodologies, including soft computing, software-defined networking, maximum likelihood estimation, and optimization techniques. Our comprehensive review from 2020 to 2024 reveals that approximately 29% of localization solutions employ optimization techniques, 48% of which utilize nature-inspired swarm-based algorithms. These algorithms have proven effective for node localization in a variety of applications, including smart cities, seismic exploration, oil and gas reservoir monitoring, assisted living environments, forest monitoring, and battlefield surveillance. This underscores the importance of swarm intelligence algorithms in sensor node localization, prompting a detailed investigation in our study. Additionally, we provide a comparative analysis to elucidate the applicability of these algorithms to various localization challenges. This examination not only helps researchers understand current localization issues within WSNs but also paves the way for enhanced localization precision in the future. Full article

Software-Defined Networking (SDN) is a network architecture that decouples the control plane from the data plane, enabling centralized, programmable management of network traffic. SDN introduces centralized control and programmability to modern networks, improving flexibility while also exposing new security vulnerabilities across the application, control, and data planes. This paper provides a comprehensive overview of SDN security threats and defenses, covering recent developments in controller hardening, trust management, route optimization, and anomaly detection. Based on these findings, we present a comparative analysis of SDN controllers in terms of performance, scalability, and deployment complexity. This culminates in the introduction of the Cloud-to-Edge Layer Two (CELT)-Secure switch, a virtual OpenFlow-based data-plane security mechanism. CELT-Secure detects and blocks Internet Control Message Protocol flooding attacks in approximately two seconds and actively disconnects hosts engaging in Address Resolution Protocol-based man-in-the-middle attacks. In comparative testing, it achieved detection performance 10.82 times faster than related approaches. Full article

With the rapid development of technologies such as cloud computing, big data, and the Internet of Things (IoT), Software-Defined Networking (SDN) is emerging as a new network architecture for the modern Internet. SDN separates the control plane from the data plane, allowing a central controller, the SDN controller, to quickly direct the routing devices within the topology to forward data packets, thus providing flexible traffic management for communication between information sources. However, traditional Distributed Denial of Service (DDoS) attacks still significantly impact SDN systems. This paper proposes a novel dual-layer strategy capable of detecting and mitigating DDoS attacks in an SDN network environment. The first layer of the strategy enhances security by using blockchain technology to replace the SDN flow table storage container in the northbound interface of the SDN controller. Smart contracts are then used to process the stored flow table information. We employ the time window algorithm and the token bucket algorithm to construct the first layer strategy to defend against obvious DDoS attacks. To detect and mitigate less obvious DDoS attacks, we design a second-layer strategy that uses a composite data feature correlation coefficient calculation method and the Isolation Forest algorithm from unsupervised learning techniques to perform binary classification, thereby identifying abnormal traffic. We conduct experimental validation using the publicly available DDoS dataset CIC-DDoS2019. The results show that using this strategy in the SDN network reduces the average deviation of round-trip time (RTT) by approximately 38.86% compared with the original SDN network without this strategy. Furthermore, the accuracy of DDoS attack detection reaches 97.66% and an F1 score of 92.2%. Compared with other similar methods, under comparable detection accuracy, the deployment of our strategy in small-scale SDN network topologies provides faster detection speeds for DDoS attacks and exhibits less fluctuation in detection time. This indicates that implementing this strategy can effectively identify DDoS attacks without affecting the stability of data transmission in the SDN network environment. Full article

Critical Internet of Things (IoT) data in Fifth Generation Vehicular Ad Hoc Networks (5G VANETs) demands Ultra-Reliable Low-Latency Communication (URLLC) to support mission-critical vehicular applications such as autonomous driving and collision avoidance. Achieving the stringent Quality of Service (QoS) requirements for these applications remains a significant challenge. This paper proposes a novel framework integrating Software-Defined Networking (SDN) and Network Functions Virtualisation (NFV) as embedded functionalities in connected vehicles. A lightweight SDN Controller model, implemented via vehicle on-board computing resources, optimised QoS for communications between connected vehicles and the Next-Generation Node B (gNB), achieving a consistent packet delivery rate of 100%, compared to 81–96% for existing solutions leveraging SDN. Furthermore, a Software-Defined Wide-Area Network (SD-WAN) model deployed at the gNB enabled the efficient management of data, network, identity, and server access. Performance evaluations indicate that SDN and NFV are reliable and scalable technologies for virtualised and distributed 5G VANET infrastructures. Our SDN-based in-vehicle traffic classification model for dynamic resource allocation achieved 100% accuracy, outperforming existing Artificial Intelligence (AI)-based methods with 88–99% accuracy. In addition, a significant increase of 187% in flow rates over time highlights the framework’s decreasing latency, adaptability, and scalability in supporting URLLC class guarantees for critical vehicular services. Full article

Software-Defined Wide Area Networks (SD-WANs) require optimal controller placement to minimize latency, balance loads, and ensure reliability across geographically distributed infrastructures. This paper introduces NA-GMM (Network-Aware Gaussian Mixture Model), a novel multi-objective optimization framework addressing key limitations in current controller placement approaches. Three principal contributions distinguish NA-GMM: (1) a hybrid distance metric that integrates geographic distance, network latency, topological cost, and link reliability through adaptive weighting, effectively capturing multi-dimensional network characteristics; (2) a modified expectation–maximization algorithm incorporating node importance-weighting to optimize controller placements for critical network elements; and (3) a robust clustering mechanism that transitions from probabilistic (soft) assignments to definitive (hard) cluster selections, ensuring optimal placement convergence. Empirical evaluations on real-world topologies demonstrate NA-GMM’s superiority, achieving up to 22.7% lower average control latency compared to benchmark approaches, maintaining near-optimal load distribution with node distribution ratios, and delivering a 12.9% throughput improvement. Furthermore, NA-GMM achieved exquisite computational efficiency, executing 68.9% faster and consuming 41.5% less memory than state of the art methods, while achieving exceptional load balancing. These findings confirm NA-GMM’s practical viability for large-scale SD-WAN deployments where real-time multi-objective optimization is essential. Full article