Hans D. Schotten

Rodrigo Hernangómez, Philipp Geuer, Alexandros Palaios et al.

The evolution of wireless communications into 6G and beyond is expected to rely on new machine learning (ML)-based capabilities. These can enable proactive decisions and actions from wireless-network components to sustain quality-of-service (QoS) and user experience. Moreover, new use cases in the area of vehicular and industrial communications will emerge. Specifically in the area of vehicle communication, vehicle-to-everything (V2X) schemes will benefit strongly from such advances. With this in mind, we have conducted a detailed measurement campaign that paves the way to a plethora of diverse ML-based studies. The resulting datasets offer GPS-located wireless measurements across diverse urban environments for both cellular (with two different operators) and sidelink radio access technologies, thus enabling a variety of different studies towards V2X. The datasets are labeled and sampled with a high time resolution. Furthermore, we make the data publicly available with all the necessary information to support the onboarding of new researchers. We provide an initial analysis of the data showing some of the challenges that ML needs to overcome and the features that ML can leverage, as well as some hints at potential research studies.

Alexandros Palaios, Christian L. Vielhaus, Daniel F. Külzer et al.

As cellular networks evolve towards the 6th generation, machine learning is seen as a key enabling technology to improve the capabilities of the network. Machine learning provides a methodology for predictive systems, which can make networks become proactive. This proactive behavior of the network can be leveraged to sustain, for example, a specific quality of service requirement. With predictive quality of service, a wide variety of new use cases, both safety- and entertainment-related, are emerging, especially in the automotive sector. Therefore, in this work, we consider maximum throughput prediction enhancing, for example, streaming or high-definition mapping applications. We discuss the entire machine learning workflow highlighting less regarded aspects such as the detailed sampling procedures, the in-depth analysis of the dataset characteristics, the effects of splits in the provided results, and the data availability. Reliable machine learning models need to face a lot of challenges during their lifecycle. We highlight how confidence can be built on machine learning technologies by better understanding the underlying characteristics of the collected data. We discuss feature engineering and the effects of different splits for the training processes, showcasing that random splits might overestimate performance by more than twofold. Moreover, we investigate diverse sets of input features, where network information proved to be most effective, cutting the error by half. Part of our contribution is the validation of multiple machine learning models within diverse scenarios. We also use explainable AI to show that machine learning can learn underlying principles of wireless networks without being explicitly programmed. Our data is collected from a deployed network that was under full control of the measurement team and covered different vehicular scenarios and radio environments.

Bin Han, Muxia Sun, H. Vincent Poor et al.

Injecting artificial noise (AN) along the tangent space of a curved constellation makes each transmitted symbol induce a Gaussian observation with a symbol-dependent rank-one covariance, so the matched maximum-likelihood (ML) decoder differs from the Euclidean nearest-neighbor decoder by a single rank-one correction per candidate. We develop a baseband-demapper realization of this correction for the Fourier-curve constellation and instantiate a regular $(3,6)$ low-density parity-check (LDPC)-coded link at $(k,M){=}(20,64)$. Against four baselines (Euclidean-mismatched, flat-constellation isotropic-AN, no-AN, and same-spectral-efficiency narrowband), the matched decoder extends the BLER${=}10^{-1}$ operating range by approximately $5$\,dB over the Euclidean-mismatched counterpart on the same tangent-AN transmitter, at a cost of $2kM$ additional multiply-accumulate operations per symbol ($+50\%/+100\%$ under residual/template-correlation accounting) and a $20$\,KB constellation--tangent lookup table ($10$\,KB incremental over a Euclidean template-only LUT). A bit-interleaved coded-modulation achievable-rate (BICM-AIR) computation supports the same matched-metric advantage at the tested labeling and max-log demapper, indicating that the BLER gain is not merely an artifact of this particular LDPC simulation, and a Woodbury extension generalizes the rank-one correction to per-tone Ricean fading. In the tested Monte-Carlo runs, a design-aware bounded-search eavesdropper without the phase-key shows no successful LDPC decoding at any tested $k\in\{2,8,20\}$ within a $B{=}10^{3}$ non-code-aided search budget; code-aided, multi-frame, and known-preamble attacks are left to follow-up work. LUT quantization down to $6$ bits yields no measurable coded-BLER degradation at the tested operating points.

Bin Han, Hao Chen, Muxia Sun et al.

We study matched and Euclidean-mismatched decoding on finite Fourier-curve constellations with tangent-space artificial noise. Each hypothesis induces a Gaussian law with symbol-dependent rank-one covariance. We derive exact Euclidean pairwise errors for arbitrary pairs and an exact Gaussian-expectation representation for matched decoding on bilaterally tangent-orthogonal pairs. For uniform even constellations, the Euclidean side yields explicit distance spectra and symbol-error bounds across all offset classes; the matched side is exact on antipodal pairs and benchmarked numerically at the full-codebook level via Monte Carlo. By isolating the detection-theoretic consequence of tangent-space artificial noise, these results clarify analytically how noise fraction and constellation density enter the mismatch behavior; secrecy-rate implications require additional channel and adversary modeling.

Wenwen Chen, Bin Han, Yao Zhu et al.

Physical layer deception (PLD) combines physical layer security (PLS) with deception: the transmitter actively misleads the eavesdropper with falsified information. We model the transmitter-eavesdropper interaction as a Stackelberg game in which the transmitter commits to a resource allocation and encryption strategy, and each receiver best-responds by selecting among three decryption modes: Perception, Dropping, and Exclusion. Using semantic distortion as the metric, we derive closed-form switching surfaces that partition the parameter space into strategy regimes and identify conditions under which each regime dominates. The robust operating point, at the peak of the worst-case distortion envelope, is shown to be a Stackelberg equilibrium; iterative best-response dynamics oscillate around it with strictly lower time-averaged security. We evaluate the design under Nakagami-m fading with static and adaptive transmitter strategies, benchmarked against a classical PLS baseline. Numerical results validate the regime characterization and show 12-55% higher eavesdropper distortion than the erasure-only baseline across all fading conditions.

Siyu Yuan, Bin Han, Dennis Krummacker et al.

As a complement to conventional AI solutions, emergent intelligence (EI) exhibits competitiveness in 6G IIoT scenario for its various outstanding features including robustness, protection to privacy, and scalability. However, despite the low computational complexity, EI is challenged by its high demand of data traffic in massive deployment. We propose to leverage massive twinning, which 6G is envisaged to support, to reduce the data traffic in EI and therewith enhance its performance.

Bin Han, Dennis Krummacker, Qiuheng Zhou et al.

Enabled by the emerging industrial agent (IA) technology, swarm intelligence (SI) is envisaged to play an important role in future industrial Internet of Things (IIoT) that is shaped by Sixth Generation (6G) mobile communications and digital twin (DT). However, its fragility against data injection attack may halt it from practical deployment. In this paper we propose an efficient trust approach to address this security concern for SI.

Florian Lehn, Pascal Ahr, Hans D. Schotten

Static Random Access Memory (SRAM) Physically Unclonable Functions (PUFs) make use of intrinsic manufacturing variations in memory cells to derive device-unique responses. Employing such hardware-rooted fingerprints for authentication, this work demonstrates a threshold-based authentication proof of concept for constrained Industrial Internet of Things (IIoT) devices. The proposed scheme can reliably cap the the post-authentication bit error rate (BER) below 1 %. Inherent SRAM PUF unreliability is addressed by a resource-efficient combination of Hamming code (HC) Error Correction (EC) and Temporal Majority Voting (TMV). Increasing HC redundancy or TMV count significantly reduces the BER, albeit with diminishing returns and increasingly prohibitive computational overhead. Furthermore, this work quantifies the threshold gap between strict reliability and security constraints. This gap is reframed as a design budget which enables the resource-aware calibration of the acceptance threshold, PUF response length, and stabilization technique, without violating designed-for error limits. Larger responses make reliability optimizations increasingly obsolete. This comparative analysis establishes a comprehensive design space for PUF EC, guiding future implementations in balancing EC quality against resource constraints such as computational demand, power consumption, and implementation complexity.

Anasuya Chattopadhyay, Daniel Reti, Hans D. Schotten

Cloud networks increasingly rely on machine learning based Network Intrusion Detection Systems to defend against evolving cyber threats. However, real-world deployments are challenged by limited labeled data, non-stationary traffic, and adaptive adversaries. While semi-supervised learning can alleviate label scarcity, most existing approaches implicitly assume benign and stationary unlabeled traffic, leading to degraded performance in adversarial cloud environments. This paper proposes a robust semi-supervised temporal learning framework for cloud intrusion detection that explicitly addresses adversarial contamination and temporal drift in unlabeled network traffic. Operating on flow-level data, this framework combines supervised learning with consistency regularization, confidence-aware pseudo-labeling, and selective temporal invariance to conservatively exploit unlabeled traffic while suppressing unreliable samples. By leveraging the temporal structure of network flows, the proposed method improves robustness and generalization across heterogeneous cloud environments. Extensive evaluations on publicly available datasets (CIC-IDS2017, CSE-CIC-IDS2018, and UNSW-NB15) under limited-label conditions demonstrate that the proposed framework consistently outperforms state-of-the-art supervised and semi-supervised network intrusion detection systems in detection performance, label efficiency, and resilience to adversarial and non-stationary traffic.

Bin Han, Di Feng, Zexin Fang et al.

When users exercise data deletion rights under the General Data Protection Regulation (GDPR) and similar regulations, mobile network operators face a tradeoff: excessive machine unlearning degrades model accuracy and incurs retraining costs, yet existing pricing mechanisms for data retention require the server to know every user's private privacy and accuracy preferences, which is infeasible under the very regulations that motivate unlearning. We ask: what is the welfare cost of operating without this private information? We design an information-free ascending quotation mechanism where the server broadcasts progressively higher prices and users self-select their data supply, requiring no knowledge of users' parameters. Under complete information, the protocol admits a unique subgame-perfect Nash equilibrium characterized by single-period selling. We formalize the Price of Ignorance -- the welfare gap between optimal personalized pricing (which knows everything) and our information-free quotation (which knows nothing) -- and prove a three-regime efficiency ordering. Numerical evaluation across seven mechanisms and 5000 Monte Carlo runs shows that this price is near zero: the information-free mechanism achieves >=99% of the welfare of its information-intensive benchmarks, while providing noise-robust guarantees and comparable fairness.

Mohammad Asif Habibi, Bin Han, Meysam Nasimi et al.

Network slicing is considered to be one of the key enablers to Fifth Generation (5G) communication system. Legacy telecommunication networks have been providing various services to all kinds of customers through a single network infrastructure. In contrast, with the deployment of network slicing, operators are now able to partition entire network into different slices, each with its own configuration and Quality of Service (QoS) requirements. There are many applications across industry, each needs an independent slice with its own functions and features. All these applications open new business opportunities, which require new business models and therefore every single slice needs an individual Service Level Agreement (SLA). In this paper, we proposed a comprehensive end-to-end structure of SLA between tenant and service provider of slice-based 5G network, which balances the interests of both sides. The proposed SLA is expected to define reliability, availability, and performance of delivered telecommunication services in order to ensure that right information gets to the right destination at right time, safely and securely. We also discussed the metrics of slice-based network SLA such as throughput, penalty, cost, revenue, profit, and QoS related metrics, which we think are very critical to be considered during the agreement.

Donglin Wang, Anjie Qiu, Qiuheng Zhou et al.

The quest for ubiquitous mobile coverage has catalyzed two fundamentally distinct architectural paradigms: Direct-to-Cell (D2C) and standardized 3GPP Non-Terrestrial Networks (NTN). D2C, pioneered by SpaceX Starlink and AST SpaceMobile, leverages existing terrestrial spectrum and unmodified consumer handsets to provide emergency connectivity as a market-driven overlay. In contrast, 3GPP NTN, standardized across Releases 17-19, offers a systematic satellite-native framework designed for long-term scalability, high-throughput broadband, and deep integration with terrestrial 5G/6G networks. This paper presents a comprehensive technical comparison of these approaches, analyzing their standardization trajectories, network architectures, physical-layer innovations, security postures, and operational trade-offs. We further examine their implications for emerging 6G use cases, particularly autonomous driving, where safety-critical redundancy motivates a hybrid tri-link architecture combining terrestrial 5G, NTN broadband, and D2C emergency fallback. Our analysis shows that, although D2C enables rapid market entry through legacy-device compatibility, NTN provides superior performance, security, and scalability, positioning it as the foundational framework for 6G satellite-terrestrial convergence. A hybrid model that combines the strengths of both paradigms is identified as the most practical path toward truly global connectivity.

Anjie Qiu, Hans D. Schotten

Cloud-hosted LLM driver agents provide useful semantic judgments, but their inference latency exceeds stepwise vehicle-control windows. Learned world models predict futures, but they usually keep future generation and action selection inside large coupled loops. We present SteinsGateDrive, a latency-decoupled planner-runtime architecture in which the worldline metaphor from the eponymous story names one plausible consequence of an intervention: the LLM selects counterfactual driving futures before the final control instant, and a runtime reuses the selected forecast only while safety contracts remain valid. The generator builds three world-line roles: alpha nominal ego-conditioned futures, beta interaction counterfactuals around nearby vehicles, and gamma hazard-stress futures such as braking, cut-ins, or blocked corridors. The selected branch becomes a typed StrategicForecast with horizon, validity/abort conditions, fallback, and authority. On a within-subject, matched-seed normal-highway protocol with 10 seeds and 20 steps, GPT-5.4 mini reduces effective lag from +3.07 s at 1-second horizon to -0.01 s at 4-second horizon while preserving the measured no-collision safety boundary. The architecture's safety contribution comes from the atom-predicate runtime check, not from the drift score, which functions as a refresh-frequency knob.

Donglin Wang, Anjie Qiu, Qiuheng Zhou et al.

Non-terrestrial networks (NTN) have been standardized by the 3rd generation partnership project (3GPP) as a key component of future 6G systems to enhance coverage and resilience. In particular, NTN technologies such as low-earth orbit (LEO) satellites, high-altitude platform stations (HAPS), and unmanned aerial vehicles (UAVs) are expected to support terrestrial networks (TN) during extreme events and disasters. In this paper, we present a lightweight system-level simulator for evaluating post-failure fallback behavior in integrated TN-NTN wireless networks under a partial-failure disaster model. The simulator follows 3GPP Rel-17/18 modeling principles, supports probabilistic terrestrial next-generation node B (gNB) failures, and service migration to NTN. The simulator supports comparative analysis of throughput, packet reception ratio (PRR), and latency under different user loads, disaster severities, and NTN provisioning levels. Results show the expected capacity-delay tradeoff of terrestrial operation, the reliability and stability of non-terrestrial service, and the balanced resilience behavior of hybrid TN-NTN operation. The proposed framework provides a tractable tool for studying wireless network resilience and traffic management in future integrated 6G mobile systems.

Norman Becker, Daniel Reti, Evridiki V. Ntagiou et al.

Penetration testing is the process of searching for security weaknesses by simulating an attack. It is usually performed by experienced professionals, where scanning and attack tools are applied. By automating the execution of such tools, the need for human interaction and decision-making could be reduced. In this work, a Network Attack Simulator (NASim) was used as an environment to train reinforcement learning agents to solve three predefined security scenarios. These scenarios cover techniques of exploitation, post-exploitation and wiretapping. A large hyperparameter grid search was performed to find the best hyperparameter combinations. The algorithms Q-learning, DQN and A3C were used, whereby A3C was able to solve all scenarios and achieve generalization. In addition, A3C could solve these scenarios with fewer actions than the baseline automated penetration testing. Although the training was performed on rather small scenarios and with small state and action spaces for the agents, the results show that a penetration test can successfully be performed by the RL agent.

Mohammad Asif Habibi, Xavier Costa-Pérez, Hans D. Schotten

In this paper, we propose an rApp, named SliceMapper, to optimize the mapping process of the open centralized unit (O-CU) and open distributed unit (O-DU) of an open radio access network (O-RAN) slice subnet onto the underlying open cloud (O-Cloud) sites in sixth-generation (6G) O-RAN. To accomplish this, we first design a system model for SliceMapper and introduce its mathematical framework. Next, we formulate the mapping process addressed by SliceMapper as a sequential decision-making optimization problem. To solve this problem, we implement both on-policy and off-policy variants of the Q-learning algorithm, employing tabular representation as well as function approximation methods for each variant. To evaluate the effectiveness of these approaches, we conduct a series of simulations under various scenarios. We proceed further by performing a comparative analysis of all four variants. The results demonstrate that the on-policy function approximation method outperforms the alternative approaches in terms of stability and lower standard deviation across all random seeds. However, the on-policy and off-policy tabular representation methods achieve higher average rewards, with values of 5.42 and 5.12, respectively. Finally, we conclude the paper and introduce several directions for future research.

Leonard Kleinberger, Michael Gundall, Hans D. Schotten

Industrial 5G deployments using Time Division Duplex (TDD) networks face a critical challenge: existing schedulers rely on static configuration of Uplink (UL) to Downlink (DL) resource ratios, failing to adapt to dynamic asymmetric traffic demands. This limitation is particularly problematic in Industry 4.0 scenarios where traffic patterns exhibit significant asymmetry between directions and heterogeneous Quality of Service (QoS) requirements. We present FLEX, a novel QoS-aware scheduler that dynamically adjusts the UL/DL ratio in flexible TDD slots while respecting diverse QoS requirements. FLEX introduces DL buffer state estimation to prevent starvation of high-priority DL traffic, exploiting the deterministic nature of industrial traffic patterns for accurate predictions. Through extensive simulations of industrial scenarios using 5G LENA and ns-3, we demonstrate that FLEX achieves similar throughput compared to established scheduling while correctly enforcing QoS priorities in both traffic directions. For deterministic traffic patterns, FLEX maintains minimal latency overhead (less than 1 slot duration), making it particularly suitable for industrial automation applications.

Syed Waqas Ali, Ibrar Ali Shah, Farzana Zahid et al.

Security in cloud computing has become a major concern due to several factors such as layered cloud architectures, dynamic environments, and exposure to unseen or zero-day attacks. Moreover, intrusion detection systems (IDS) typically operate at specific layers and rely heavily on machine learning models, which often perform well in experimental settings but fail to sustain performance in real cloud deployments. In this work, we implement a confidence-aware multilevel intrusion detection system using reinforcement learning tailored for cloud environments. The system secures three distinct layers: network, host, and hypervisor. Machine learning models at each layer detect known attack patterns, while prediction confidence distinguishes reliable decisions from uncertain outcomes. Within the multi-gate flow, low-confidence events pass through a learned-threshold confidence gate (Gate-1), followed by a Chroma memory-matching gate (Gate-2), with unresolved events escalated to a large language model (LLM) for semantic analysis and explanation. Final attack promotion at Gate-3 uses calibrated LLM confidence or weighted-fusion fallback, while uncertain events are retained in a review bucket to avoid forced classification. Generated explanations and confirmed knowledge are stored in ChromaDB to support future analysis and retraining. The approach is first evaluated using static thresholds, establishing a baseline for comparison. Results show that the proposed system learns adaptive thresholds and reduces LLM escalation by 58.78%, lowering cost while maintaining strong performance (88.68% accuracy, 85.29% precision, 84.72% recall, 85.00% F1). The network and hypervisor layers achieve 98.02% and 97.08% accuracy, demonstrating a balanced and efficient detection system.

Zexin Fang, Bin Han, Anjie Qiu et al.

Reliable positioning is essential for Uncrewed Aerial Vehicles (UAVs) in safety-critical urban operations, yet achieving sub-meter accuracy under stringent latency constraints remains challenging. While 3rd Generation Partnership Project (3GPP) specifies repeated Positioning Reference Signals (PRS) transmissions for accurate Time Difference of Arrival (TDoA) measurements, denoising techniques specifically tailored for extremely limited measurement sequences within 3GPP frameworks remain underexplored. We propose Adaptive Gain Exponential Smoother (AGES), a lightweight filter combining exponentially weighted averaging with adaptive gains informed by 3GPP measurement quality reports. Simulations demonstrate AGES achieves 30-40% reduction in positioning error with only 3-5 repeated measurements while maintaining Fifth Generation New Radio (5G-NR) infrastructure compatibility.

Bin Han, Yulin Hu, Hans D. Schotten

Semantic communication conveys meaning rather than raw bits, but reliability at the semantic level remains an open challenge. We propose a semantic-level hybrid automatic repeat request (HARQ) framework for text communication, in which a Transformer-variational autoencoder (VAE) codec operates as a lightweight overlay on the conventional protocol stack. The stochastic encoder inherently generates diverse latent representations across retransmissions-providing incremental knowledge (IK) from a single model without dedicated protocol design. On the receiver side, a soft quality estimator triggers retransmissions and a quality-aware combiner merges the received latent vectors within a consistent latent space. We systematically benchmark six semantic quality metrics and four soft combining strategies under hybrid semantic distortion that mixes systematic bias with additive noise. The results suggest combining Weighted-Average or MRC-Inspired combining with self-consistency-based HARQ triggering for the best performance.

Anthony Kiggundu, Bin Han, Hans D. Schotten

We study how two information feeds, a closed-form Markov estimator of residual sojourn and an online trained actor-critic, affect reneging and jockeying in a dual M/M/1 system. Analytically, for unequal service rates and total-time patience, we show that total wait grows linearly so abandonment is inevitable and the probability of a successful jockey vanishes as the backlog approaches towards infinity. Furthermore, under a mild sub-linear error condition both information models yield the same asymptotic limits (robustness). We empirically validate these limits and quantify finite backlog differences. Our findings show that learned and analytic feeds produce different delays, reneging rates and transient jockeying behavior at practical sizes, but converge to the same asymptotic outcome implied by our theory. The results characterize when value-of-information matters (finite regimes) and when it does not (asymptotics), informing lightweight telemetry and decision-logic design for low-cost, jockeying-aware systems.

Anjie Qiu, Donglin Wang, Zexin Fang et al.

Cloud-hosted LLM inference for autonomous driving adds round-trip delay and depends on stable connectivity, while purely local edge models struggle under occlusion. We present SwarmDrive, a semantic Vehicle-to-Vehicle (V2V) coordination framework in which nearby vehicles run local Small Language Models (SLMs), share compact intent distributions only when uncertainty is high, and fuse them through event-triggered consensus. We evaluate SwarmDrive in a 5-seed executable study built around one occluded intersection case, combining matched operating-point comparisons with robustness sweeps. In that setting, SwarmDrive under its 6G communication setting ("Swarm 6G") raises success from 68.9% to 94.1% over a single local SLM while reducing latency from a 510 ms cloud reference to 151.4 ms. However, an increased number of participating vehicles leads to higher communication overhead and packet loss. SwarmDrive also evaluates the impact of swarm-size, packet-loss, and entropy-threshold sweeps and shows that the cooperative gain holds across ablations and is best balanced near an active swarm size of 4 vehicles and an entropy trigger threshold of 0.65 in the current prototype. These results show that semantic edge cooperation can work under tight latency constraints in the targeted intersection case, but they are not a deployment-grade validation of a real 6G stack.

Anjie Qiu, Donglin Wang, Sanket Partani et al.

The emergence of sixth-generation (6G) technologies has introduced new challenges and opportunities for machine learning (ML) applications in Internet of Things (IoT) networks, particularly concerning energy efficiency. As model training and data transmission contribute significantly to energy consumption, optimizing these processes has become critical for sustainable system design. This study first conduct analysis on the energy consumption model for both centralized and decentralized architecture and then presents a testbed deployed within the German railway infrastructure, leveraging sensor data for ML-based predictive maintenance. A comparative analysis of distributed versus Centralized Learning (CL) architectures reveals that distributed models maintain competitive predictive accuracy (~90%) while reducing overall electricity consumption by up to 70%. These findings underscore the potential of distributed ML to improve energy efficiency in real-world IoT deployments, particularly by mitigating transmission-related energy costs.

Zexin Fang, Bin Han, Zhuojun Tian et al.

Integrated Sensing and Communications (ISAC) enables trajectory sharing that enhances beamforming, resource allocation, and cooperative perception, yet raises fundamental privacy concerns under the General Data Protection Regulation (GDPR) data minimisation principle. This paper proposes a Fisher Information Density (FID)-constrained trajectory sharing framework that enforces a local lower bound on estimation uncertainty, providing hard, quantifiable privacy guarantees by construction. Unlike fixed-noise approaches, the proposed method bounds the Privacy Leak Ratio (PLR) regardless of sensing power or adversarial post-processing, ensuring that no trajectory segment can be reconstructed beyond a prescribed accuracy threshold. Simulations on the OpenTraj dataset demonstrate that the framework keeps the average PLR below 20-25% and the maximum leakage segment duration under 2-2.5 s, while preserving data utility for downstream tasks such as movement prediction. The resulting criterion is interpretable, model-agnostic, and compatible with GDPR-compliant ISAC system design.

Donglin Wang, Anjie Qiu, Qiuheng Zhou et al.

The rapid advancement of Vehicle-to-Everything (V2X) communication is transforming Intelligent Transportation Systems (ITS), with 6G networks expected to provide ultra-reliable, low-latency, and high-capacity connectivity for Connected and Autonomous Vehicles (CAVs). Artificial Intelligence (AI) and Machine Learning (ML) have emerged as key enablers in optimizing V2X communication by enhancing network management, predictive analytics, security, and cooperative driving due to their outstanding performance across various domains, such as natural language processing and computer vision. This survey comprehensively reviews recent advances in AI and ML models applied to 6G-V2X communication. It focuses on state-of-the-art techniques, including Deep Learning (DL), Reinforcement Learning (RL), Generative Learning (GL), and Federated Learning (FL), with particular emphasis on developments from the past two years. Notably, AI, especially GL, has shown remarkable progress and emerging potential in enhancing the performance, adaptability, and intelligence of 6G-V2X systems. Despite these advances, a systematic summary of recent research efforts in this area remains lacking, which this survey aims to address. We analyze their roles in 6G-V2X applications, such as intelligent resource allocation, beamforming, intelligent traffic management, and security management. Furthermore, we explore the technical challenges, including computational complexity, data privacy, and real-time decision-making constraints, while identifying future research directions for AI-driven 6G-V2X development. This study aims to provide valuable insights for researchers, engineers, and policymakers working towards realizing intelligent, AI-powered V2X ecosystems in 6G communication.

Anthony Kiggundu, Dennis Krummacker, Hans D. Schotten

To improve business efficiency and minimize costs, Artificial Intelligence (AI) practitioners have adopted a shift from formulating models from scratch towards sharing pretrained models. The pretrained models are then aggregated into a global model with higher generalization capabilities, which is afterwards distributed to the client devices. This approach is known as federated learning and inherently utilizes different techniques to select the candidate client models averaged to obtain the global model. This approach, in the case of communication systems, faces challenges arising from the existential diversity in device profiles. The multiplicity in profiles motivates our conceptual assessment of a metaheuristic algorithm (FedAvgen), which relates each pretrained model with its weight space as metadata, to a phenotype and genotype, respectively. This parent-child genetic evolution characterizes the global averaging step in federated learning. We then compare the results of our approach to two widely adopted baseline federated learning algorithms like Federated Averaging (FedAvg) and Federated Stochastic Gradient Descent (FedSGD).

Bin Han, Di Feng, Jie Wang et al.

The rapid growth of artificial intelligence (AI) has raised privacy concerns over user data, leading to regulations like the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). With the essential toolbox provided by machine unlearning, AI service providers are now able to remove user data from their trained models as well as the training datasets, so as to comply with such regulations. However, extensive data redemption can be costly and degrade model accuracy. To balance the cost of unlearning and the privacy protection, we propose a buyer-initiated auction mechanism for data redemption, enabling the service provider to purchase data from willing users with appropriate compensation. This approach does not require the server to have any a priori knowledge about the users' privacy preference, and provides an efficient solution for maximizing the social welfare in the investigated problem.

Anasuya Chattopadhyay, Daniel Reti, Hans D. Schotten

The early research report explores the possibility of using Graph Neural Networks (GNNs) for anomaly detection in internet traffic data enriched with information. While recent studies have made significant progress in using GNNs for anomaly detection in finance, multivariate time-series, and biochemistry domains, there is limited research in the context of network flow data. In this report, we explore the idea that leverages information-enriched features extracted from network flow packet data to improve the performance of GNN in anomaly detection. The idea is to utilize feature encoding (binary, numerical, and string) to capture the relationships between the network components, allowing the GNN to learn latent relationships and better identify anomalies.

Zexin Fang, Bin Han, Hans D. Schotten

Federated learning (FL) offers a privacy-preserving collaborative approach for training models in wireless networks, with channel estimation emerging as a promising application. Despite extensive studies on FL-empowered channel estimation, the security concerns associated with FL require meticulous attention. In a scenario where small base stations (SBSs) serve as local models trained on cached data, and a macro base station (MBS) functions as the global model setting, an attacker can exploit the vulnerability of FL, launching attacks with various adversarial attacks or deployment tactics. In this paper, we analyze such vulnerabilities, corresponding solutions were brought forth, and validated through simulation.

Bin Han, Hans D. Schotten

The next revolution of industry will turn the industries as well as the entire society into a human-centric shape. The human presence in industrial environment and the human participation in industrial processes will be magnified more than ever before. To cope with the emerging challenges raised by this revolution, 6G ambitions to bridge the three domains of digital information, physical assets and humans into one merged cyber-physical-human world. This proposes not only an unprecedented demand for digital twin solutions, but also new technical requirements. Especially, aiming at a human-centric industrial DT system, novel multi-sensory human-machine interfaces will play a key role in this paradigm shift.

Donglin Wang, Qiuheng Zhou, Sanket Partani et al.

Nowadays mobile communication is growing fast in the 5G communication industry. With the increasing capacity requirements and requirements for quality of experience, mobility prediction has been widely applied to mobile communication and has becoming one of the key enablers that utilizes historical traffic information to predict future locations of traffic users, Since accurate mobility prediction can help enable efficient radio resource management, assist route planning, guide vehicle dispatching, or mitigate traffic congestion. However, mobility prediction is a challenging problem due to the complicated traffic network. In the past few years, plenty of researches have been done in this area, including Non-Machine-Learning (Non-ML)- based and Machine-Learning (ML)-based mobility prediction. In this paper, firstly we introduce the state of the art technologies for mobility prediction. Then, we selected Support Vector Machine (SVM) algorithm, the ML algorithm for practical traffic date training. Lastly, we analyse the simulation results for mobility prediction and introduce a future work plan where mobility prediction will be applied for improving mobile communication.

Daniel Fraunholz, Marc Zimmermann, Hans D. Schotten

Since honeypots first appeared as an advanced network security concept they suffer from poor deployment and maintenance strategies. State-of-the-Art deployment is a manual process in which the honeypot needs to be configured and maintained by a network administrator. In this paper we present a method for a dynamic honeypot configuration, deployment and maintenance strategy based on machine learning techniques. Our method features an identification mechanism for machines and devices in a network. These entities are analysed and clustered. Based on the clusters, honeypots are intelligently deployed in the network. The proposed method needs no configuration and maintenance and is therefore a major advantage for the honeypot technology in modern network security.

Amina Lejla Ibrahimpasic, Bin Han, Hans D. Schotten

With a wide deployment of Multi-Access Edge Computing (MEC) in the Fifth Generation (5G) mobile networks, virtual network functions (VNF) can be flexibly migrated between difference locations, and therewith significantly enhances the network resilience to counter the degradation in quality of service (QoS) due to network function outages. A balance has to be taken carefully, between the loss reduced by VNF migration and the operations cost generated thereby. To achieve this in practical scenarios with realistic user behavior, it calls for models of both cost and user mobility. This paper proposes a novel cost model and a AI-empowered approach for a rational migration of stateful VNFs, which minimizes the sum of operations cost and potential loss caused by outages, and is capable to deal with the complex realistic user mobility patterns.

Lanfranco Zanzi, Vincenzo Sciancalepore, Andres Garcia-Saavedra et al.

Mass events represent one of the most challenging scenarios for mobile networks because, although their date and time are usually known in advance, the actual demand for resources is difficult to predict due to its dependency on many different factors. Based on data provided by a major European carrier during mass events in a football stadium comprising up to 30.000 people, 16 base station sectors and $1$Km$^2$ area, we performed a data-driven analysis of the radio access network infrastructure dynamics during such events. Given the insights obtained from the analysis, we developed ARENA, a model-free deep learning Radio Access Network (RAN) capacity forecasting solution that, taking as input past network monitoring data and events context information, provides guidance to mobile operators on the expected RAN capacity needed during a future event. Our results, validated against real events contained in the dataset, illustrate the effectiveness of our proposed solution.

Lanfranco Zanzi, Vincenzo Sciancalepore, Andres Garcia-Saavedra et al.

Network Slicing is expected to become a game changer in the upcoming 5G networks and beyond, enlarging the telecom business ecosystem through still-unexplored vertical industry profits. This implies that heterogeneous service level agreements (SLAs) must be guaranteed per slice given the multitude of predefined requirements. In this paper, we pioneer a novel radio slicing orchestration solution that simultaneously provides-latency and throughput guarantees in a multi-tenancy environment. Leveraging on a solid mathematical framework, we exploit the exploration-vs-exploitation paradigm by means of a multi-armed-bandit-based(MAB) orchestrator, LACO, that makes adaptive resource slicing decisions with no prior knowledge on the traffic demand or channel quality statistics. As opposed to traditional MAB methods that are blind to the underlying system, LACO relies on system structure information to expedite decisions. After a preliminary simulations campaign empirically proving the validness of our solution, we provide a robust implementation of LACO using off-the-shelf equipment to fully emulate realistic network conditions:near-optimal results within affordable computational time are measured when LACO is in place.

Bin Han, Hans D. Schotten

The emerging technology of multi-tenancy network slicing is considered as an essential feature of 5G cellular networks. It provides network slices as a new type of public cloud services, and therewith increases the service flexibility and enhances the network resource efficiency. Meanwhile, it raises new challenges of network resource management. A number of various methods have been proposed over the recent past years, in which machine learning and artificial intelligence techniques are widely deployed. In this article, we provide a survey to existing approaches of network slicing resource management, with a highlight on the roles played by machine learning in them.

Andreas Weinand, Raja Sattiraju, Michael Karrenbauer et al.

PHYSEC based message authentication can, as an alternative to conventional security schemes, be applied within \gls{urllc} scenarios in order to meet the requirement of secure user data transmissions in the sense of authenticity and integrity. In this work, we investigate the performance of supervised learning classifiers for discriminating legitimate transmitters from illegimate ones in such scenarios. We further present our methodology of data collection using \gls{sdr} platforms and the data processing pipeline including e.g. necessary preprocessing steps. Finally, the performance of the considered supervised learning schemes under different side conditions is presented.

Julian Ahrens, Lia Ahrens, Hans D. Schotten

In this paper, a machine learning method for predicting the evolution of a mobile communication channel based on a specific type of convolutional neural network is developed and evaluated in a simulated multipath transmission scenario. The simulation and channel estimation are designed to replicate real-world scenarios and common measurements supported by reference signals in modern cellular networks. The capability of the predictor meets the requirements that a deployment of the developed method in a radio resource scheduler of a base station poses. Possible applications of the method are discussed.

Simon Duque Anton, Daniel Fraunholz, Christoph Lipps et al.

Since the early 1960, industrial process control has been applied by electric systems. In the mid 1970's, the term SCADA emerged, describing the automated control and data acquisition. Since most industrial and automation networks were physically isolated, security was not an issue. This changed, when in the early 2000's industrial networks were opened to the public internet. The reasons were manifold. Increased interconnectivity led to more productivity, simplicity and ease of use. It decreased the configuration overhead and downtimes for system adjustments. However, it also led to an abundance of new attack vectors. In recent time, there has been a remarkable amount of attacks on industrial companies and infrastructures. In this paper, known attacks on industrial systems are analysed. This is done by investigating the exploits that are available on public sources. The different types of attacks and their points of entry are reviewed in this paper. Trends in exploitation as well as targeted attack campaigns against industrial enterprises are introduced.

Lia Ahrens, Julian Ahrens, Hans D. Schotten

In this paper we propose a novel machine-learning method for anomaly detection applicable to data with periodic characteristics where randomly varying period lengths are explicitly allowed. A multi-dimensional time series analysis is conducted by training a data-adapted classifier consisting of deep convolutional neural networks performing phase classification. The entire algorithm including data pre-processing, period detection, segmentation, and even dynamic adjustment of the neural networks is implemented for fully automatic execution. The proposed method is evaluated on three example datasets from the areas of cardiology, intrusion detection, and signal processing, presenting reasonable performance.

Amina Fellan, Christian Schellenberger, Marc Zimmermann et al.

Within the context of Industry 4.0, mobile robot systems such as automated guided vehicles (AGVs) and unmanned aerial vehicles (UAVs) are one of the major areas challenging current communication and localization technologies. Due to stringent requirements on latency and reliability, several of the existing solutions are not capable of meeting the performance required by industrial automation applications. Additionally, the disparity in types and applications of unmanned vehicle (UV) calls for more flexible communication technologies in order to address their specific requirements. In this paper, we propose several use cases for UVs within the context of Industry 4.0 and consider their respective requirements. We also identify wireless technologies that support the deployment of UVs as envisioned in Industry 4.0 scenarios.

Julian Ahrens, Mathias Strufe, Lia Ahrens et al.

Efficient network management is one of the key challenges of the constantly growing and increasingly complex wide area networks (WAN). The paradigm shift towards virtualized (NFV) and software defined networks (SDN) in the next generation of mobile networks (5G), as well as the latest scientific insights in the field of Artificial Intelligence (AI) enable the transition from manually managed networks nowadays to fully autonomic and dynamic self-organized networks (SON). This helps to meet the KPIs and reduce at the same time operational costs (OPEX). In this paper, an AI driven concept is presented for the malfunction detection in NFV applications with the help of semi-supervised learning. For this purpose, a profile of the application under test is created. This profile then is used as a reference to detect abnormal behaviour. For example, if there is a bug in the updated version of the app, it is now possible to react autonomously and roll-back the NFV app to a previous version in order to avoid network outages.

Bin Han, Lianghai Ji, Hans D. Schotten

In the context of Fifth Generation (5G) mobile networks, the concept of "Slice as a Service" (SlaaS) promotes mobile network operators to flexibly share infrastructures with mobile service providers and stakeholders. However, it also challenges with an emerging demand for efficient online algorithms to optimize the request-and-decision-based inter-slice resource management strategy. Based on genetic algorithms, this paper presents a novel online optimizer that efficiently approaches towards the ideal slicing strategy with maximized long-term network utility. The proposed method encodes slicing strategies into binary sequences to cope with the request-and-decision mechanism. It requires no a priori knowledge about the traffic/utility models, and therefore supports heterogeneous slices, while providing solid effectiveness, good robustness against non-stationary service scenarios, and high scalability.