DevEX - reference for building teams, processes, and platforms
Defining ontologies for IP traffic measurements at MOI ISG
1. Defining ontologies for IP traffic
measurements
at MOI ISG
Jorge E. López de Vergara
MOI ISG Chairman
http://portal.etsi.org/portal/server.pt/community/MOI
jorge.lopez_vergara@uam.es
This work has been partially funded by the FP7 Openlab project
2. Aim & Scope
There are many systems to monitor network traffic, providing
measurements about delay, jitter, capacity, packet loss, etc.
• They use different data structures, they provide it in different units
and sometimes they use different algorithms
A common information model of network measurement
parameters and units has to be agreed.
• To clarify SLAs, to exchange network monitoring information, to mix
information from several sources, to develop complex monitoring
systems
Defining ontologies for IP traffic measurements at MOI ISG2
3. Content
MOI ISG presentation
Why using ontologies?
MOI Work Items
• Report on information models for IP traffic measurement
• Requirements for ontologies development
• IP traffic measurement ontologies architecture
Conclusions and future directions
Defining ontologies for IP traffic measurements at MOI ISG3
4. MOI ISG: Measurement Ontology for IP traffic
MOI was created as an ETSI ISG to enable the specification of
an ontology for IP network traffic measurements
This ISG includes in its members network operators, SMEs,
research centers and universities
The work done at MOI is very related to past and present EU
FP7 projects: MOMENT, PRISM, NOVI and OpenLab
It has completed three documents (Work Items):
• WI#1: Report on information models for IP traffic measurement
• WI#2: Requirements for IP traffic measurement ontologies
development
• WI#3: IP traffic measurement ontologies architecture
Defining ontologies for IP traffic measurements at MOI ISG4
5. Why an ontology?
An ontology is an explicit and formal specification of a shared
conceptualization
• Explicit: it includes concepts, properties, relationships, functions, axioms
and restrictions.
• Formal: it can be interpreted by machines
• Shared: agreed among groups of experts
• Conceptualization: abstract model of the represented domain
Ontologies are currently used in every information models, due
to its capabilities and the developed tools from the semantic
web community
The definition of the MOI ontology will allow:
• To process information semantically
• Enabling a unique framework to understand traffic measurements
• Making easier mappings with other models
Defining ontologies for IP traffic measurements at MOI ISG5
6. WI#1: Report on information models for
IP traffic measurement
It describes other existing information models for network
measurements
• IETF: SNMP MIBs, IPFIX, IPPM…
• Open Grid Forum: measurements in XML
• CAIDA: DatCat
• Other: ITU’s M.3100, DMTF’s CIM, TMF’s SID…
Active and passive network measurement repositories are
also described:
• MOME, LOBSTER, RIPE, ETOMIC, DIMES, MINER…
Main conclusion:
• Too many incompatible information models
• None of them have addressed the integration problem at a semantic
level
• MOI ontology will be a good approach
Defining ontologies for IP traffic measurements at MOI ISG6
7. WI#2: Requirements for
ontologies development
Key performance indicators
• Delay and delay variation
• Packet errors, losses, reordering, duplicates
• Connectivity and availability
• Throughput
Use cases
• IP network characterization
• QoS measurements
• Traffic monitoring for security applications
• Autonomic network management
• Law enforcement
Requirements derived from the use cases
Other general requirements: expandability, interoperability,
performance
The next document is based on this one
Defining ontologies for IP traffic measurements at MOI ISG7
8. WI#3: IP traffic measurement
ontologies architecture
Main contribution of this ISG to date
Ontology architecture
• General concepts ontology, units
• Data ontology
• Metadata ontology
• Security and privacy
Assessment of the use cases
• Evaluation of the requirements defined before
Defining ontologies for IP traffic measurements at MOI ISG8
9. WI#3: IP traffic measurement
ontologies architecture
Initial ontology architecture
• General concepts in the network measurement domain
• Units Adapted from NASA units ontology
• Metadata Based on CAIDA’s DatCat
• Data Using OGF/Perfsonar and IETF IPPM properties
• Anonymization
This architecture allows working with the complexity of the
problem, as well as future extensions
Defining ontologies for IP traffic measurements at MOI ISG9
General concepts
Units
Metadata Data Anonymization
10. WI#3: IP traffic measurement
ontologies architecture
General concepts
• A network is a set of Elements in concrete locations
transmitting information at a certain time.
• Other concepts described here: the communication stack,
its protocols and structure of the elements of information,
or the behavior of the network elements.
• All these concepts are used in the more specific ontologies
Defining ontologies for IP traffic measurements at MOI ISG10
General concepts
Units
Metadata Data Anonymization
11. WI#3: IP traffic measurement
ontologies architecture
Units ontology
• The set of interpretable units used in network
measurements
• Including bit, byte, bps, network address (not defined before in NASA
units ontology)
• Metric system (Kilo=103) and binary scales (Kibi=210)
• IP address transformation rules (e.g. 32 bit, dotted)
• With this ontology the conversion between available
measurement units is inferred
Defining ontologies for IP traffic measurements at MOI ISG11
General concepts
Units
Metadata Data Anonymization
12. WI#3: IP traffic measurement
ontologies architecture
Metadata ontology
• Based on CAIDA’s DatCat, but adding semantics and
relationships to the other ontologies
• It provides information about what , when was measured,
who measured it, and where such measurement can be
located.
• It is also possible to relate the metadata with data
measurement instances
Defining ontologies for IP traffic measurements at MOI ISG12
General concepts
Units
Metadata Data Anonymization
13. WI#3: IP traffic measurement
ontologies architecture
Data ontology
• Measurement
• MeasurementData
• Is a container for the value, not the value itself
• MeasurementData facets
• Data Type
• Default Unit
• Index
Defining ontologies for IP traffic measurements at MOI ISG13
General concepts
Units
Metadata Data Anonymization
Measurement
MeasurementData
MeasurementData
facet
14. WI#3: IP traffic measurement
ontologies architecture
Anonymization ontology
• Identify the “common vocabulary” for the various anonymization
components
• Models possible Anonymization Strategies
• Different policies can be defined to obfuscate privacy-related fields of
Internet measurements
• Considers User Roles and Usage Purposes
• Infer the correct strategy based on role and purpose assigned to user
by the software system or the community
Defining ontologies for IP traffic measurements at MOI ISG14
General concepts
Units
Metadata Data Anonymization
15. Conclusions and future directions
There are several incompatible information models for
network measurements
Need for a measurement ontology to homogenize network
measurement data, working at a semantic level
Ontology architecture has been structured in several sub-
ontologies to deal with the complexity of the problem
We have to address the final specification of a pure MOI
ontology.
We are looking for people interested in using the ontology,
aside from FP7 projects
Defining ontologies for IP traffic measurements at MOI ISG15
16. Defining ontologies for IP traffic
measurements
at MOI ISG
Jorge E. López de Vergara
MOI ISG Chairman
http://portal.etsi.org/portal/server.pt/community/MOI
jorge.lopez_vergara@uam.es