Semantic Interpretation of Internet Monitoring Data Ian Napier

Semantic Interpretation of Internet Monitoring Data Ian Napier

Semantic Interpretation of Internet Monitoring Data Ian Napier PhD Student, Dept of Computer Science Loughborough University Supervisors : Dr Iain Phillips Dr Lin Guan Multi-Service Networks Workshop, Coseners House 2009 Example Scenario : Intersite VPN Multi-Service Networks Workshop, Coseners House 2009 Wheres the gap?

Multi-Service Networks Workshop, Coseners House 2009 Data Usage Problems Different published formats (PCAP files, CSV, HTML, spreadsheets, databases etc.) How to access and combine these? Inconsistent or Conflicting data (eg : AS level topology from BGP updates or Active probing methods [4]). How to mediate? Understanding the significance of, and relationship between disparate data. Interpretation and semantics need domain expertise. How to encapsulate this knowledge? RDF data models and Ontologies are one approach. Multi-Service Networks Workshop, Coseners House 2009

Ontology Summary A nice general definition : An Ontology is a structure capturing semantic knowledge about a certain domain by describing relevant concepts and relations between them. [5] data metadata Ontology (knowledge model) knowledge High-Level Information

Multi-Service Networks Workshop, Coseners House 2009 Introduction to Semantic Web Tools Layered Approach, built on the foundation of the Resource Description Framework (RDF) and the RDF triple Statement : predicate (property) SUBJECT OBJECT cos:locatedIn cos:Coseners Hotel cos:Oxfordshire cos:hasCountyTown

149,100 cos:Oxford cos:hasPopulation cos = http://nets.lboro.ac.uk/home/coidn/cosenersontology.rdf/ Multi-Service Networks Workshop, Coseners House 2009 Semantic Web Languages Query (SPARQL) Reasoners (Pellet,Fact) / Rules (SWRL) Ontology Languages (RDFS and OWL) Data Modelling (RDF)

Multi-Service Networks Workshop, Coseners House 2009 Conceptual System Outline Local data (eg:Packet traces, traceroutes) Queries Application Reasoner/Rules Ontology Data Converters (eg: PCAP to RDF)

Public data RDF Triple Store Serialisers/Parsers (eg: RIPE) Multi-Service Networks Workshop, Coseners House 2009 RDF/XML files Sample Ontology : Graph snippet owl:equivalentClass

rdf:type Lboro : TCPFlow1 INDIVIDUALS rdf:type rdf:type lboro : hasDST IP Lboro : DSTIP1 lboro : hasValue 82.233.12.2 Multi-Service Networks Workshop, Coseners House 2009 Sample Ontology : RDF/XML snippet

false 80 Multi-Service Networks Workshop, Coseners House 2009 Next Steps

Expand ontology domain to include more data, specifically more converters. Develop richer semantics (predicates). Develop queries and application, liaising with industry. Initially concentrate on AS topology data and local packet captures. Thank You. Any questions? Multi-Service Networks Workshop, Coseners House 2009 References and Reading References [1] RIPE. www.ripe.net. [2] Colleen Shannon; David Moore; Ken Keys; Marina Fomenkov; Brad- ley Huaker; K.Clay. The internet measurement data catalog. ACM SIG- COMM Computer

Communication Review, 35:97 100, 2005. [3] MOME. www.ist-mome.org. [4] Mahadevan; Krioukov; Formenkov; Huaker; Dimitropoulos;Clay;Vahdat. The internet as-level topology:three data sources and one denitive metric. In ACM/SIGCOMM Computer Communications Review Vol 36 Jan2006, 2006. [5] Marko Grobelnik; Dunja Mladenic. Semantic Web Technologies: Trends and Research in Ontology Based Systems, chapter 2. Knowledge Discovery for Ontology Construction. John Wiley and Sons, The Atrium, Southern Gate, Chichester, West Sussex, PO19 8SQ, England, rst edition, 2006. Recommended Reading Grigoris Antoniou; Frank van Harmelen. A Semantic Web Primer. The MIT Press, Cambridge, Massachusetts, second edition, 2008. Dean Allemang; Jim Hendler. Semantic Web for the Working Ontologist, Elsever Inc, Burlington, Massachusetts, rst edition, 2007.

Related Work http://www.fp7-moment.eu/ Multi-Service Networks Workshop, Coseners House 2009 Supplementary Notes : Some Properties rdf :type rdfs :subClassOf :domain :range :subPropertyOf owl

:class :ObjectProperty :datatypeProperty :inverseOf :SymmetricProperty :ReflexiveProperty A p A for allA :IrreflexiveProperty :TransitiveProperty Multi-Service Networks Workshop, Coseners House 2009 Supplementary Notes : Some Possible Data Sources Locally generated data, including Passive packet captures at Internet gateways, Active traceroute data, etc.

Regional Internet Registry data (eg: RIPE): delay measurements, AS to IP Address mappings etc [1]. CAIDA: Many ongoing projects, including Archipelago (ARK) for AS level topology updates. Also CAIDA Internet Data Catalog [2]. MoMe : EU FP6 initiative which gives a standardised interface to data from several ongoing projects and a data catalog [3]. Multi-Service Networks Workshop, Coseners House 2009

Recently Viewed Presentations

  • PowerPoint-presentasjon

    PowerPoint-presentasjon

    MScin biochemistryfrom the Norwegian UniversityofScience and Technology (NTNU). Have been freelance since 2002, as a medical writer, trainer, editor, and translator.
  • Vietnam: Origins and Pacification Lsn 23 Road to

    Vietnam: Origins and Pacification Lsn 23 Road to

    The signers of the Declaration of Independence risked their lives, fortunes, and sacred honor in what became a contest with an imperial giant for which North America was (after 1778) a secondary theater of operations in a much larger war....
  • Animal Behavior - Appoquinimink High School

    Animal Behavior - Appoquinimink High School

    Several key events in the life cycle of the European cuckoo are determined by fixed action patterns Egg-laying behavior Figure 37.3B 1 2 3 The behavior of the cuckoo hatchling ejecting the host eggs from the nest The feeding behavior...
  • ME 221 Statics

    ME 221 Statics

    Next, group two forces to create couple C For More Than One Force A similar procedure is used when there are many forces on the body: A parallel force system has the lines of action of all forces acting parallel...
  • Were going to play the board races game,

    Were going to play the board races game,

    Board Races. We're going to play the board races game, but this time the material will cover all the information we've covered in class and you will go to the board in pairs.
  • The Challenge: To Create More Value in All Negotiations

    The Challenge: To Create More Value in All Negotiations

    (*Modesty is everything) EVERYTHING YOU THOUGHT YOU KNEW ABOUT INNOVATION IS WRONG* (*Except, of course, what the other presenters have said/will say) Tom Peters/New York/0524.200
  • It will help in preparing for the exam

    It will help in preparing for the exam

    In general, more DNA Much greater variation in genome size 80,000 fold range across eukaryotes Largest range observed among unicellular protists (20,000 fold) 3,000 fold range in animals No relationship between c value and organismal complexity: the c value paradox...
  • Teaching Social Determinants of Health Interest Group Synopsis

    Teaching Social Determinants of Health Interest Group Synopsis

    Henry Ford Hospital. Kaiser Permanente. Yale University. VA Ann Arbor, University of Michigan. University of Minnesota. ... Health equity. Leadership and advocacy. Research-based health activism. Health care and health insurance systems. Format and Learners. 81% lectures or didactic and case-based.