Sort by
Ephemeral Semantic Telemetry: A Learning-Mediated Model for Commandless Operational Technology Data Exchange
Daniel Ward
Posted: 10 July 2026
A Decision-Diagram Framework for Conflict Detection in Multi-Layer Cilium Network Policies
Thawatchai Chomsiri
,Suwichai Phunsa
Cilium is among the most widely deployed Container Network Interfaces (CNIs), serving as the default CNI in Google Kubernetes Engine. It extends standard Kubernetes NetworkPolicy (KNP) with two additional types—CiliumNetworkPolicy (CNP) and CiliumClusterwideNetworkPolicy (CCNP)—each with distinct semantics. When all three coexist in a cluster, the resulting composition is difficult to reason about formally, leading to misconfiguration and security incidents. Existing verification tools, KANO and VeriKube, address subsets of the problem but share two critical limitations: neither provides a formal denotational semantics that precisely characterizes the three-layer composition, nor a canonical representation enabling policy-equivalence checking with completeness guarantees. We close this gap with three contributions. First, we develop the first formal denotational semantics for Cilium’s three-layer composed policy—KNP (additive), CNP (deny-wins), CCNP (cluster-override)—and prove that the composite function is Hyper-Rectangular Piecewise-Constant (HRPC-like). Second, we construct a canonical Reduced Ordered Interval Decision Diagram (ROIDD) for the composite policy space and prove a canonicity theorem, enabling policy-equivalence checking as structural isomorphism in O(|ROIDD|) time. Third, we develop certified conflict-detection algorithms for shadow, redundancy, and cross-layer conflict anomalies across all three layers with formal proofs of soundness and completeness. Experimental evaluation on synthetic policies confirms zero mismatches between ROIDD evaluation and ground-truth brute-force, ROIDD compression ratios of 5–15× over the unshared decision tree, and low-microsecond (0.56–1.52 µs) per-packet lookup latency regardless of policy size. A native C++ implementation, evaluated on the same policy dataset, reconstructs the identical decision-diagram structure and classifies each packet in under 45 ns—about 30× faster than the Python reference—confirming that sub-microsecond classification is inherent to the algorithm rather than an artifact of the implementation language.
Cilium is among the most widely deployed Container Network Interfaces (CNIs), serving as the default CNI in Google Kubernetes Engine. It extends standard Kubernetes NetworkPolicy (KNP) with two additional types—CiliumNetworkPolicy (CNP) and CiliumClusterwideNetworkPolicy (CCNP)—each with distinct semantics. When all three coexist in a cluster, the resulting composition is difficult to reason about formally, leading to misconfiguration and security incidents. Existing verification tools, KANO and VeriKube, address subsets of the problem but share two critical limitations: neither provides a formal denotational semantics that precisely characterizes the three-layer composition, nor a canonical representation enabling policy-equivalence checking with completeness guarantees. We close this gap with three contributions. First, we develop the first formal denotational semantics for Cilium’s three-layer composed policy—KNP (additive), CNP (deny-wins), CCNP (cluster-override)—and prove that the composite function is Hyper-Rectangular Piecewise-Constant (HRPC-like). Second, we construct a canonical Reduced Ordered Interval Decision Diagram (ROIDD) for the composite policy space and prove a canonicity theorem, enabling policy-equivalence checking as structural isomorphism in O(|ROIDD|) time. Third, we develop certified conflict-detection algorithms for shadow, redundancy, and cross-layer conflict anomalies across all three layers with formal proofs of soundness and completeness. Experimental evaluation on synthetic policies confirms zero mismatches between ROIDD evaluation and ground-truth brute-force, ROIDD compression ratios of 5–15× over the unshared decision tree, and low-microsecond (0.56–1.52 µs) per-packet lookup latency regardless of policy size. A native C++ implementation, evaluated on the same policy dataset, reconstructs the identical decision-diagram structure and classifies each packet in under 45 ns—about 30× faster than the Python reference—confirming that sub-microsecond classification is inherent to the algorithm rather than an artifact of the implementation language.
Posted: 08 July 2026
An Asynchronous, Non-Blocking Framework for Next-Generation Edge API Gateways: Formal Design and Empirical Evaluation
Satish Chavali
Posted: 30 June 2026
QUEST: A Quantum Key Distribution Protocol Employing Eight-State Time-Bin Modulation and Homodyne-Heterodyne Hybridization
Vidhya Prakash Rajendran
,Deepalakshmi Perumalsamy
,Basker Palaniswamy
,Ashok Kumar Das
,Vivekananda Bhat K.
Posted: 25 June 2026
Frame-Shifting Adversaries: A Relational Systems Model for Mythos-Class AI and Discontinuous Cyber Behavior
Robert Campbell
Posted: 18 June 2026
Sensor System Design and Deployment for Environmental and Visitor Monitoring in Cultural Heritage Sites
Sofía Aparicio
,Fernando Ramonet
,Lidia Abad
,Darío Sánchez
,Antonio de la Cruz
,Tianyu Yin
,Rundong Zhang
,José Javier Anaya
Posted: 17 June 2026
Post-Quantum Cryptography Migration for Agentic AI Systems
Robert Campbell
Posted: 15 June 2026
Distributed Wi-Fi-Based System for Monitoring the Condition of Building Structures
Nurbol Kaliaskarov
,Ulan Yessenzholov
,Ruslan Mekhtiyev
,Elena Neshina
,Marianella Gavrilova
,Gulzat Mashrapova
,Zhaina Zhaxylyk
Posted: 12 June 2026
FL-SDMN: A Federated Learning-Based Software-Defined Mobile Networking for Intelligent Handover Optimization
Teresia Ankome
,Guy-Alain Lusilao Zodi
,Eisuke Hanada
Posted: 10 June 2026
Kubernetes Rooms: A Comprehensive Review of Multi-Tenancy, Privacy, and Security Approaches
Ratana Soth
,Leangsiv Sok
Posted: 09 June 2026
Evil Twin Attack in Wi-Fi Networks: Evolution, Mutation Taxonomy, and Exposure Time Analysis (2005–2026)
Piotr Augustyniak
,Piotr Leszek Zwierzykowski
Posted: 04 June 2026
Bit Allocation in Spatially Correlated Sensor Fields: Shapley Value-Based Allocation vs. Heuristic Approaches
Sang-Seon Byun
Posted: 02 June 2026
A Readiness and Maturity Framework for Post-Quantum TLS Adoption
Francis Kagai
Posted: 02 June 2026
A TSNFA-TinyML Hybrid Algorithm that Achieves Full Suppression of False Positives and Signal Classification Under Drifting Noise
Sergii Makovetskyi
,Lars Thomsen
Posted: 28 May 2026
Comparative Analysis of the Extended Persistence Policy on Distance-Vector and Link-State Routing Performance in the DOUNG Ad Hoc Network
Dedjinh Nino Payang
,Mahamadou Issoufou Tiado
Posted: 27 May 2026
Autonomous Underwater Vehicle–Enabled Data Collection for Underwater Wireless Sensor Networks: A Systematic Taxonomy, Protocol Review, and Open Challenges
Nisreen Albzour
,Ragda Bawaneh
Posted: 25 May 2026
Combined Radar and Magnetometer Sensor Network with LoRa-Mediated Awareness for Wildlife-Vehicle Collision Prevention: A Monte Carlo Analysis
Sergii Makovetskyi
,Lars Thomsen
Posted: 25 May 2026
From Opaque Streams to Explainable Systems: Semantic MQTT Integration at the Edge
Niklas Doerner
,Maria Maleshkova
Posted: 22 May 2026
Task Scheduling of Joint Node Selection and Path Planning in Computing Power Network
Chengyong Yang
,Xuanlong Ruan
,Jianlin Cheng
Posted: 20 May 2026
Robust Fast 3D Beam Alignment for UAV-Assisted mmWave and Terahertz Communications
Loubna Gafari
,Wissal Attaoui
,Essaid Sabir
,Elmahdi Driouch
Posted: 19 May 2026
of 26