Re: [Idnet] Summary 20170814 & IDN dedicated session call for case

Stenio Fernandes <sflf@cin.ufpe.br> Mon, 14 August 2017 18:09 UTC

Return-Path: <steniofernandes@gmail.com>
X-Original-To: idnet@ietfa.amsl.com
Delivered-To: idnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 385321323C4 for <idnet@ietfa.amsl.com>; Mon, 14 Aug 2017 11:09:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.4
X-Spam-Level:
X-Spam-Status: No, score=-2.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t9T3PyMRRw3V for <idnet@ietfa.amsl.com>; Mon, 14 Aug 2017 11:09:40 -0700 (PDT)
Received: from mail-yw0-x22d.google.com (mail-yw0-x22d.google.com [IPv6:2607:f8b0:4002:c05::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D44081323C0 for <idnet@ietf.org>; Mon, 14 Aug 2017 11:09:39 -0700 (PDT)
Received: by mail-yw0-x22d.google.com with SMTP id l82so59340486ywc.2 for <idnet@ietf.org>; Mon, 14 Aug 2017 11:09:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=naoam6jBeSCkukaDYYMiHXLH45eeMe+JrIjHyVXSSBc=; b=JUzLriZsj3N/VfBeRvPj7QJrLdZkkyD/4F4KaVSEoYlYSOdDrd3gkljgSq2U6if+qn sM5AXVFiQW4c5yqHco3Ih/J8cgWiOGRaS9Aefp0TMlrIsszrzEreY+1+yWHb5soZLyGD HnAOJs3MCFYYaiLnWhlPMvMq6/MBZotqmZ6zTo2QKTW56QH351nuDKcZej8yjKY5Qb4o H3v/oPxv13y7jzp7L1Xq07mhLqFAIwJ6jYXJW9hXuKOlie8wLr5Ved9d7/COuQkcAo74 RYdax77SJLMTwHcUjnWWWd4n3tOoadLl25qcpJbM5QnuNjnFWwENVeJvjdziLe3oGZVH d6XA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=naoam6jBeSCkukaDYYMiHXLH45eeMe+JrIjHyVXSSBc=; b=Yj8o1r+KQ/CAvBB4iSncwh3S7pPBuZSdRnAsPBmpT0/958RXuZYeSfagSHRjp7RB3C FHE3jDY/WGPRSM97FiCSvGreqcch2ic+UHJ2LmjLrDoI+/vw+8HWp9kQxInv0YZnin7w ZxW8wHOY1bcVrVBwtAIQBNTtHSO1DTd80wJAyvglgVIU9qo/czGeFE2kxp3FLg/Jo8Og V42ahtIs0aKuAJUcdio2lvMLlI7g4aj94zvoQtStIP19Mc+c1AlcckO1tyhs3hN6VtAx +p3Jw1svLaqMnZna861mWgGToUFkD4dvzkqpsyVr1uAkz9pErWqv4ZtzIPPrrWJuypf1 3vUw==
X-Gm-Message-State: AHYfb5hTK8CahDDWucaZdYqC/WhUT+H/uYEPTul6HHyTeHdH17pU+RR5 Ef/fjUYgR9FiON+fUTRbaAnJ9GkgLQ==
X-Received: by 10.37.42.134 with SMTP id q128mr2012949ybq.100.1502734178984; Mon, 14 Aug 2017 11:09:38 -0700 (PDT)
MIME-Version: 1.0
Sender: steniofernandes@gmail.com
Received: by 10.37.104.74 with HTTP; Mon, 14 Aug 2017 11:08:58 -0700 (PDT)
In-Reply-To: <78A2745BE9B57D4F9D27F86655EB87F92599490E@SJCEML701-CHM.china.huawei.com>
References: <6AE399511121AB42A34ACEF7BF25B4D2982F34@DGGEMM505-MBX.china.huawei.com> <78A2745BE9B57D4F9D27F86655EB87F92599490E@SJCEML701-CHM.china.huawei.com>
From: Stenio Fernandes <sflf@cin.ufpe.br>
Date: Mon, 14 Aug 2017 14:08:58 -0400
X-Google-Sender-Auth: hpGP4BOQFL-Ms8TwNfn2TZc2sL0
Message-ID: <CAPrseCrzJUfo==ATt9TZeqtXfNvR4XkPNTvVO5G_8TBn_pBnRg@mail.gmail.com>
To: Haoyu song <haoyu.song@huawei.com>
Cc: yanshen <yanshen@huawei.com>, "idnet@ietf.org" <idnet@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idnet/iSHQ07xChtJaokrJyQvPpPddXJI>
Subject: Re: [Idnet] Summary 20170814 & IDN dedicated session call for case
X-BeenThere: idnet@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "The IDNet \(Intelligence-Defined Network\) " <idnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idnet>, <mailto:idnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idnet/>
List-Post: <mailto:idnet@ietf.org>
List-Help: <mailto:idnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idnet>, <mailto:idnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Aug 2017 18:09:42 -0000

Haoyu,

I'm working on the anomaly detection use case and will send it to the
list this week.

Stenio

On Mon, Aug 14, 2017 at 12:47 PM, Haoyu song <haoyu.song@huawei.com> wrote:
> Yansen,
>
>
>
> I see two key use cases are missing in the current list: root cause analysis
> and anomaly detection. Those two are likely to use ML-based solutions and
> the first one has already received a lot of research.
>
>
>
> Haoyu
>
>
>
> From: IDNET [mailto:idnet-bounces@ietf.org] On Behalf Of yanshen
> Sent: Sunday, August 13, 2017 8:36 PM
> To: idnet@ietf.org
> Subject: [Idnet] Summary 20170814 & IDN dedicated session call for case
>
>
>
> Dear all,
>
>
>
> Here is a summary and some index (2017.08.14). Till now, whatever the case
> is supported or not, I tried to organize all the content and keep the core
> part. It is still welcome to contribute and discuss.
>
>
>
> If I miss something important, please let me know. Apologized in advance.
>
>
>
> Yansen
>
>
>
>
>
> ---------  Roadmap  ---------
>
> ***Aug. : Collecting the use cases (related with NM). Rough thoughts and
> requirements
>
> Sep. : Refining the cases and abstract the common elements
>
> Oct. : Deeply analysis. Especially on Data Format, control flow, or other
> key points
>
> Nov.: F2F discussions on IETF100
>
> ---------  Roadmap End  ---------
>
>
>
>
>
> 1. Gap and Requirement Analysis
>
>     1.1 Network Management requirement
>
>     1.2 TBD
>
> 2. Use Cases
>
>     2.1 Traffic Prediction
>
>                    Proposed by: yanshen@huawei.com
>
>                    Track:
> https://www.ietf.org/mail-archive/web/idnet/current/msg00131.html
>
>                    Abstract: Collect the history traffic data and external
> data which may influence the traffic. Predict the traffic in
> short/long/specific term. Avoid the congestion or risk in previously.
>
>
>
>     2.2 QoS Management
>
>                    Proposed by: yanshen@huawei.com
>
>                    Track:
> https://www.ietf.org/mail-archive/web/idnet/current/msg00131.html
>
>                    Abstract: Use multiple paths to distribute the traffic
> flows. Adjust the percentages. Avoid congestion and ensure QoS.
>
>
>
>     2.3 Application (and/or DDoS) detection
>
>                    Proposed by: aydinulas@gmx.net
>
>                    Track:
> https://www.ietf.org/mail-archive/web/idnet/current/msg00133.html
>
>                    Abstract: Detect the application (or attack) from network
> packets (HTTPS or plain) Collect the history traffic data and identify a
> service or attack (ex: Skype, Viber, DDoS attack etc.)
>
>
>
>          2.4 QoE Management
>
>                    Proposed by: albert.cabellos@gmail.com
>
>                    Track:
> https://www.ietf.org/mail-archive/web/idnet/current/msg00137.html
>
>                    Abstract: Collect low-level metrics (SNR, latency,
> jitter, losses, etc) and measure QoE. Then use ML to understand what is the
> relation between satisfactory QoE and the low-level metrics. As an example
> learn that when delay>N then QoE is degraded, but when M<delay<N then QoE is
> satisfactory for the customers (please note that QoE cannot be measured
> directly over your network). This is useful to understand how the network
> must be operated to provide satisfactory QoE.
>
>
>
>          2.5 (Encrypted) Traffic Classification
>
>                    Proposed by: jerome.francois@inria.fr; mskim16@etri.re.kr
>
>                    Track: [Jerome]
> https://www.ietf.org/mail-archive/web/idnet/current/msg00141.html ; [Min-Suk
> Kim] https://www.ietf.org/mail-archive/web/idnet/current/msg00153.html
>
>                    Abstract:
>
>                             [Jerome] collect flow-level traffic metrics such
> as protocol information but also meta metrics such as distribution of packet
> sizes, inter-arrival times... Then use such information to label the traffic
> with the underlying application assuming that the granularity of
> classification may vary (type of application, exact application name,
> version...)
>
>                             [Min-Suk Kim] continuously collect packet data,
> then applying learning process for traffic classification with generating
> application using deep learning models such as CNN (convolutional neural
> network) and RNN (recurrent neural network). Data-set to apply into the
> models are generated by processing with features of information from flow in
> packet data.
>
>
>
>          2.6 TBD
>
>
>
> 3. Data Focus
>
>     3.1 Data attribute
>
>     3.2 Data format
>
>     3.3 TBD
>
>
>
> 4. Support Technologies
>
>     4.1 Benchmarking Framework
>
>                    Proposed by: pedro@nict.go.jp
>
>                    Track:
> https://www.ietf.org/mail-archive/web/idnet/current/msg00146.html
>
>                    Abstract: A proper benchmarking framework comprises a set
> of reference procedures, methods, and models that can (or better *must*) be
> followed to assess the quality of an AI mechanism proposed to be applied to
> the network management/control area. Moreover, and much more specific to the
> IDNET topics, is the inclusion, dependency, or just the general relation of
> a standard format enforced to the data that is used (input) and produced
> (output) by the framework, so a kind of "data market" can arise without
> requiring to transform the data. The initial scope of input/output data
> would be the datasets, but also the new knowledge items that are stated as a
> result of applying the benchmarking procedures defined by the framework,
> which can be collected together to build a database of benchmark results, or
> just contrasted with other existing entries in the database to know the
> position of the solution just evaluated. This increases the usefulness of
> IDNET.
>
>
>
>     4.2 TBD
>
>
> _______________________________________________
> IDNET mailing list
> IDNET@ietf.org
> https://www.ietf.org/mailman/listinfo/idnet
>



-- 
Prof. Stenio Fernandes
CIn/UFPE
http://www.steniofernandes.com