Abstract
For network analysts, constructing a representation, and developing an understanding, of logical network topologies is crucial for a wide range of cyber security applications. However, constructing a representation of logical network topologies is difficult. This paper presents three novel ontologies; the Internet Protocol (IP) Ontology, the Open Shortest Path First (OSPF) Ontology and the Border Gateway Protocol (BGP) Ontology. These ontologies provide a common, technology independent syntax and semantics for complex communication network concepts. The semantic and syntactic interoperability provided by these ontologies enables data from disparate, heterogeneous sources, such as network diagrams, router configuration files and routing protocol messages, to be consistently represented, which facilitates information fusion. The approach presented in this paper allows domain knowledge to be encoded in an intuitive manner, facilitates knowledge discovery by automated reasoning, and facilitates the process of making specialist knowledge and tradecraft accessible to non-expert network analysts.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
The topology of a network is the arrangement of the various network elements, such as routers, computers and links, within the network. The topology of a network may be depicted physically or logically. The physical topology of a network is the arrangement of the physical components of the network, including the location of devices and cables. While the logical topology illustrates how information flows through the network.
- 2.
In a link state routing protocol, each router constructs a map of the connectivity of the network in which it resides.
- 3.
Interior gateway protocols manage the routing of traffic within individual ASes.
- 4.
A broadcast domain is a logical division of a network, in which all devices can reach each other by broadcast at the data link layer. For example, a multi-access network is a single broadcast domain. Ethernet is also an example of a broadcast domain.
- 5.
An Autonomous System is a network, or collection of networks, which are managed or supervised by a single administrative entity or organisation.
- 6.
CAIDA is a collaboration of government, research and commercial entities aimed at promoting greater cooperation in the engineering and maintenance of the global Internet infrastructure.
- 7.
An OSPF network can be subdivided into multiple routing areas in order to simplify administration or optimise traffic flow or resource utilisation.
- 8.
ABRs are routers which have interfaces in multiple areas.
- 9.
For example, as a result of slight differences in their interpretation of the Internet Engineering Task Force (IETF) OSPF standards, Cisco and Juniper routers implement OSPF in different ways. The OSPF ontology presented in this section, however, provides a generic representation of OSPF which is not dependant on the specific implementation technology.
- 10.
Synthetic data has been used for the private network infrastructure in order to demonstrate the fusion techniques.
References
van der Ham, J., Ghijsen, M., Grosso, P., de Laat, C.: Trends in Computer Network Modeling Towards the Future Internet. https://arxiv.org/pdf/1402.3951v2.pdf. Accessed Oct 2016
Motamedi, R., Rejaie, R., Willinger, W.: A survey of techniques for internet topology discovery. IEEE Commun. Surv. Tutor. 17(2), 1044–1065 (2013)
Ioannou, P.A., Pitsillides, A.: Modeling and Control of Complex Systems. CRC Press, Boca Raton (2008)
Rahman, M., Pakstas, A., Wang, F.Z.: Towards communications network modelling ontology for designers and researchers. In: Proceedings of the International Conference on Intelligent Engineering Systems, London, England (2006)
MOMENT - Monitoring and Measurement in the Next Generation Technologies. http://www.salzburgresearch.at/en/projekt/moment_en/. Accessed Oct 2016
Yeung, D., Qu, Y., Zhang, J., Chen, I., Lindem, A.: Yang Data Model for OSPF Protocol. https://tools.ietf.org/html/draft-ietf-ospf-yang-01. Accessed Oct 2016
Zhdankin, A., Patel, K., Clemm, A., Hares, S., Jethanandani, M., Liu, X.: Yang Data Model for BGP Protocol. https://tools.ietf.org/html/draft-zhdankin-idr-bgp-cfg-00. Accessed Oct 2016
Common Information Model. http://www.dmtf.org/standards/cim. Accessed Aug 2015
Strassner, J.: DEN-ng: achieving business-driven network management. In: Proceedings of the IEEE/IFIP Network Operations and Management Symposium (2002)
van der Ham, J., Dijkstra, F., Lapacz, R., Brown, A.: The network markup language; a standardized network topology abstraction for inter-domain and cross-layer network applications. In: Proceedings of the TERENA Networking Conference, Maastricht, Netherlands (2013)
van der Ham, J., Dijkstra, F., Travostino, F., Andree, H., de Laat, C.: Using RDF to describe networks. Future Gener. Comput. Syst. 22(8), 862–867 (2006)
Ghijsen, M., van der Ham, J., Grosso, P., Dumitru, C., Zhu, H., Zhao, Z., de Laat, C.: A semantic-web approach for modelling computing infrastructures. J. Comput. Electr. Eng. 39, 2553–2565 (2013)
Network Innovation over Virtualized Infrastructures. http://www.fp7-novi.eu/index.php. Accessed Oct 2016
Moy, J.: RFC 2328 - OSPF Version 2. https://www.ietf.org/rfc/rfc2328.txt. Accessed Oct 2016
Nakibly, G., Gonikman, D., Kirshon, A., Boneh, D.: Persistent OSPF attacks. In: Proceedings of the Nineteenth Annual Network and Distributed System Security Conference (2012)
Rekhter, Y., Li, T., Hares, S.: RFC 4271 - A Border Gateway Protocol 4 (BGP-4). https://www.ietf.org/rfc/rfc4271.txt. Accessed Oct 2016
Center for Applied Internet Data Analysis. www.caida.org. Accessed Oct 2016
Antoniou, G., van Harmelen, F.: A Semantic Web Primer. MIT Press, Cambridge (2004)
Reynolds, D., Thompson, C., Mukerji, J., Coleman, D.: An Assessment of RDF/OWL Modelling. Digital Media Systems Laboratory, HP Laboratories Bristol, HPL-2005-189 (2005)
Sowa, J.: Semantic networks. In: The Encyclopedia of Artificial Intelligence, 2nd edn. (1987)
OSI Model. https://en.wikipedia.org/wiki/OSI_model. Accessed Oct 2016
Protege. http://protege.standford.edu/. Accessed Oct 2016
Acknowledgements
Part of this work was conducted using the Protégé resource [22], which is supported by grant GM10331601 from the National Institute of General Medical Sciences of the United States National Institutes of Health.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Crown
About this paper
Cite this paper
Voigt, S., Howard, C., Philp, D., Penny, C. (2018). Representing and Reasoning About Logical Network Topologies. In: Croitoru, M., Marquis, P., Rudolph, S., Stapleton, G. (eds) Graph Structures for Knowledge Representation and Reasoning. GKR 2017. Lecture Notes in Computer Science(), vol 10775. Springer, Cham. https://doi.org/10.1007/978-3-319-78102-0_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-78102-0_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-78101-3
Online ISBN: 978-3-319-78102-0
eBook Packages: Computer ScienceComputer Science (R0)