Presentation is loading. Please wait.

Presentation is loading. Please wait.

Panagiotis Demestichas

Published byAllen Bryant Modified over 6 years ago

Similar presentations

Presentation on theme: "Panagiotis Demestichas"— Presentation transcript:

1 Panagiotis Demestichas
Applying Machine Learning Mechanism with Network Traffic (draft-jiang-nmlrg-traffic-machine-learning ) Sheng Jiang Bing Liu (Speaker) Panagiotis Demestichas Jerome Francois Giovane C. M. Moura Pere Barlet @NMLRG, ietf96, July 2016

2 Reminder NMLRG meeting in IETF95
Focused on ML (Machine Learning) applied in network traffic handling Some distinct use cases from different organizations were presented in the meeting draft-jiang-nmlrg-traffic-machine-learning Analyzing/Summarizing the methodology of learning from traffic Documenting use cases presented in ietf95 This presentation focuses on the draft itself:

3 Motivation: Why Focused on Network Traffic?
The user contents within traffic is becoming more diverse due to the development of various network services, and increasing use of encryption. It is more and more challenging for administrators to get aware of the network's running status (such as performance, failures, and security etc.) and efficiently manage the network traffic flows. It is natural to utilize machine learning technology to analyze the large mount of data regarding network traffic , to understand the network's status.

4 Methodology Analysis of Learning from Traffic
Data of the Network Traffic Data Source and Storage Architecture Considerations Closed Control Loop

5 Data of the Network Traffic (1/2)
Measurable properties Latency, packet count, session duration etc. These properties are very essential features, especially for use cases relevant to performance, QoS (Quality of Service), etc. Data within communication protocols Protocol headers: e.g. source/dest IP, port number Application protocols: e.g. FTP, HTTP(s), SMTP etc.

6 Data of the Network Traffic (2/2)
Type of user content e.g. file transfering/sharing, Web, , Video/Audio streaming etc. Data in network signaling protocols Traffic flows are managed or indirectly influenced by various network signaling protocols: Routing: IGP/BGP, MPLS-TE, Segment Routing etc. P2P

7 Data Collection and Storage
Forwarding devices: in theory they could collect any kind of data in the traffic; however, mostly they’re suitable to collect data such as measurable properties, protocol information. Source/dest nodes: especially for servers, they could provide session data, application data etc. The devices either collect data to a central repository for storage and learning, or collect and store the data by themselves for local learning.

8 Architecture Considerations (1/3)
Global learning vs. local learning Global learning refers to the tasks that are mostly network- level, so that they need to be done in a global viewpoint. Local learning is more applicable to the tasks that are only relevant to one or a limited group of devices, and they could be done directly within that one node or that limited group of nodes. In this case of grouped nodes, the data may also need to be transited from the data source entity to learning entity.

9 Architecture Considerations (2/3)
Offline & online learning Co-located mode: training (offline, based on historic data) and prediction (online, based on real-time data) are both done within the same entity. De-coupled mode: training is done in the central repository, and prediction is made by the routers/switches/firewalls or other devices that directly process the network traffic.

10 Architecture Considerations (3/3)
Central learning & distributed learning Central learning means the learning process is done at a single entity, which is either a central repository or a node. Distributed learning refer to ensemble learning that multiple entities do the learning simultaneously and ensemble the results together to sort out a final results. Since network devices are naturally distributed, it could be foreseen that ensemble learning is a good approach for a certain of use cases..

11 Closed Control Loop Forming a closed control loop with the prediction/decision made by machine learning: could be directly used on manipulating the network traffic changing the device configuration, etc. Closed control loop might be suitable only for a small set of the use cases, due to the limited accuracy of machine learning technologies. some critical usages simply cannot tolerate any false decision.

12 Next Step Contributions and reviews are needed
Is there something important missing? Improvement of methodology analysis Improvement of use case description

13 Comments? Thank you! IETF96, Berlin

Download ppt "Panagiotis Demestichas"

Similar presentations

Managing Data Resources

Managing Data Resources
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Draft-li-rtgwg-cc-igp-arch-00IETF 88 RTGWG1 An Architecture of Central Controlled Interior Gateway Protocol (IGP) draft-li-rtgwg-cc-igp-arch-00 Zhenbin.

Draft-li-rtgwg-cc-igp-arch-00IETF 88 RTGWG1 An Architecture of Central Controlled Interior Gateway Protocol (IGP) draft-li-rtgwg-cc-igp-arch-00 Zhenbin.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Chapter 6: Packet Filtering

Chapter 6: Packet Filtering
INSTALLING MICROSOFT EXCHANGE SERVER 2003 CLUSTERS AND FRONT-END AND BACK ‑ END SERVERS Chapter 4.

INSTALLING MICROSOFT EXCHANGE SERVER 2003 CLUSTERS AND FRONT-END AND BACK ‑ END SERVERS Chapter 4.
Doc.: IEEE 802 ec-12/0006r0 Submission Liaison presentation to SC6 regarding Internet Security Date: 2012-February-13 Authors: IEEE 802 LiaisonSlide 1.

Doc.: IEEE 802 ec-12/0006r0 Submission Liaison presentation to SC6 regarding Internet Security Date: 2012-February-13 Authors: IEEE 802 LiaisonSlide 1.
OS Services And Networking Support Juan Wang Qi Pan Department of Computer Science Southeastern University August 1999.

OS Services And Networking Support Juan Wang Qi Pan Department of Computer Science Southeastern University August 1999.
Uni Innsbruck Informatik - 1 Network Support for Grid Computing... a new research direction! Michael Welzl DPS NSG Team

Uni Innsbruck Informatik - 1 Network Support for Grid Computing... a new research direction! Michael Welzl DPS NSG Team
POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (1) 1.Introduction.

POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (1) 1.Introduction.
Overview on Web Caching COSC 513 Class Presentation Instructor: Prof. M. Anvari Student name: Wei Wei ID: 103765.

Overview on Web Caching COSC 513 Class Presentation Instructor: Prof. M. Anvari Student name: Wei Wei ID:
Theme Guidance - Network Traffic Proposed NMLRG IETF 95, April 2016 Sheng Jiang (Speaker, Co-chair) Page 1/6.

Theme Guidance - Network Traffic Proposed NMLRG IETF 95, April 2016 Sheng Jiang (Speaker, Co-chair) Page 1/6.
Managing Data Resources File Organization and databases for business information systems.

Managing Data Resources File Organization and databases for business information systems.
IETF-95 (Buenos Aires) Proposed NMLRG Meetings (Network Machine Learning) Thursday Morning session I, 10:00-12:30 Buen Ayre A Proposed NMLRG Last update:

IETF-95 (Buenos Aires) Proposed NMLRG Meetings (Network Machine Learning) Thursday Morning session I, 10:00-12:30 Buen Ayre A Proposed NMLRG Last update:
ML in the Routers: Learn from and Act on Network Traffic Bing ietf95, April 2016 1.

ML in the Routers: Learn from and Act on Network Traffic Bing ietf95, April
Bing Liu (speaker), Sheng WG, ietf96, July 2016

Bing Liu (speaker), Sheng WG, ietf96, July 2016
Introduction to Machine Learning, its potential usage in network area,

Introduction to Machine Learning, its potential usage in network area,
What is BizTalk ? www.OnlineItGuru.com.

What is BizTalk ?
Chapter 19: Network Management

Chapter 19: Network Management

Similar presentations

Ads by Google