Reasoning and Knowledge Acquisition Framework for 5G Network Analytics

Autonomic self-management is a key challenge for next-generation networks. This paper proposes an automated analysis framework to infer knowledge in 5G networks with the aim to understand the network status and to predict potential situations that might disrupt the network operability. The framework is based on the Endsley situational awareness model, and integrates automated capabilities for metrics discovery, pattern recognition, prediction techniques and rule-based reasoning to infer anomalous situations in the current operational context. Those situations should then be mitigated, either proactive or reactively, by a more complex decision-making process. The framework is driven by a use case methodology, where the network administrator is able to customize the knowledge inference rules and operational parameters. The proposal has also been instantiated to prove its adaptability to a real use case. To this end, a reference network traffic dataset was used to identify suspicious patterns and to predict the behavior of the monitored data volume. The preliminary results suggest a good level of accuracy on the inference of anomalous traffic volumes based on a simple configuration.

[1]  Yu-Lin He,et al.  Fuzziness based semi-supervised learning approach for intrusion detection system , 2017, Inf. Sci..

[2]  John McHugh,et al.  Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory , 2000, TSEC.

[3]  Lior Rokach,et al.  Ensemble-based classifiers , 2010, Artificial Intelligence Review.

[4]  David A. Clifton,et al.  A review of novelty detection , 2014, Signal Process..

[5]  Vera Stavroulaki,et al.  5G on the Horizon: Key Challenges for the Radio-Access Network , 2013, IEEE Vehicular Technology Magazine.

[6]  Lalu Banoth,et al.  A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection , 2017 .

[7]  Seetha Hari,et al.  Learning From Imbalanced Data , 2019, Advances in Computer and Electrical Engineering.

[8]  K. Shadan,et al.  Available online: , 2012 .

[9]  Raquel Barco,et al.  Knowledge Acquisition for Fault Management in LTE Networks , 2017, Wirel. Pers. Commun..

[10]  Arthur Zimek,et al.  Ensembles for unsupervised outlier detection: challenges and research questions a position paper , 2014, SKDD.

[11]  Hongli Zhang,et al.  Mobile cloud sensing, big data, and 5G networks make an intelligent and smart world , 2015, IEEE Network.

[12]  Selvakumar Manickam,et al.  Network Security Situation Prediction: A Review and Discussion , 2015, SOCO 2015.

[13]  L. Javier García-Villalba,et al.  Towards Incidence Management in 5G Based on Situational Awareness , 2017, Future Internet.

[14]  Philip S. Yu,et al.  Outlier detection for high dimensional data , 2001, SIGMOD '01.

[15]  Sven Ove Hansson,et al.  Is Risk Analysis Scientific? , 2014, Risk analysis : an official publication of the Society for Risk Analysis.

[16]  Shantanu Sharma,et al.  A survey on 5G: The next generation of mobile communication , 2015, Phys. Commun..

[17]  Philip Doty,et al.  U.S. homeland security and risk assessment , 2015, Gov. Inf. Q..

[18]  Gunnar Rätsch,et al.  Soft Margins for AdaBoost , 2001, Machine Learning.

[19]  Hyeran Byun,et al.  Applications of Support Vector Machines for Pattern Recognition: A Survey , 2002, SVM.

[20]  Leo Breiman,et al.  Bagging Predictors , 1996, Machine Learning.

[21]  Mohsen Guizani,et al.  Network function virtualization in 5G , 2016, IEEE Communications Magazine.

[22]  Neville A. Stanton,et al.  The concept of risk situation awareness provision: towards a new approach for assessing the DSA about the threats and vulnerabilities of complex socio-technical systems , 2015 .

[23]  Ulrik Franke,et al.  Cyber situational awareness - A systematic review of the literature , 2014, Comput. Secur..

[24]  Tarik Taleb,et al.  Toward Elastic Distributed SDN/NFV Controller for 5G Mobile Cloud Management Systems , 2015, IEEE Access.

[25]  Paulo Mendes Combining data naming and context awareness for pervasive networks , 2015, J. Netw. Comput. Appl..

[26]  Donn B. Parker,et al.  Fighting computer crime - a new framework for protecting information , 1998 .

[27]  Cleotilde Gonzalez,et al.  Effects of cyber security knowledge on attack detection , 2015, Comput. Hum. Behav..

[28]  L. Javier García-Villalba,et al.  Key Technologies in the Context of Future Networks: Operational and Management Requirements , 2016, Future Internet.

[29]  Karen Scarfone,et al.  Common Vulnerability Scoring System , 2006, IEEE Security & Privacy.

[30]  Gregory Ditzler,et al.  Learning in Nonstationary Environments: A Survey , 2015, IEEE Computational Intelligence Magazine.

[31]  Eleni Fotopoulou,et al.  A Novel Reconfigurable-by-Design Highly Distributed Applications Development Paradigm over Programmable Infrastructure , 2016, 2016 28th International Teletraffic Congress (ITC 28).

[32]  T. Cichon The EU Framework Programme for Research and Innovation H2020 , 2016 .

[33]  Christin Schäfer,et al.  Learning Intrusion Detection: Supervised or Unsupervised? , 2005, ICIAP.

[34]  Mica R. Endsley,et al.  Design and Evaluation for Situation Awareness Enhancement , 1988 .

[35]  Jugal K. Kalita,et al.  Network Anomaly Detection: Methods, Systems and Tools , 2014, IEEE Communications Surveys & Tutorials.

[36]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[37]  Jose M. Alcaraz Calero,et al.  SELFNET Framework self‐healing capabilities for 5G mobile networks , 2016, Trans. Emerg. Telecommun. Technol..

[38]  William H. Woodall,et al.  A Reevaluation of the Adaptive Exponentially Weighted Moving Average Control Chart When Parameters are Estimated , 2015, Qual. Reliab. Eng. Int..

[39]  Amparo Alonso-Betanzos,et al.  Conversion methods for symbolic features: A comparison applied to an intrusion detection problem , 2009, Expert Syst. Appl..

[40]  Peter R. Winters,et al.  Forecasting Sales by Exponentially Weighted Moving Averages , 1960 .

[41]  Ron Kohavi,et al.  A Study of Cross-Validation and Bootstrap for Accuracy Estimation and Model Selection , 1995, IJCAI.

[42]  Fernando M. V. Ramos,et al.  Software-Defined Networking: A Comprehensive Survey , 2014, Proceedings of the IEEE.

[43]  Muhammad Ali Imran,et al.  Challenges in 5G: how to empower SON with big data for enabling 5G , 2014, IEEE Network.

[44]  L. Javier García-Villalba,et al.  Monitoring and Discovery for Self-Organized Network Management in Virtualized and Software Defined Networks , 2017, Sensors.

[45]  L. Javier García-Villalba,et al.  An Approach to Data Analysis in 5G Networks , 2017, Entropy.

[46]  L. Javier García-Villalba,et al.  Orchestration of use-case driven analytics in 5G scenarios , 2018, J. Ambient Intell. Humaniz. Comput..

[47]  Sagar Patel,et al.  Knowledge acquisition for diagnosis model in wireless networks , 2009, Expert Syst. Appl..

[48]  Valentin Rakovic,et al.  Visions Towards 5G: Technical Requirements and Potential Enablers , 2016, Wirel. Pers. Commun..

[49]  Charles L. Forgy,et al.  Rete: a fast algorithm for the many pattern/many object pattern match problem , 1991 .

[51]  David A. Landgrebe,et al.  A survey of decision tree classifier methodology , 1991, IEEE Trans. Syst. Man Cybern..

[52]  Evangelos Pallis,et al.  T-NOVA: Network functions as-a-service over virtualised infrastructures , 2015, 2015 IEEE Conference on Network Function Virtualization and Software Defined Network (NFV-SDN).

[53]  Qi Wang,et al.  QoE-Driven, Energy-Aware Video Adaptation in 5G Networks: The SELFNET Self-Optimisation Use Case , 2016, Int. J. Distributed Sens. Networks.

[54]  Pat Langley,et al.  Estimating Continuous Distributions in Bayesian Classifiers , 1995, UAI.

[55]  E. S. Gardner EXPONENTIAL SMOOTHING: THE STATE OF THE ART, PART II , 2006 .

[56]  L. Pazvakawambwa,et al.  Forecasting methods and applications. , 2013 .

[57]  Richard E. Smith,et al.  A Contemporary Look at Saltzer and Schroeder's 1975 Design Principles , 2012, IEEE Security & Privacy.

[58]  Terje Aven,et al.  Risk assessment and risk management: Review of recent advances on their foundation , 2016, Eur. J. Oper. Res..

[59]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[60]  George M. Mohay,et al.  A framework for generating realistic traffic for Distributed Denial-of-Service attacks and Flash Events , 2014, Comput. Secur..

[61]  Jeffrey G. Andrews,et al.  What Will 5G Be? , 2014, IEEE Journal on Selected Areas in Communications.

[62]  Mohamed Cheriet,et al.  Taxonomy of information security risk assessment (ISRA) , 2016, Comput. Secur..

[63]  Chonho Lee,et al.  A survey of mobile cloud computing: architecture, applications, and approaches , 2013, Wirel. Commun. Mob. Comput..

[64]  Jose M. Alcaraz Calero,et al.  The SELFNET Approach for Autonomic Management in an NFV/SDN Networking Paradigm , 2016, Int. J. Distributed Sens. Networks.

[65]  Pekka Pirinen,et al.  A brief overview of 5G research activities , 2014, 1st International Conference on 5G for Ubiquitous Connectivity.

[66]  Usama M. Fayyad,et al.  On the Handling of Continuous-Valued Attributes in Decision Tree Generation , 1992, Machine Learning.

[67]  A. Lozano,et al.  What Will 5 G Be ? , 2014 .

[68]  Ian H. Witten,et al.  One-Class Classification by Combining Density and Class Probability Estimation , 2008, ECML/PKDD.