Re: [Idnet] IDN dedicated session call for case

yanshen <yanshen@huawei.com> Wed, 02 August 2017 16:21 UTC

Return-Path: <yanshen@huawei.com>
X-Original-To: idnet@ietfa.amsl.com
Delivered-To: idnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 61A6E132012 for <idnet@ietfa.amsl.com>; Wed, 2 Aug 2017 09:21:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.22
X-Spam-Level:
X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cEoSsAMsgBPm for <idnet@ietfa.amsl.com>; Wed, 2 Aug 2017 09:21:07 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 91884131BBE for <idnet@ietf.org>; Wed, 2 Aug 2017 09:21:06 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml707-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DSP07095; Wed, 02 Aug 2017 16:21:04 +0000 (GMT)
Received: from DGGEMM401-HUB.china.huawei.com (10.3.20.209) by lhreml707-cah.china.huawei.com (10.201.108.48) with Microsoft SMTP Server (TLS) id 14.3.301.0; Wed, 2 Aug 2017 17:21:03 +0100
Received: from DGGEMM505-MBS.china.huawei.com ([169.254.2.173]) by DGGEMM401-HUB.china.huawei.com ([10.3.20.209]) with mapi id 14.03.0301.000; Thu, 3 Aug 2017 00:20:52 +0800
From: yanshen <yanshen@huawei.com>
To: Aydin Ulas <aydinulas@gmx.net>
CC: "idnet@ietf.org" <idnet@ietf.org>
Thread-Topic: [Idnet] IDN dedicated session call for case
Thread-Index: AdMLcu+vuWBrdNuZQwG6l2oQPpJcKAAGEPaw//+ILQD//1XWoA==
Date: Wed, 2 Aug 2017 16:20:51 +0000
Message-ID: <6AE399511121AB42A34ACEF7BF25B4D297A4E5@DGGEMM505-MBS.china.huawei.com>
References: <6AE399511121AB42A34ACEF7BF25B4D297A34A@DGGEMM505-MBS.china.huawei.com> <HE1PR0701MB2203FC7F918350B07EBB65F0E8B00@HE1PR0701MB2203.eurprd07.prod.outlook.com> <CA+kz0z0yysZptZaZ-6ERKbQXC+tXncOtSjEY9Y3VtTrB4YvN7g@mail.gmail.com>
In-Reply-To: <CA+kz0z0yysZptZaZ-6ERKbQXC+tXncOtSjEY9Y3VtTrB4YvN7g@mail.gmail.com>
Accept-Language: zh-CN, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.109.108.211]
Content-Type: multipart/alternative; boundary="_000_6AE399511121AB42A34ACEF7BF25B4D297A4E5DGGEMM505MBSchina_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A090203.5981FBF0.0193, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.2.173, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 3015a774b72f5099abd8270ae413b54b
Archived-At: <https://mailarchive.ietf.org/arch/msg/idnet/Co9VtgaVxZK3H1-jMCk42hFUQ2I>
Subject: Re: [Idnet] IDN dedicated session call for case
X-BeenThere: idnet@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "The IDNet \(Intelligence-Defined Network\) " <idnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idnet>, <mailto:idnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idnet/>
List-Post: <mailto:idnet@ietf.org>
List-Help: <mailto:idnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idnet>, <mailto:idnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Aug 2017 16:21:09 -0000

Hi Aydin,

Got it. Thanks for the first support.

This use case is based on the support of efficient measurement and recognition. Because the attack often happens within a short time. Some of the applications are similar. So that the processing time must be short enough. Therefore, a new use case in regard to measurement may be significant.

And we may have a deeper analysis in next weeks.

Regards,

Yansen

From: aydinulas@gmail.com [mailto:aydinulas@gmail.com] On Behalf Of Aydin Ulas
Sent: Wednesday, August 2, 2017 09:22 PM
To: yanshen <yanshen@huawei.com>om>; idnet@ietf.org
Subject: Re: [Idnet] IDN dedicated session call for case

Hi,
Here is my suggestion.

Use case N+1: Application (and/or DDoS) detection
        Description: Detect the application (or attack) from network packets (HTTPS or plain) Collect the history traffic data and identify a service or attack (ex: Skype, Viber, DDoS attack etc.)
        Process: 1. Data collection (e.g. traffic sample of application to be detected or attack dump); 2. Training Model (includes data correlation from different parts of the network); 3. Real-time data capture and input; 4. Output prediction; 5. Online or periodically updating model parameters according to changes in the application (or attack style)
        Data Format:   Time: [Timestamp, ...]
                                Data Packet: [Packet Header, optional: Packet Content or the first few bytes: src/dst ip, src/dst port, frame length/number, ...]
                                Direction: IN / OUT
                                Route : [R1, R2, ..., RN]
                                Traffic: [T0, T1, T2, ..., TN]
        Message :       Request: ask for the data
                                Reply: Identification of application
                                Notice: For notification or others
                                Policy: Control policy


Best regards,
Aydin

On Wed, Aug 2, 2017 at 3:35 PM, Ciavaglia, Laurent (Nokia - FR/Nozay) <laurent.ciavaglia@nokia-bell-labs.com<mailto:laurent.ciavaglia@nokia-bell-labs.com>> wrote:
Hello,

Hint: it would be nice to contact the NMRG chairs regarding the dedicated session you are mentioning.
Also, participants of the NMRG could/should be interested/aware and could eventually contribute to the effort.

Thanks, Laurent (as NMRG co-chair).
---

-----Original Message-----
From: IDNET [mailto:idnet-bounces@ietf.org<mailto:idnet-bounces@ietf.org>] On Behalf Of yanshen
Sent: Wednesday, August 02, 2017 12:12 PM
To: idnet@ietf.org<mailto:idnet@ietf.org>
Subject: [Idnet] IDN dedicated session call for case

Dear all,

Since we plan to organize a dedicated session in NMRG, IETF100, for applying AI into network management (NM), I’d try to list some Use Cases and propose a roadmap and ToC before Nov.

These might be rough. You are welcome to refine them and propose your focused use cases or ideas.

Use case 1: Traffic Prediction
        Description: Collect the history traffic data and external data which may influence the traffic. Predict the traffic in short/long/specific term. Avoid the congestion or risk in previously.
        Process: 1. Data collection (e.g. traffic sample of physical/logical port ); 2. Training Model; 3. Real-time data capture and input; 4. Predication output; 5. Fix error and go back to 3.
        Data Format:    Time : [Start, End, Unit, Number of Value, Sampling Period]
                                Position: [Device ID, Port ID]
                                Direction: IN / OUT
                                Route : [R1, R2, ..., RN]  (might be useful for some scenarios)
                                Service : [Service ID, Priority, ...]  (Not clear how to use it but seems useful)
                                Traffic: [T0, T1, T2, ..., TN]
        Message :       Request: ask for the data
                                Reply: Data
                                Notice: For notification or others
                                Policy: Control policy

Use case 2: QoS Management
        Description: Use multiple paths to distribute the traffic flows. Adjust the percentages. Avoid congestion and ensure QoS.
        Process: 1. Data capture (e.g. traffic sample of physical/logical port ); 2. Training Model; 3. Real-time data capture and input; 4. Output percentages; 5. Fix error and go back to 3.
        Data Format:    Time : [Timestamp, Value type (Delay/Packet Loss/...), Unit, Number of Value, Sampling Period]
                                Position: [Link ID, Device ID]
                                Value: [V0, V1, V2, ..., VN]
        Message :       Request: ask for the data
                                Reply: Data
                                Notice: For notification or others
                                Policy: Control policy

Use case N: Waiting for your Ideas

Also I suggest a roadmap before Nov if possible.

### Roadmap ###
Aug. : Collecting the use cases (related with NM). Rough thoughts and requirements Sep. : Refining the cases and abstract the common elements Oct. : Deeply analysis. Especially on Data Format, control flow, or other key points
Nov.: F2F discussions on IETF100
### Roadmap End ###

A rough ToC is listed in following. We may take it as a scope before Nov. Hope that the content could become the draft of draft.

###Table of Content###
1. Gap and Requirement Analysis
        1.1 Network Management requirement
        1.2 TBD
2. Use Cases
        2.1 Traffic Prediction
        2.2 QoS Management
        3.3 TBD
3. Data Focus
        3.1 Data attribute
        3.2 Data format
        3.3 TBD
4. Aims
        4.1 Benchmarking Framework
        4.2 TBD
###ToC End###


Yansen

_______________________________________________
IDNET mailing list
IDNET@ietf.org<mailto:IDNET@ietf.org>
https://www.ietf.org/mailman/listinfo/idnet
_______________________________________________
IDNET mailing list
IDNET@ietf.org<mailto:IDNET@ietf.org>
https://www.ietf.org/mailman/listinfo/idnet