Data Mining Challenges for Network Management Nick Feamster, Georgia Tech Dave Andersen, CMU (joint with Jay Lepreau and Emulab)

Slides:

Advertisements

Similar presentations

Enterprise Network Troubleshooting Nick Feamster Georgia Tech (joint with Russ Clark, Yiyi Huang, Anukool Lakhina, Manas Khadilkar, Aditi Thanekar)

Advertisements

Improving Internet Availability. Some Problems Misconfiguration Miscoordination Efficiency –Market efficiency –Efficiency of end-to-end paths Scalability.

Enterprise Network Troubleshooting Nick Feamster Georgia Tech (joint with Russ Clark, Yiyi Huang, Anukool Lakhina, Manas Khadilkar, Aditi Thanekar)

1 Diagnosing Network Disruptions with Network-wide Analysis Yiyi Huang, Nick Feamster, Anukool Lakhina*, Jim Xu College of Computing, Georgia Tech * Guavus,

Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.

Diagnosing Network Disruptions with Network-wide Analysis Yiyi Huang, Nick Feamster, Anukool Lakhina, Jim Xu College of Computing, Georgia Tech Boston.

Networking Research Nick Feamster CS Nick Feamster Ph.D. from MIT, Post-doc at Princeton this fall Arriving January 2006 –Here off-and-on until.

Challenges in Making Tomography Practical

Research Summary Nick Feamster. The Big Picture Improving Internet availability by making networks easier to operate Three approaches –From the ground.

Internet Availability Nick Feamster Georgia Tech.

Nick Feamster Research Interest: Networked Systems Arriving January 2006 Likely teaching CS 7260 in Spring 2005 Here off-and-on until then. works.

Campus Testbed for Network Management and Operations Nick Feamster Georgia Tech Joint with Ankur Nayak, Russ Clark, Ron Hutchins, Campus OIT Also input.

Multihoming and Multi-path Routing

Nick Feamster Research: Network security and operations Teaching CS 7260 in Spring 2007 CS 7001 Mini-projects: –

The Datapository Dave Andersen, CMU James Moss, CMU Nick Feamster, Georgia Tech

Network Troubleshooting: rcc and Beyond Nick Feamster Georgia Tech (joint with Russ Clark, Yiyi Huang, Anukool Lakhina)

1 Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.

Network Operations Research Nick Feamster

Theory Lunch. 2 Problem Areas Network Virtualization for Experimentation and Architecture –Embedding problems –Economics problems (markets, etc.) Network.

Multihoming and Multi-path Routing

Security Administration Tools and Practices Amit Bhan Usable Privacy and Security.

Logically Centralized Control Class 2. Types of Networks ISP Networks – Entity only owns the switches – Throughput: 100GB-10TB – Heterogeneous devices:

Locating Prefix Hijackers using LOCK Tongqing Qiu +, Lusheng Ji *, Dan Pei * Jia Wang *, Jun (Jim) Xu +, Hitesh Ballani ++ + College of Computing, Georgia.

BGP Multiple Origin AS (MOAS) Conflict Analysis Xiaoliang Zhao, NCSU S. Felix Wu, UC Davis Allison Mankin, Dan Massey, USC/ISI Dan Pei, Lan Wang, Lixia.

GlobalRoute sm Service Overview For NANOG 25 June 11th, 2002 GlobalRoute sm Service Overview For NANOG 25 June 11th, 2002.

1 BGP Anomaly Detection in an ISP Jian Wu (U. Michigan) Z. Morley Mao (U. Michigan) Jennifer Rexford (Princeton) Jia Wang (AT&T Labs)

How Can You Have QoS When… Jennifer Rexford AT&T Labs--Research.

By Hitesh Ballani, Paul Francis, Xinyang Zhang Slides by Benson Luk for CS 217B.

Traffic Engineering With Traditional IP Routing Protocols

1 Controlling High Bandwidth Aggregates in the Network.

Accurate Real-Time Identification of IP Prefix Hijacking Z. Morley Mao Xin Hu 2007 IEEE Symposium on and Privacy Oakland, California 2007 IEEE Symposium.

Network Protocols Designed for Optimizability Jennifer Rexford Princeton University

Integrated Scientific Workflow Management for the Emulab Network Testbed Eric Eide, Leigh Stoller, Tim Stack, Juliana Freire, and Jay Lepreau and Jay Lepreau.

CS Summer 2003 Quiz 1 A1) IGP (IS-IS, OSPF) BGP A2) Stub Transit. because it is adverting AS2’s routes to AS1 and vice versa. A3) Traffic discarded.

Routing problems are easy to cause, and hard to diagnose (“Happy operators make happy packets”) Jennifer Rexford AT&T Labs—Research

A Routing Control Platform for Managing IP Networks Jennifer Rexford Princeton University

Impact of BGP Dynamics on Intra-Domain Traffic Patterns in the Sprint IP Backbone Sharad Agarwal, Chen-Nee Chuah, Supratik Bhattacharyya, Christophe Diot.

Measurement and Monitoring Nick Feamster Georgia Tech.

Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932

BGP Wedgies ---- Bad Policy Interactions that Cannot be Debugged JaNOG / Kyushu

A victim-centric peer-assisted framework for monitoring and troubleshooting routing problems.

Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,

Chapter 27 Q and A Victor Norman IS333 Spring 2015.

OSPF To route, a router needs to do the following: Know the destination address Identify the sources it can learn from Discover possible.

What Data Do We Need and Why Do We Need It? Jim Pepin Chief Technology Officer University of Southern California.

Nick Feamster Interdomain Routing Correctness and Stability.

Yaping Zhu with: Jennifer Rexford (Princeton University) Subhabrata Sen and Aman Shaikh (AT&T Labs-Research) Impact of Prefix-Match.

Towards a Logic for Wide- Area Internet Routing Nick Feamster Hari Balakrishnan.

Authors Renata Teixeira, Aman Shaikh and Jennifer Rexford(AT&T), Tim Griffin(Intel) Presenter : Farrukh Shahzad.

Optimizing Cost and Performance in Online Service Provider COSC7388 – Advanced Distributed Computing Presented By: Eshwar Rohit

Traffic Engineering for ISP Networks Jennifer Rexford Internet and Networking Systems AT&T Labs - Research; Florham Park, NJ

Happy Network Administrators  Happy Packets  Happy Users WIRED Position Statement Aman Shaikh AT&T Labs – Research October 16,

Towards an Internet that “Never Fails” Hari Balakrishnan MIT Joint work with Nick Feamster, Scott Shenker, Mythili Vutukuru.

Interdomain Routing Security. How Secure are BGP Security Protocols? Some strange assumptions? – Focused on attracting traffic from as many Ases as possible.

A Firewall for Routers: Protecting Against Routing Misbehavior1 June 26, A Firewall for Routers: Protecting Against Routing Misbehavior Jia Wang.

Detection of Routing Loops and Analysis of Its Causes Sue Moon Dept. of Computer Science KAIST Joint work with Urs Hengartner, Ashwin Sridharan, Richard.

02/01/2006USC/ISI1 Updates on Routing Experiments Cyber DEfense Technology Experimental Research (DETER) Network Evaluation Methods for Internet Security.

ETRI meeting (Sep 14, 2004) -- Dongkee LEE 1 Internet Routing Anomaly Monitoring System Dongkee LEE.

BGP Routing Stability of Popular Destinations Jennifer Rexford, Jia Wang, Zhen Xiao, and Yin Zhang AT&T Labs—Research Florham Park, NJ All flaps are not.

Bringing External Connectivity and Experimenters to GENI Nick Feamster Georgia Tech.

Introduction of An Engineering Project for KOREN/APII Seung-Joon Seok Korea University.

1 On the Impact of Route Monitor Selection Ying Zhang* Zheng Zhang # Z. Morley Mao* Y. Charlie Hu # Bruce M. Maggs ^ University of Michigan* Purdue University.

BGP Routing Stability of Popular Destinations

Jian Wu (University of Michigan)

Network Monitoring System

COS 561: Advanced Computer Networks

BGP Multiple Origin AS (MOAS) Conflict Analysis

COS 561: Advanced Computer Networks

BGP Security Jennifer Rexford Fall 2018 (TTh 1:30-2:50 in Friend 006)

Presentation transcript:

Data Mining Challenges for Network Management Nick Feamster, Georgia Tech Dave Andersen, CMU (joint with Jay Lepreau and Emulab)

Reactive Operation Problems cause downtime Problems often not immediately apparent What happens if I tweak this policy…? ConfigureObserve Wait for Next Problem Desired Effect? Revert No Yes

Proactive Techniques Better: Proactive Operation Idea: Analyze configuration before deployment Configure rcc Detect Faults Deploy Many faults can be detected with static analysis. Predict Traffic Flow

Dynamics for Network Management Problem: Many problems cant be detected from static configuration analysis of a single AS Dependencies on neighboring ASes –Contract violations –Route hijacks –BGP wedgies –Filtering Dependencies on route arrivals –Simple network configurations can oscillate, but operators cant tell until the routes actually arrive. Threshold-based anomaly detection schemes cannot detect these problems.

Network Management Challenges Infrastructure support for data management –Heterogeneous DB support for longest-prefix match would make correlation of routing and traffic data (joint analysis) much easier –Large volumes –Need for real-time analysis (e.g., for anomalies/intrusion detection) Algorithmic support for data mining –Support for joint analysis –Threshold-based schemes dont work for Small traffic blips Small routing blips Support for proactive, offline analysis of routing dynamics –Analyzing configuration changes, etc. Support for online control

Challenge 1: Infrastructure Support Separate: collection, storage, analysis Collection: abstract type, format, and access method

Challenge 2: Algorithmic Support Blips across signals may be more operationally interesting than any spike in one.

Challenge 3: Proactive Fault Detection Configure Static Fault Detection Construct Network Model Dynamic Analysis In Emulation Deploy Proactive Techniques Existing Routes (e.g., from Datapository) A possibility: detect configuration faults by observing playback of routing dynamics What-if analysis in a safe sandbox.

Challenge 4: Support for Online Control Probes BGP updates IGP updates Netflow Router Configs Compute Engine (input processing) Storage and DB Anomaly Detection Network-Wide Route Selection, Filter deployment, etc. Given a system to monitor, why not also use it for control?