pith. sign in

arxiv: 2605.17716 · v1 · pith:52WD4TZSnew · submitted 2026-05-18 · 💻 cs.NI

Enhancing Network Resilience via Graph-Based Anomaly Detection in Sovereign Functions

Xin Hao , Wei Ni , Chenhan Zhang , Massimo Piccardi , Raymond Owen This is my paper

Pith reviewed 2026-05-19 22:32 UTC · model grok-4.3

classification 💻 cs.NI
keywords network anomaly detectionbipartite graphprotocol configurationgraph structural inconsistencyadaptive configuration encoderinconsistency dynamic attentionnetwork resilience
0
0 comments X

The pith

GSID detects protocol configuration anomalies by identifying structural inconsistencies in a bipartite graph linking physical entities to logical states.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper reframes anomaly detection for complex network protocol configurations as the task of spotting structural inconsistencies among connected nodes and edges in a bipartite graph. It builds a model called GSID that adapts encoding to different parameter types and uses asymmetric attention to highlight mismatches from both ends of each connection. Experiments report threefold gains in F1 score and a 23.2 percent accuracy lift over prior methods, with further tests confirming adaptability to new network sizes and real topologies. A sympathetic reader would care because catching these subtle configuration problems could reduce failures in routing and other sovereign network functions.

Core claim

The GSID model solves the protocol configuration anomaly detection problem by treating it as detection of structural inconsistencies in a bipartite graph that captures both physical network entities and logical protocol states, employing an adaptive configuration encoder to handle heterogeneous parameters and an inconsistency dynamic attention mechanism that scores edges by drawing rule compliance from one end and route connectivity from the other.

What carries the argument

Graph Structural Inconsistency Detector (GSID) that converts anomaly detection into structural inconsistency scoring on a bipartite graph, using adaptive encoding for parameter variety and dynamic asymmetric attention to surface edge mismatches.

If this is right

  • GSID outperforms state-of-the-art baselines by threefold in F1 score and by 23.2 percent in accuracy on configuration anomaly detection.
  • Ablation studies confirm that both the adaptive configuration encoder and the inconsistency dynamic attention mechanism contribute to the performance gains.
  • Tests on unseen network scales and real-world topologies demonstrate superior adaptability compared with baselines.
  • The approach can enhance network resilience by identifying anomalies that arise from protocol configuration errors.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same bipartite-graph framing could be extended to track configuration drift over time rather than only static snapshots.
  • Integration with automated configuration tools might allow networks to flag and correct inconsistencies before they propagate.
  • Similar inconsistency scoring could apply to other layered systems where physical resources connect to logical rules, such as software-defined infrastructure.

Load-bearing premise

The bipartite graph constructed from physical network entities and logical protocol states is assumed to capture the relevant structural inconsistencies that correspond to actual configuration anomalies without significant missing relationships or noise.

What would settle it

Running GSID on a live network and finding that most flagged inconsistencies do not correspond to observable failures, routing errors, or configuration problems that actually affect operation would show the method does not detect meaningful anomalies.

Figures

Figures reproduced from arXiv: 2605.17716 by Chenhan Zhang, Massimo Piccardi, Raymond Owen, Wei Ni, Xin Hao.

Figure 1
Figure 1. Figure 1: According to the network protocols, the data packets (red) from router [PITH_FULL_IMAGE:figures/full_fig_p005_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: The bipartite graph G represents the physical network components and logical protocol states into two distinct node sets, denoted by entity nodes ve ∈ Ve and fact nodes vf ∈ Vf of the graph, respectively. By using this representation, it releases the burden for the subsequent learning algorithm for detecting anomalies across heterogeneous protocols in the network. fwd(R1, N1, R3) forwarding rule BGP route … view at source ↗
Figure 3
Figure 3. Figure 3: Illustration of protocol configuration anomaly in the bipartite graph. [PITH_FULL_IMAGE:figures/full_fig_p006_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Overall architecture of the proposed GSID, which first encodes raw node features using the CA node feature encoder, then performs [PITH_FULL_IMAGE:figures/full_fig_p008_4.png] view at source ↗
Figure 5
Figure 5. Figure 5: Architecture of the ACE. Numerical protocol parameters are mapped [PITH_FULL_IMAGE:figures/full_fig_p008_5.png] view at source ↗
Figure 6
Figure 6. Figure 6: Architecture of the IDA mechanism. The attention vector [PITH_FULL_IMAGE:figures/full_fig_p009_6.png] view at source ↗
Figure 7
Figure 7. Figure 7: Training convergence of GSID for the four configurable parameters. The four features converge sequentially, reflecting their intrinsic differences in [PITH_FULL_IMAGE:figures/full_fig_p011_7.png] view at source ↗
Figure 8
Figure 8. Figure 8: Training curves across all protocol configuration parameters. The proposed GSID consistently outperforms the baseline algorithms, with the performance [PITH_FULL_IMAGE:figures/full_fig_p012_8.png] view at source ↗
Figure 9
Figure 9. Figure 9: Training convergence of GSID for each of the four monitored protocol configuration parameters, under a 20% anomaly injection rate. The four features [PITH_FULL_IMAGE:figures/full_fig_p013_9.png] view at source ↗
Figure 10
Figure 10. Figure 10: Training curves across all protocol configuration parameters at a 20% anomaly injection rate. GSID consistently achieves the highest F1 score and [PITH_FULL_IMAGE:figures/full_fig_p013_10.png] view at source ↗
Figure 11
Figure 11. Figure 11: Scalability across different topologies. Validation across topology [PITH_FULL_IMAGE:figures/full_fig_p014_11.png] view at source ↗
Figure 12
Figure 12. Figure 12: Performance of all five algorithms as a function of anomaly rate, across three network scales and two metrics. For local preference, some benchmarks [PITH_FULL_IMAGE:figures/full_fig_p015_12.png] view at source ↗
read the original abstract

Sovereign network functions, e.g., routing protocols, are becoming increasingly complex and susceptible to failures arising from protocol configuration anomalies and anomalous configurations. This paper interprets the protocol configuration anomaly detection problem as detection of structural inconsistencies of connected nodes and edges in a bipartite graph that captures both physical network entities and logical protocol states. This graph structural inconsistency detector (GSID) model is proposed to solve the problem efficiently. To handle the heterogeneous nature of protocol configuration parameters, GSID employs an adaptive configuration encoder (ACE) that dynamically selects encoding strategies per parameter to preserve fine-grained numerical discrepancies. To expose the subtle inconsistencies of connected nodes and edges in the bipartite graph, GSID uses an inconsistency dynamic attention (IDA) mechanism that scores edges by drawing asymmetric attentions from both ends, rule compliance from one end and route connectivity from the other. It is demonstrated experimentally that GSID outperforms state-of-the-art baselines by threefold in F1 score and by 23.2% in accuracy. Ablation studies validate the effectiveness of both the ACE and IDA modules. Tests on unseen network scales and real-world network topologies show the superior adaptability of our GSID, compared to the baselines.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The manuscript proposes the Graph Structural Inconsistency Detector (GSID) to detect configuration anomalies in sovereign network functions by modeling them as structural inconsistencies in a bipartite graph that represents both physical network entities and logical protocol states. The approach introduces an Adaptive Configuration Encoder (ACE) to dynamically select encoding strategies for heterogeneous parameters and an Inconsistency Dynamic Attention (IDA) mechanism that scores edges using asymmetric attentions drawn from rule compliance and route connectivity. Experimental results claim that GSID outperforms state-of-the-art baselines by a factor of three in F1 score and by 23.2% in accuracy, with supporting ablation studies on the ACE and IDA modules plus generalization tests on unseen network scales and real-world topologies.

Significance. If the reported performance gains and generalization results hold under rigorous validation, the work could meaningfully advance network resilience techniques by offering a graph-based method tailored to protocol configuration anomalies. The ACE and IDA components provide targeted handling of parameter heterogeneity and subtle edge inconsistencies, which may extend to other graph anomaly tasks in networking. The emphasis on adaptability to different scales adds practical value for deployment in complex sovereign functions.

major comments (2)
  1. Abstract and §4 (Experimental Evaluation): The abstract states clear performance gains but supplies no information on datasets, baseline implementations, statistical tests, or potential post-hoc choices, leaving the central empirical claim without visible supporting detail. This is load-bearing for the threefold F1 and 23.2% accuracy assertions.
  2. §3 (Graph Construction and Modeling): The bipartite graph is assumed to capture the relevant structural inconsistencies that correspond to actual configuration anomalies without significant missing relationships or noise, yet no independent validation (e.g., expert-labeled anomalies or protocol log cross-checks) is described to confirm that edge/node inconsistencies align with real anomalies rather than artifacts of graph construction.
minor comments (2)
  1. Ensure consistent first-use definitions for acronyms GSID, ACE, and IDA in the main body.
  2. Clarify the exact composition of the real-world network topologies used in the generalization tests.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive comments and the opportunity to clarify our work. We address each major comment below with point-by-point responses, indicating where revisions have been made to strengthen the manuscript.

read point-by-point responses

  1. Referee: Abstract and §4 (Experimental Evaluation): The abstract states clear performance gains but supplies no information on datasets, baseline implementations, statistical tests, or potential post-hoc choices, leaving the central empirical claim without visible supporting detail. This is load-bearing for the threefold F1 and 23.2% accuracy assertions.

    Authors: We acknowledge that the abstract is concise and omits explicit details on the evaluation setup. Section 4 describes the datasets (synthetic networks generated from protocol models across varying scales plus real-world topologies), baseline reproductions (standard graph anomaly detectors with hyperparameters matched to original publications), and statistical procedures (results averaged over 10 random seeds with t-tests for significance). No post-hoc selection occurred; all configurations are reported. We have revised the abstract to include a one-sentence summary of the datasets and evaluation scope, and added a clarifying paragraph in §4 on baseline implementation and statistical testing. revision: yes

  2. Referee: §3 (Graph Construction and Modeling): The bipartite graph is assumed to capture the relevant structural inconsistencies that correspond to actual configuration anomalies without significant missing relationships or noise, yet no independent validation (e.g., expert-labeled anomalies or protocol log cross-checks) is described to confirm that edge/node inconsistencies align with real anomalies rather than artifacts of graph construction.

    Authors: The bipartite graph is derived directly from protocol specifications: nodes encode physical entities and logical states, while edges represent rule compliance and route connectivity extracted from standard protocol definitions. Anomalies are injected as explicit violations of these relations, aligning inconsistencies with anomalies by construction. We did not perform separate expert labeling or log cross-checks, which is a limitation of the current study. We have expanded §3 with additional justification of the mapping from graph structure to protocol anomalies and noted the reliance on specification-driven construction. revision: partial

Circularity Check

0 steps flagged

No circularity: empirical model proposal with independent experimental validation

full rationale

The paper introduces GSID as a graph-based anomaly detector using a bipartite graph of physical/logical entities, an adaptive configuration encoder (ACE), and an inconsistency dynamic attention (IDA) mechanism. All performance claims (3x F1, +23.2% accuracy, ablation results, generalization to unseen scales and real topologies) are presented as outcomes of experimental evaluation on test data, not as derivations or predictions that reduce to the model's own fitted parameters or definitions by construction. No equations, self-citations, or uniqueness theorems are invoked in the provided text to force the results. The graph-construction assumption is a modeling choice subject to external validation, not a self-referential loop.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 3 invented entities

The central claim rests on the modeling choice of a bipartite graph and the effectiveness of the two new modules; no free parameters are explicitly fitted in the abstract, and the new modules are introduced without external independent evidence.

axioms (1)
  • domain assumption A bipartite graph of physical entities and logical protocol states can represent configuration anomalies as structural inconsistencies
    Invoked in the interpretation of the anomaly detection problem as graph structural inconsistency.
invented entities (3)
  • GSID model no independent evidence
    purpose: Detect structural inconsistencies in the bipartite graph
    New proposed detector combining ACE and IDA
  • ACE module no independent evidence
    purpose: Dynamically select encoding strategies for heterogeneous parameters
    Component introduced to preserve numerical discrepancies
  • IDA mechanism no independent evidence
    purpose: Score edges using asymmetric attentions from both ends
    Component introduced to expose subtle inconsistencies

pith-pipeline@v0.9.0 · 5739 in / 1356 out tokens · 41031 ms · 2026-05-19T22:32:21.623928+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

  • IndisputableMonolith/Cost/FunctionalEquation.lean washburn_uniqueness_aczel unclear
    ?
    unclear

    Relation between the paper passage and the cited Recognition theorem.

    GSID employs an adaptive configuration encoder (ACE) that dynamically selects encoding strategies per parameter... inconsistency dynamic attention (IDA) mechanism that scores edges by drawing asymmetric attentions from both ends

What do these tags mean?
matches
The paper's claim is directly supported by a theorem in the formal canon.
supports
The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends
The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses
The paper appears to rely on the theorem as machinery.
contradicts
The paper's claim conflicts with a theorem or certificate in the canon.
unclear
Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Forward citations

Cited by 1 Pith paper

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. Sample-Efficient Misconfiguration Classification for Network Resilience in Wireless Communications

    cs.NI 2026-05 unverdicted novelty 7.0

    EtaGATv2, an edge-type-aware graph attention network, classifies protocol misconfigurations in wireless networks at state-of-the-art levels using 50% of the training samples by addressing non-uniform symptom propagati...

Reference graph

Works this paper leans on

82 extracted references · 82 canonical work pages · cited by 1 Pith paper

  1. [1]

    Re- silience and failure analysis in next-generation communication networks: A contemporary survey,

    S. Bi, X. Yuan, S. Hu, K. Li, W. Ni, E. Hossain, and X. Wang, “Re- silience and failure analysis in next-generation communication networks: A contemporary survey,”IEEE Trans. Network Sci. Eng., vol. 13, pp. 2793–2821, 2026

    work page 2026

  2. [2]

    Enhancing the resilience of communication networks,

    OECD, “Enhancing the resilience of communication networks,” Organ- isation for Economic Co-operation and Development, Tech. Rep., 2025

    work page 2025

  3. [3]

    Enhancing resiliency of integrated space-air ground- sea networks with renewable energies: A use case after the 2023 t ¨urkiye earthquake,

    B. Karaman, I. Basturk, S. Taskin, F. Kara, E. Zeydan, and H. Yanikomeroglu, “Enhancing resiliency of integrated space-air ground- sea networks with renewable energies: A use case after the 2023 t ¨urkiye earthquake,”IEEE Commun. Mag., vol. 62, no. 12, pp. 104–111, 2024

    work page 2023

  4. [4]

    An intelligent fault tolerant data routing scheme for wireless sensor network-assisted industrial Internet of Things,

    G. Kaur and P. Chanak, “An intelligent fault tolerant data routing scheme for wireless sensor network-assisted industrial Internet of Things,”IEEE Trans. Ind. Inf., vol. 19, no. 4, pp. 5543–5553, 2023

    work page 2023

  5. [5]

    Failures and resilience in the IP era: Navigating the fragility of modern telecommunications networks–the sovereign functions,

    R. Owenet al., “Failures and resilience in the IP era: Navigating the fragility of modern telecommunications networks–the sovereign functions,”IEEE Access, vol. 13, pp. 155 759–155 777, 2025

    work page 2025

  6. [6]

    Resilience and survivability in communication networks: Strategies, principles, and survey of disciplines,

    J. P. Sterbenzet al., “Resilience and survivability in communication networks: Strategies, principles, and survey of disciplines,”Computer Networks, vol. 54, no. 8, pp. 1245–1265, 2010

    work page 2010

  7. [8]

    GraphBGP: BGP anomaly detection based on dynamic graph learning,

    Z. Wu, Y . Li, X. Wang, Z. Diao, W. Fan, F. Xiao, and G. Xie, “GraphBGP: BGP anomaly detection based on dynamic graph learning,” IEEE Trans. Inf. Forensics Secur., vol. 20, pp. 9864–9877, 2025

    work page 2025

  8. [9]

    Stochastic anal- ysis of double blockchain architecture in IoT communication networks,

    X. Hao, P. L. Yeoh, Z. Ji, Y . Yu, B. Vucetic, and Y . Li, “Stochastic anal- ysis of double blockchain architecture in IoT communication networks,” IEEE Internet Things J., vol. 9, no. 12, pp. 9700–9711, 2022

    work page 2022

  9. [10]

    February 22, 2024 AT&T mo- bility network outage: Report and findings,

    Federal Communications Commission, “February 22, 2024 AT&T mo- bility network outage: Report and findings,” https://docs.fcc.gov/public/ attachments/DOC-404150A1.pdf, Jul. 2024, accessed: 2025-05-05. SUBMITTED TO IEEE TRANSACTIONS ON XXXX 17

    work page 2024

  10. [11]

    The July 2 communication failure and our re- sponse,

    KDDI Corporation, “The July 2 communication failure and our re- sponse,” https://www.kddi.com/english/important-news/20220729 01/, 2022, accessed: 2025-05-05

    work page arXiv 2022

  11. [12]

    June 15, 2020 T-Mobile network outage report,

    Federal Communications Commission, “June 15, 2020 T-Mobile network outage report,” https://docs.fcc.gov/public/attachments/ DOC-367699A1.pdf, Oct. 2020, accessed: 2025-05-05

    work page 2020

  12. [13]

    Understanding BGP misconfiguration,

    R. Mahajan, D. Wetherall, and T. Anderson, “Understanding BGP misconfiguration,” inProceedings of Conf. Appl., Technol., Archit., Protoc. Comput. Commun. (SIGCOMM), New York, USA, 2002

    work page 2002

  13. [14]

    Catastrophic cascade of failures in interdependent networks,

    S. V . Buldyrev, R. Parshani, G. Paul, H. E. Stanley, and S. Havlin, “Catastrophic cascade of failures in interdependent networks,”Nature, vol. 464, no. 7291, pp. 1025–1028, 2010

    work page 2010

  14. [15]

    Network-centric auditing and regulation for cryptocur- rency systems: A tutorial,

    Q. Dinget al., “Network-centric auditing and regulation for cryptocur- rency systems: A tutorial,”IEEE Trans. Network Sci. Eng., vol. 13, pp. 7498–7511, 2026

    work page 2026

  15. [16]

    From large AI models to agentic AI: A tutorial on future intelligent communications,

    F. Jiang, C. Pan, K. Wang, P. Michiardi, O. A. Dobre, and M. Debbah, “From large AI models to agentic AI: A tutorial on future intelligent communications,”IEEE J. Sel. Areas Commun., vol. 44, pp. 3507–3540, 2026

    work page 2026

  16. [17]

    Learning- based predictive beamforming for integrated sensing and communication in vehicular networks,

    C. Liu, W. Yuan, S. Li, X. Liu, H. Li, D. W. K. Ng, and Y . Li, “Learning- based predictive beamforming for integrated sensing and communication in vehicular networks,”IEEE J. Sel. Areas Commun., vol. 40, no. 8, pp. 2317–2334, Aug. 2022

    work page 2022

  17. [18]

    Graph-aware diffusion policy for fault-tolerant agentic AI service migration in edge computing power networks,

    H. Fang, P. Yu, X. Liu, J. Liu, Z. Qu, Y . Wang, W. Li, S. Guo, and C. Wu, “Graph-aware diffusion policy for fault-tolerant agentic AI service migration in edge computing power networks,”IEEE Trans. Network Sci. Eng., vol. 13, pp. 5992–6009, 2026

    work page 2026

  18. [19]

    Agentic graph neural networks for wireless commu- nications and networking toward edge general intelligence: A survey,

    Y . Lu, S. Zhang, C. Liu, R. Zhang, B. Ai, D. Niyato, W. Ni, X. Wang, and A. Jamalipour, “Agentic graph neural networks for wireless commu- nications and networking toward edge general intelligence: A survey,” IEEE Commun. Surv. Tutorials, vol. 28, pp. 4519–4554, 2026

    work page 2026

  19. [20]

    Task-specific trust evaluation for multi-hop collaborator selection via GNN-aided distributed agentic AI,

    B. Zhu, X. Wang, and D. Niyato, “Task-specific trust evaluation for multi-hop collaborator selection via GNN-aided distributed agentic AI,” IEEE J. Sel. Areas Commun., vol. 44, pp. 2411–2426, 2026

    work page 2026

  20. [21]

    BGP anomaly detection techniques: A survey,

    B. Al-Musawi, P. Branch, and G. Armitage, “BGP anomaly detection techniques: A survey,”IEEE Commun. Surv. Tutorials, vol. 19, no. 1, pp. 377–396, 2017

    work page 2017

  21. [22]

    ACMA statement on Optus Triple Zero investigation,

    Australian Communications and Media Authority, “ACMA statement on Optus Triple Zero investigation,” https://www.acma.gov.au/articles/ 2025-09/acma-statement-optus-triple-zero-investigation, September 2025, accessed: 18 April 2026

    work page 2025

  22. [23]

    CloudTrie: An uncertainty-quantified anomaly detection framework for prefix hijacking with multisource fusion,

    Z. Wuet al., “CloudTrie: An uncertainty-quantified anomaly detection framework for prefix hijacking with multisource fusion,”IEEE Trans. Instrum. Meas., vol. 75, pp. 1–14, 2026

    work page 2026

  23. [24]

    Provisioning for interdomain quality of service: the mescal approach,

    M. Howarthet al., “Provisioning for interdomain quality of service: the mescal approach,”IEEE Commun. Mag., vol. 43, no. 6, pp. 129–137, 2005

    work page 2005

  24. [25]

    On the importance of resilience engineering for networked systems in a changing world,

    D. Hutchison, D. Pezaros, J. Rak, and P. Smith, “On the importance of resilience engineering for networked systems in a changing world,” IEEE Commun. Mag., vol. 61, no. 11, pp. 200–206, 2023

    work page 2023

  25. [26]

    Resilient and robust QoS-preserving post-fault VNF placement,

    D. M. Manias, A. Chouman, J. Naoum-Sawaya, and A. Shami, “Resilient and robust QoS-preserving post-fault VNF placement,”IEEE Network- ing Lett., vol. 5, no. 4, pp. 270–274, 2023

    work page 2023

  26. [27]

    Minimum candidate selection al- gorithm for hybrid IP/SDN networks with single link failures,

    N. Vuppalapati and T. Venkatesh, “Minimum candidate selection al- gorithm for hybrid IP/SDN networks with single link failures,”IEEE Networking Lett., vol. 4, no. 3, pp. 152–156, 2022

    work page 2022

  27. [28]

    Reliably route IoT packets in software defined mmwave mesh networks,

    T.-Q. Bai, C.-Y . Huang, and Y .-K. Lee, “Reliably route IoT packets in software defined mmwave mesh networks,”IEEE Networking Lett., vol. 5, no. 1, pp. 50–54, 2023

    work page 2023

  28. [29]

    Failure-resilient server allocation model with single-database connectivity for delay-sensitive Internet-of- Things monitoring,

    S. Imanaka, M. Inoue, and E. Oki, “Failure-resilient server allocation model with single-database connectivity for delay-sensitive Internet-of- Things monitoring,”IEEE Networking Lett., vol. 7, no. 3, pp. 215–219, 2025

    work page 2025

  29. [30]

    An AI-driven intent-based network architecture,

    Y . Njah, A. Leivadeas, and M. Falkner, “An AI-driven intent-based network architecture,”IEEE Commun. Mag., vol. 63, no. 4, pp. 146– 153, 2025

    work page 2025

  30. [31]

    NetKG: Synthesizing interpretable network router configurations with knowledge graph,

    Z. Guo, F. Li, P. Zhang, X. Wang, and J. Cao, “NetKG: Synthesizing interpretable network router configurations with knowledge graph,” IEEE Trans. Comput., vol. 74, no. 11, pp. 3722–3735, 2025

    work page 2025

  31. [32]

    Experiences with modeling network topologies at multiple levels of abstraction,

    J. C. Mogulet al., “Experiences with modeling network topologies at multiple levels of abstraction,” in17th USENIX Symp. Networked Systems Design and Implementation (NSDI), 2020, pp. 403–418

    work page 2020

  32. [33]

    Self-healing in knowledge-driven autonomous networks: Context, challenges, and future directions,

    H. Fanget al., “Self-healing in knowledge-driven autonomous networks: Context, challenges, and future directions,”IEEE Network, vol. 38, no. 6, pp. 425–432, 2024

    work page 2024

  33. [34]

    A border gateway protocol 4 (bgp-4),

    Y . Rekhter, T. Li, and S. Hares, “A border gateway protocol 4 (bgp-4),” RFC 4271 (Draft Standard), Jan. 2006. [Online]. Available: https://datatracker.ietf.org/doc/html/rfc4271

    work page 2006

  34. [35]

    Ospf version 2,

    J. Moy, “Ospf version 2,” RFC 2328 (Internet Standard), Apr. 1998. [Online]. Available: https://datatracker.ietf.org/doc/html/rfc2328

    work page 1998

  35. [36]

    On supporting ip routing in the next generation of mobile systems,

    H. Hellaoui, M. Laitila, M. Isom ¨aki, and H. Chao, “On supporting ip routing in the next generation of mobile systems,”IEEE Communica- tions Standards Magazine, vol. 9, no. 1, pp. 44–50, 2025

    work page 2025

  36. [37]

    A generative model-guided distributed DRL framework for scalable and efficient SFC orchestration in future network architectures,

    M. A. Onsu, P. Lohan, B. Kantarci, and E. Janulewicz, “A generative model-guided distributed DRL framework for scalable and efficient SFC orchestration in future network architectures,”IEEE Trans. Network Sci. Eng., vol. 13, pp. 2708–2725, 2026

    work page 2026

  37. [38]

    TOAST: Task-oriented adaptive semantic transmission over dynamic wireless environments,

    S. Yun, J. Pei, and P. Wang, “TOAST: Task-oriented adaptive semantic transmission over dynamic wireless environments,”IEEE Trans. Net- work Sci. Eng., vol. 13, pp. 4331–4349, 2026

    work page 2026

  38. [39]

    Observer-based dynamic event-triggered strategies for leader-following consensus of multi-agent systems with disturbances,

    X. Ruan, J. Feng, C. Xu, and J. Wang, “Observer-based dynamic event-triggered strategies for leader-following consensus of multi-agent systems with disturbances,”IEEE Trans. Network Sci. Eng., vol. 7, no. 4, pp. 3148–3158, 2020

    work page 2020

  39. [40]

    Dynamic authentication and granularized authorization with a cross-domain zero trust architecture in large-scale iot networks,

    X. Ma, F. Fang, T. Liu, and X. Wang, “Dynamic authentication and granularized authorization with a cross-domain zero trust architecture in large-scale iot networks,”IEEE Trans. Network Sci. Eng., vol. 13, pp. 5888–5904, 2026

    work page 2026

  40. [41]

    Secure deep reinforcement learning for dynamic resource allocation in wireless MEC networks,

    X. Hao, P. L. Yeoh, C. She, B. Vucetic, and Y . Li, “Secure deep reinforcement learning for dynamic resource allocation in wireless MEC networks,”IEEE Trans. Commun., vol. 72, no. 3, pp. 1414–1427, 2024

    work page 2024

  41. [42]

    A novel UA V-assisted V ANET routing protocol for post-disaster emergency communications,

    Z. Fan, M. Zhang, Y . Cao, Z. Liu, O. Kaiwartya, Y . Javed, and F. Bashir Hussain, “A novel UA V-assisted V ANET routing protocol for post-disaster emergency communications,”IEEE Trans. Network Sci. Eng., vol. 13, pp. 4863–4882, 2026

    work page 2026

  42. [43]

    A constrained deep reinforcement learning optimization for reliable network slicing in a blockchain-secured low-latency wireless network,

    X. Hao, P. L. Yeoh, C. She, Y . Yu, B. Vucetic, and Y . Li, “A constrained deep reinforcement learning optimization for reliable network slicing in a blockchain-secured low-latency wireless network,” inProceedings of IEEE Int. Conf. Commun. (ICC), 2024, pp. 91–96

    work page 2024

  43. [44]

    APGNN: Alarm propagation graph neural network for fault detection and alarm root cause analysis,

    W. Jiang and Y . Bai, “APGNN: Alarm propagation graph neural network for fault detection and alarm root cause analysis,”Comput. Netw., vol. 220, no. C, Jan. 2023

    work page 2023

  44. [45]

    Sequence alignment and dual-graph fusion-based manifold regularization for root-cause identification of industrial alarm floods,

    N. Chen, W. Hu, J. Shang, and H. S. Alinezhad, “Sequence alignment and dual-graph fusion-based manifold regularization for root-cause identification of industrial alarm floods,”IEEE Trans. Ind. Inf., vol. 22, no. 4, pp. 3066–3077, 2026

    work page 2026

  45. [46]

    An adaptive graph-based approach for similarity analysis and early classification of alarm floods,

    A. Davoodi and A. W. Al-Dabbagh, “An adaptive graph-based approach for similarity analysis and early classification of alarm floods,”IEEE Trans. Autom. Sci. Eng., vol. 23, pp. 3198–3213, 2026

    work page 2026

  46. [47]

    GonoGo–assessing the confidence level of distribute intrusion detection systems alarms based on BGP,

    R. S. Silva and L. M. Felipe de Moraes, “GonoGo–assessing the confidence level of distribute intrusion detection systems alarms based on BGP,”IEEE Trans. Netw. Serv. Manage., vol. 22, no. 1, pp. 209–219, 2025

    work page 2025

  47. [48]

    Cisco Meraki,Managing Multiple Networks with Configuration Tem- plates, Cisco Meraki, 2020

    work page 2020

  48. [49]

    Learning to configure computer networks with neural algorithmic reasoning,

    L. Beurer-Kellner, M. Vechev, L. Vanbever, and P. Veliˇckovi´c, “Learning to configure computer networks with neural algorithmic reasoning,” in Proceedings of Int. Conf. Neural Inf. Process. Syst. (NeurIPS), 2022

    work page 2022

  49. [50]

    RouteNet: Leveraging graph neural networks for network modeling and optimization in SDN,

    K. Rusek, J. Su ´arez-Varela, P. Almasan, P. Barlet-Ros, and A. Cabellos- Aparicio, “RouteNet: Leveraging graph neural networks for network modeling and optimization in SDN,”IEEE J. Sel. Areas Commun., vol. 38, no. 10, pp. 2260–2270, 2020

    work page 2020

  50. [51]

    RouteNet-Fermi: Network modeling with graph neural networks,

    Ferriol-Galm ´eset al., “RouteNet-Fermi: Network modeling with graph neural networks,”IEEE/ACM Trans. Networking, vol. 31, no. 6, pp. 3080–3095, 2023

    work page 2023

  51. [52]

    RouteNet-Gauss: Hardware-enhanced net- work modeling with machine learning,

    C. G ¨uemes-Palauet al., “RouteNet-Gauss: Hardware-enhanced net- work modeling with machine learning,”IEEE/ACM Trans. Networking, vol. 34, pp. 3840–3853, 2026

    work page 2026

  52. [53]

    Graph neural network-based bandwidth allocation for secure wireless commu- nications,

    X. Hao, P. L. Yeoh, Y . Liu, C. She, B. Vucetic, and Y . Li, “Graph neural network-based bandwidth allocation for secure wireless commu- nications,” inProceedings of IEEE Int. Conf. Commun. (ICC), 2023, pp. 332–337

    work page 2023

  53. [54]

    Distributed on-demand routing algorithm with graph representation learning for industrial IoT,

    B. Dai, H. Li, and W. Huang, “Distributed on-demand routing algorithm with graph representation learning for industrial IoT,”IEEE Trans. Network Sci. Eng., vol. 12, no. 1, pp. 332–343, 2025

    work page 2025

  54. [55]

    CDMR: Effective computing-dependent multi-path routing strategies in satellite and terres- trial integrated networks,

    C. Wang, Z. Ren, W. Cheng, and H. Zhang, “CDMR: Effective computing-dependent multi-path routing strategies in satellite and terres- trial integrated networks,”IEEE Trans. Network Sci. Eng., vol. 9, no. 5, pp. 3715–3730, 2022

    work page 2022

  55. [56]

    FASTGNN: A topological information protected federated learning approach for traffic speed forecasting,

    C. Zhang, S. Zhang, J. J. Q. Yu, and S. Yu, “FASTGNN: A topological information protected federated learning approach for traffic speed forecasting,”IEEE Trans. Ind. Inf., vol. 17, no. 12, pp. 8464–8474, 2021

    work page 2021

  56. [57]

    Toward traffic engineering in anonymous communication networks: A meta-routing learning ap- SUBMITTED TO IEEE TRANSACTIONS ON XXXX 18 proach,

    Y . Guo, J. Lv, H. Luo, H. Zhou, and B. Lin, “Toward traffic engineering in anonymous communication networks: A meta-routing learning ap- SUBMITTED TO IEEE TRANSACTIONS ON XXXX 18 proach,”IEEE Trans. Network Sci. Eng., vol. 13, pp. 2572–2585, 2026

    work page 2026

  57. [58]

    Hybrid-task meta-learning: A GNN approach for scalable and transferable bandwidth allocation,

    X. Hao, C. She, P. L. Yeoh, Y . Liu, B. Vucetic, and Y . Li, “Hybrid-task meta-learning: A GNN approach for scalable and transferable bandwidth allocation,”IEEE Trans. Wireless Commun., vol. 23, no. 12, pp. 19 820– 19 835, 2024

    work page 2024

  58. [59]

    Graph neural networks for quality of service improvement in interference-limited ultra-reliable and low-latency communications,

    Y . Liu, C. She, Y . Zhong, W. Hardjawana, F.-C. Zheng, and B. Vucetic, “Graph neural networks for quality of service improvement in interference-limited ultra-reliable and low-latency communications,” IEEE Trans. Veh. Technol., vol. 73, no. 3, pp. 3718–3732, 2024

    work page 2024

  59. [60]

    Edge-wise gated graph neural network for user association in massive URLLC,

    X. Liu, C. She, Y . Li, and B. Vucetic, “Edge-wise gated graph neural network for user association in massive URLLC,” inProceedings of 2021 IEEE Globecom Workshops (GC Wkshps), 2021, pp. 1–6

    work page 2021

  60. [61]

    Change management in physical network lifecycle automation,

    M. Al-Fareset al., “Change management in physical network lifecycle automation,” in2023 USENIX Annual Technical Conference (USENIX). Boston, MA: USENIX Association, Jul. 2023, pp. 635–653

    work page 2023

  61. [62]

    Beyond the edge: An advanced exploration of reinforcement learning for mobile edge com- puting, its applications, and future research trajectories,

    N. Yang, S. Chen, H. Zhang, and R. Berry, “Beyond the edge: An advanced exploration of reinforcement learning for mobile edge com- puting, its applications, and future research trajectories,”IEEE Commun. Surv. Tutorials, vol. 27, no. 1, pp. 546–594, 2025

    work page 2025

  62. [63]

    Scalable double blockchain architecture for IoT information and reputation man- agement,

    X. Hao, P. L. Yeoh, T. Wu, Y . Yu, Y . Li, and B. Vucetic, “Scalable double blockchain architecture for IoT information and reputation man- agement,” in2021 IEEE 7th World Forum on Internet of Things (WF- IoT), 2021, pp. 171–176

    work page 2021

  63. [64]

    A comprehensive survey of machine learning applied to resource allocation in wireless communications,

    D. G. S. Pivoto, F. A. P. d. Figueiredo, C. Cavdar, G. R. d. L. Tejerina, and L. L. Mendes, “A comprehensive survey of machine learning applied to resource allocation in wireless communications,”IEEE Commun. Surv. Tutorials, vol. 28, pp. 1986–2053, 2026

    work page 1986

  64. [65]

    Dynamic adaptive aggregation and feature pyramid network enhanced graphsage for advanced persistent threat detection in next-generation communication networks,

    L. Kouet al., “Dynamic adaptive aggregation and feature pyramid network enhanced graphsage for advanced persistent threat detection in next-generation communication networks,”IEEE Trans. Netw. Serv. Manage., vol. 23, pp. 2712–2727, 2026

    work page 2026

  65. [66]

    Support vector machine approach of malicious user identification in cognitive radio networks,

    K. Arshidet al., “Support vector machine approach of malicious user identification in cognitive radio networks,”Wirel. Netw., vol. 30, no. 6, p. 4761–4772, Sep. 2022

    work page 2022

  66. [67]

    Graph optimization via decoupled edge tuning for efficient industrial anomaly detection,

    K. Wang, S. Lyu, Y . Liu, and B. Wang, “Graph optimization via decoupled edge tuning for efficient industrial anomaly detection,”IEEE Trans. Network Sci. Eng., vol. 12, no. 5, pp. 4028–4043, 2025

    work page 2025

  67. [68]

    Blockchain anomaly transaction detection method based on graph continual learning,

    X. Shen, C. Xu, and L. Zhu, “Blockchain anomaly transaction detection method based on graph continual learning,”IEEE Trans. Network Sci. Eng., vol. 13, pp. 6059–6078, 2026

    work page 2026

  68. [69]

    Multimodal multitask control plane verification framework,

    Y . Dai, H. Zhang, J. Wang, and J. Liao, “Multimodal multitask control plane verification framework,”IEEE Trans. Netw. Serv. Manage., vol. 21, no. 6, pp. 6684–6702, 2024

    work page 2024

  69. [70]

    Performance and features: Mitigating the low-rate TCP-targeted DoS attack via SDN,

    D. Tang, Y . Yan, S. Zhang, J. Chen, and Z. Qin, “Performance and features: Mitigating the low-rate TCP-targeted DoS attack via SDN,” IEEE J. Sel. Areas Commun., vol. 40, no. 1, pp. 428–444, 2022

    work page 2022

  70. [71]

    DeepBGP: A machine learning approach for BGP configuration synthesis,

    M. Bahnasy, F. Li, S. Xiao, and X. Cheng, “DeepBGP: A machine learning approach for BGP configuration synthesis,” inProceedings of the Workshop on Network Meets AI & ML (SIGCOMM Workshop), New York, USA, 2020, pp. 48–55

    work page 2020

  71. [72]

    Neural message passing for quantum chemistry,

    J. Gilmer, S. S. Schoenholz, P. F. Riley, O. Vinyals, and G. E. Dahl, “Neural message passing for quantum chemistry,” inProceedings of the 34th Int. Conf. Machine Learning (ICML), 2017, p. 1263–1272

    work page 2017

  72. [73]

    Recognizing BGP communities based on graph neural network,

    Y . Tan, W. Huang, Y . You, S. Su, and H. Lu, “Recognizing BGP communities based on graph neural network,”IEEE Network, vol. 38, no. 6, pp. 282–288, 2024

    work page 2024

  73. [74]

    BGNN: Detection of BGP anomalies using graph neural networks,

    K. Hoarau, P. U. Tournoux, and T. Razafindralambo, “BGNN: Detection of BGP anomalies using graph neural networks,” inProceedings of 2022 IEEE Symp. Computers Commun. (ISCC), 2022, pp. 1–6

    work page 2022

  74. [75]

    Semi-supervised classification with graph convolutional networks,

    T. N. Kipf and M. Welling, “Semi-supervised classification with graph convolutional networks,” inProceedings of Int. Conf. Learn. Represen- tations (ICLR), 2017

    work page 2017

  75. [76]

    Graph attention networks,

    P. Veli ˇckovi´c, G. Cucurull, A. Casanova, A. Romero, P. Li `o, and Y . Bengio, “Graph attention networks,” inProceedings of Int. Conf. Learn. Representations (ICLR), 2018

    work page 2018

  76. [77]

    Graph transformer networks,

    S. Yun, M. Jeong, R. Kim, J. Kang, and H. J. Kim, “Graph transformer networks,”Advances neural information processing syst., vol. 32, 2019

    work page 2019

  77. [78]

    Attack detection and location using state forecasting in multivariate time series of ICS,

    G. Cao, Y . Wu, D. Yu, and Z. Wang, “Attack detection and location using state forecasting in multivariate time series of ICS,”IEEE Trans. Network Sci. Eng., vol. 12, no. 4, pp. 2989–3001, 2025

    work page 2025

  78. [79]

    Dual graph learning for multivariate time series anomaly detection in IoUT,

    Y . Luo, J. Chen, S. Qin, and D. Wu, “Dual graph learning for multivariate time series anomaly detection in IoUT,”IEEE Trans. Network Sci. Eng., vol. 13, pp. 1632–1646, 2026

    work page 2026

  79. [80]

    Asynchronous decentralized federated anomaly detection for 6G networks,

    Y . Liu and K. Yang, “Asynchronous decentralized federated anomaly detection for 6G networks,”IEEE Trans. Cognit. Commun. Networking, vol. 11, no. 5, pp. 3384–3396, 2025

    work page 2025

  80. [81]

    How attentive are graph attention networks?

    S. Brody, U. Alon, and E. Yahav, “How attentive are graph attention networks?” inProceedings of Int. Conf. Learn. Representations (ICLR), 2022

    work page 2022

Showing first 80 references.