Multiagent-Based Data Presentation Mechanism for Multifaceted Analysis in Network Management Tasks
Abstract
:1. Introduction
- We connect data analytics in network management and the idea of serendipity, which is the notion of an innovative encounter, to solve the complexity of recent cybersecurity problems.
- We propose a multiagent-based mechanism to provide a multifaceted data presentation (MADPM).
- We define the organization process considering accuracy and expansion for user demand. Additionally, we include automated composition of the data presentation process in the organization process.
- We present a design process to encapsulate services and systems as agents (data-processing agents (DPAs)), including data related to network management.
- We conducted several case studies and demonstrated that the multifaceted information provided by the prototype system enabled us to make inferences from new perspectives.
- Finally, we discuss the effectiveness and feasibility of the data and information recommendation, including uncertainty represented by the probabilistic process.
2. Materials and Methods
2.1. Multiagent-Based Data Presentation Mechanism (MADPM)
2.1.1. Request Matching
2.1.2. Request Expansion
2.2. Data Processing Agent (DPA)
2.2.1. Knowledge and Action Rules
2.2.2. Base Process
2.2.3. Lifecycle
2.3. Prototype Implementation
- Log collection tool collects logs on the servers, such as mail servers, web servers, and firewalls, and displays statistics and time series.
- Performance management tool collects performance data, such as CPU usage, memory usage, and the amount of traffic on network interfaces from the servers and networking devices, and provides statistics and visualization.
- Service management tool provides the function of service management, which includes monitoring, testing, and providing alerts on the service status.
- Knowledge tool stores knowledge for management tasks and provides functions to share among employees.
2.3.1. Experimental Environment
2.3.2. Implemented Agents
Correlation Coefficient (CRR) Agent
Discrete Fourier Transform (DFT) Agent
Descending Sort (DSS) Agent
Elasticsearch (ELS) Agent
FESS (FES) Agent
InfluxDB (IDB) Agent
Plotly (PLT) Agent
Zabbix (ZBX) Agent
2.3.3. User Interface Agent (UIA)
3. Results
3.1. Experiments with the Prototype System
3.2. Case 1: Trouble on the Web Server
- halt the process of “apache2.service” on the “monitored server” (Figure 8)
- access the UI server and input the test request as “Web server is not running”.
- check the returned list of information.
- The UIA generates the request as
- The FES and ZBX agents appear in the workplace according to the entity “Web server” in .
- The FES agent generates another request as
- The IDB and ELS agents respond to “” in and come into the workplace. The two agents resend to the agent repository.
- The two DSS agents corresponding to the IDB and ELS agents are instantiated with “Descending sort” in .
- From the relation in the knowledge of the DSS agent, a new request is created as
- The PLT agent is instantiated with “Plot” in .
- The processing flow is automatically organized through the IDB, DSS, and PLT agents.
3.3. Case 2: Amount of Traffic on the Network Switch
- Input the phrase “Show the amount of traffic on the core switch in descending order”.
- Check the output information.
- UIA generates the request triple as
- The FES agent is activated by reacting to the keyword “Core switch” and instantiated in the workplace.
- Using the stored knowledge, the FES agent newly generates another request:
- The IDB and ELS agents respond to “<IPaddress B>” in and come into the workplace.
- The DSS agent is instantiated with “Descending sort” in .
- From the relation in the knowledge of the DSS agent, a new request is created as
- The PLT agent is instantiated with “Plot” in .
- The processing flow is automatically organized through the IDB, DSS and Plotting agents.
3.4. Case 3: Denial of Service (DoS) Attack
- Generate five transactions from a terminal to “” per second.
- After a while, generate 60 transactions from another terminal to “” per second.
- Confirm that the website on “” is down.
- Access the UI server and input “ is down”.
- Check the output of the UI server.
- The UIA generates the request as
- The IDB and ELS agents appear in the workplace according to the entity “” in .
- The two agents resend to the repository.
- The DSS agent is instantiated in the workplace according to “Analysis” in .
- The DSS agent generates another request as
- The PLT agent is instantiated in the workplace by “Plot” of .
- The processing flow of the data is automatically constructed.
3.5. Case 4: Brute Force Attack
- Access “” from a terminal five times per second.
- Generate a virtual brute force attack on “” ten times per minute.
- After continuing Step 2 for 2 hours, input “Analyze the logs on ”.
- Analyze the output from the prototypical system.
- The UIA generates request from the input text as
- The ELS agent is activated by reacting to the keyword “” and instantiated in the workplace.
- Using the stored knowledge, the ELS agent resends to the agent repository.
- The DFA and DSS agents are activated by reacting to the keyword “Analysis” and instantiated in the workplace.
- Using the stored knowledge, the DFA agent newly generates another request as
- Using the stored knowledge, the DSS agent newly generates another request as
- The PLT agent is instantiated with “BarPlotting” in and “Plot” in .
- The processing flow is automatically organized through the instantiated agents.
3.6. Case 5: Data Correlation for Anomaly Detection
- Generate access to five times per second.
- Input “Analyze the CPU usage on .” to the UI server.
- Check the output from the prototypical system.
- The UIA generates request from the input text as
- The ELS and IDB agents are activated by reacting to the keyword “HostA” and instantiated in the workplace.
- Using the stored knowledge, the ELS and IDB agents resend to the agent repository.
- The CRR and DSS agents are activated by reacting to the keyword “Analysis” and instantiated in the workplace.
- Using the stored knowledge, the CRR agent newly generates another request as
- Using the stored knowledge, the DSS agent newly generates another request as
- The PLT agent is instantiated with “Line plot” in and “Plot” in .
- The processing flow is automatically organized through the instantiated agents.
4. Discussion
4.1. Effectivity and Heterogeneity
4.2. Performance and Scalability
4.3. Limitations
4.4. Implications
5. Conclusions
Supplementary Materials
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Acknowledgments
Conflicts of Interest
Appendix A. Sample Code of DPA
Appendix A.1. DASH File
Appendix A.2. Example of IDB Agent
Appendix B. Sample Code of Base Process
Appendix B.1. Templates of Base Process
Appendix B.2. Example Codes of Base Process
References
- Khan, M.A.; Peters, S.; Sahinel, D.; Pozo-Pardo, F.D.; Dang, X.-T. Understanding autonomic network management: A look into the past, a solution for the future. Comput. Commun. 2018, 122, 93–117. [Google Scholar] [CrossRef]
- Arzo, S.T.; Bassoli, R.; Granelli, F.; Fitzek, F.H.P. Multi-agent based autonomic network management architecture. IEEE Trans. Netw. Serv. 2021, 18, 3595–3618. [Google Scholar]
- Tsagkaris, K.; Nguengang, G.; Galani, A.; Grida Ben Yahia, I.; Ghader, M.; Kaloxylos, A.; Gruber, M.; Kousaridas, A.; Bouet, M.; Georgoulas, S.; et al. A survey of autonomic networking architectures: Towards a unified management framework. Int. J. Netw. Manag. 2013, 23, 402–423. [Google Scholar] [CrossRef]
- Kephart, J.O.; Chess, D.M. The vision of autonomic computing. Computer 2003, 36, 41–50. [Google Scholar] [CrossRef]
- Huebscher, M.C.; McCann, J.A. A survey of autonomic computing—Degrees, models, and applications. ACM Comput. Surv. 2008, 40, 1–28. [Google Scholar] [CrossRef] [Green Version]
- Chen, X.; Liu, C.-Y.; Proietti, R.; Li, Z.; Yoo, S.J.B. Automating optical network fault management with machine learning. IEEE Commun. Mag. 2022, 1–7. [Google Scholar] [CrossRef]
- Pang, G.; Shen, C.; Cao, L.; Hengel, A.V.D. Deep learning for anomaly detection: A review. ACM Comput. Surv. 2022, 54, 1–38. [Google Scholar] [CrossRef]
- Selva, D.; Nagaraj, B.; Pelusi, D.; Arunkumar, R.; Nair, A. Intelligent network intrusion prevention feature collection and classification algorithms. Algorithms 2021, 14, 224. [Google Scholar] [CrossRef]
- Zhang, T.; Qiu, H.; Mellia, M.; Li, Y.; Li, H.; Xu, K. Interpreting AI for networking: Where we are and where we are going. IEEE Commun. Mag. 2022, 60, 25–31. [Google Scholar] [CrossRef]
- Ha, D.T.; Hoang, N.X.; Hoang, N.V.; Du, N.H.; Huong, T.T.; Tran, K.P. Explainable anomaly detection for industrial control system cybersecurity. arXiv 2022, arXiv:2205.01930. [Google Scholar] [CrossRef]
- Hwang, C.; Lee, T. E-SFD: Explainable sensor fault detection in the ICS anomaly detection system. IEEE Access 2021, 9, 140470–140486. [Google Scholar] [CrossRef]
- Sharma, S.; Nag, A.; Cordeiro, L.; Ayoub, O.; Tornatore, M.; Nekovee, M. Towards explainable artificial intelligence for network function virtualization. In Proceedings of the 16th International Conference Emerging Network EXperiments Technologies, Barcelona, Spain, 1–4 December 2020; pp. 558–559. [Google Scholar]
- Monarch, R. Human-in-the-Loop Machine Learning: Active Learning and Annotation for Human-Centered AI; Manning: Shelter Island, NY, USA, 2021. [Google Scholar]
- Bosse, S.; Engel, U. Real-Time Human-in-the-loop simulation with mobile agents, chat bots, and crowd sensing for smart cities. Sensors 2019, 19, 4356. [Google Scholar] [CrossRef] [Green Version]
- Jennings, N.R.; Moreau, L.; Nicholson, D.; Ramchurn, S.; Roberts, S.; Rodden, T.; Rogers, A. Human-agent collectives. Commun. ACM 2014, 57, 80–88. [Google Scholar] [CrossRef] [Green Version]
- Krishnamurthy, P.; Khorrami, F.; Schmidt, S.; Wright, K. Machine learning for NetFlow anomaly detection with human-readable annotations. IEEE Trans. Netw. Serv. 2021, 18, 1885–1898. [Google Scholar] [CrossRef]
- Kang, X.; Song, B.; Sun, F. A deep similarity metric method based on incomplete data for traffic anomaly detection in IoT. Appl. Sci. 2019, 9, 135. [Google Scholar] [CrossRef] [Green Version]
- Ahmed, E.; Yaqoob, I.; Hashem, I.A.; Khan, I.; Ahmed, A.I.; Imran, M.; Vasilakos, A.V. The role of big data analytics in Internet of Things. Comput. Netw. 2017, 129, 459–471. [Google Scholar] [CrossRef]
- Jabbar, S.; Malik, K.R.; Ahmad, M.; Aldabbas, O.; Asif, M.; Khalid, S.; Han, K.; Ahmed, S.H. A methodology of real-time data fusion for localized big data analytics. IEEE Access 2018, 6, 24510–24520. [Google Scholar] [CrossRef]
- Tsanousa, A.; Bektsis, E.; Kyriakopoulos, C.; González, A.G.; Leturiondo, U.; Gialampoukidis, I.; Karakostas, A.; Vrochidis, S.; Kompatsiaris, I. A review of multisensor data fusion solutions in smart manufacturing: Systems and trends. Sensors 2022, 22, 1734. [Google Scholar] [CrossRef]
- Chen, X.; Self, J.Z.; House, L.; Wenskovitch, J.; Sun, M.; Wycoff, N.; Evia, J.R.; North, C. Be the data: Embodied visual analytics. IEEE Trans. Learn. Technol. 2018, 11, 81–95. [Google Scholar] [CrossRef]
- Crouser, R.J.; Franklin, L.; Cook, K. Rethinking visual analytics for streaming data applications. IEEE Internet Comput. 2017, 21, 72–76. [Google Scholar] [CrossRef]
- Jing, X.; Yan, Z.; Pedrycz, W. Security data collection and data analytics in the Internet: A survey. IEEE Commun. Surv. Tutor. 2019, 21, 586–618. [Google Scholar] [CrossRef]
- Shiomoto, K. Applications of big data analytics technologies for traffic and network management data-gaining useful insights from big data of traffic and network management. NTT Tech. Rev. 2013, 11, 1–6. [Google Scholar]
- Marjani, M.; Nasaruddin, F.; Gani, A.; Karim, A.; Hashem, I.A.; Siddiqa, A.; Yaqoob, I. Big IoT data analytics: Architecture, opportunities, and open research challenges. IEEE Access 2017, 5, 5247–5261. [Google Scholar]
- Ge, M.; Bangui, H.; Buhnova, B. Big data for internet of things: A survey. Future Gener. Comp. Syst. 2018, 87, 601–614. [Google Scholar]
- Elasticsearch. Available online: https://www.elastic.co/elasticsearch/ (accessed on 5 October 2022).
- InfluxDB. Available online: https://www.influxdata.com/ (accessed on 5 October 2022).
- Fluentd. Available online: https://www.fluentd.org/ (accessed on 5 October 2022).
- Logstash. Available online: https://www.elastic.co/logstash/ (accessed on 5 October 2022).
- Kibana. Available online: https://www.elastic.co/kibana/ (accessed on 5 October 2022).
- Zabbix. Available online: https://www.zabbix.com/ (accessed on 5 October 2022).
- Kalegele, K.; Sasai, K.; Takahashi, H.; Kitagata, G.; Kinoshita, T. Four decades of data mining in network and systems management. IEEE Trans. Knowl. Data Eng. 2015, 27, 2700–2716. [Google Scholar]
- Elaggoune, Z.; Maamri, R.; Boussebough, I. The multi-agent system solutions for big multi-sensor data management. J. Ubiquitous Syst. Pervasive Netw. 2019, 11, 23–29. [Google Scholar] [CrossRef]
- Sasai, K.; Sveholm, J.; Kitagata, G.; Kinoshita, T. A practical design and implementation of active information resource based network management system. Int. J. Energy Inf. Commun. 2011, 2, 67–86. [Google Scholar]
- Sasai, K.; Tanimura, Y.; Takahashi, H.; Kitagata, G.; Kinoshita, T. An agent-based data analytics support tool for network management intelligence. Int. J. Energy Inf. Commun. 2017, 8, 51–64. [Google Scholar] [CrossRef]
- Rabaey, J.M. Human-centric computing. IEEE Trans. Very Large Scale Integr. VLSI Syst. 2020, 28, 3–11. [Google Scholar] [CrossRef]
- Tré, G.D.; Kacprzyk, J.; Pasi, G.; Zadrożny, S.; Bronselaer, A. Human centric data management: Human centric data management. Int. J. Intell. Syst. 2018, 33, 1989–1991. [Google Scholar] [CrossRef]
- Mostéfaoui, S.K.; Hirsbrunner, B. Context aware service provisioning. In Proceedings of the IEEE/ACS International Conference onPervasive Services, ICPS 2004, Beirut, Lebanon, 23 July 2004; pp. 71–80. [Google Scholar]
- Sheng, Q.Z.; Shakshuki, E.M. Ambient and context-aware services. J. Comput. Syst. Sci. 2015, 81, 485–486. [Google Scholar] [CrossRef]
- Ziarani, R.J.; Ravanmehr, R. Serendipity in recommender systems: A systematic literature review. J. Comput. Sci. Technol. 2021, 36, 375–396. [Google Scholar] [CrossRef]
- Xu, Y.; Yang, Y.; Wang, E.; Han, J.; Zhuang, F.; Yu, Z.; Xiong, H. Neural serendipity recommendation: Exploring the balance between accuracy and novelty with sparse explicit feedback. ACM Trans. Knowl. Discov. Data 2020, 14, 1–25. [Google Scholar]
- Nishikawa-Pacher, A. Measuring serendipity with altmetrics and randomness. J. Libr. Inf. Sci. 2022, 096100062211243. [Google Scholar] [CrossRef]
- Sasai, K.; Matsumura, H.; Fukutani, R.; Kitagata, G.; Kinoshita, T. An agent-based intelligent data presentation mechanism for multifaceted analysis. In Complex, Intelligent, and Software Intensive Systems. CISIS 2019. Advances in Intelligent Systems and Computing; Springer: Cham, Switzerland, 2019; pp. 587–595. [Google Scholar]
- Uchiya, T.; Kinoshita, T. Design support functions for developing multiagent system on repository-based multiagent framework. In Proceedings of the 2011 10th IEEE International Conference on Cognitive Informatics & Cognitive Computing (ICCI*CC ), Banff, AB, Canada, 18–20 August 2011; pp. 240–246. [Google Scholar]
- Wang, Y. Fuzzy Semantic models of fuzzy concepts in fuzzy systems. Int. J. Fuzzy Syst. Adv. Appl. 2022, 9, 57–62. [Google Scholar] [CrossRef]
- Lee, C.-S.; Wang, M.-H. A fuzzy expert system for diabetes decision support application. IEEE Trans. Syst. Man Cybern. Part B Cybern. Publ. IEEE Syst. Man Cybern. Soc. 2010, 41, 139–153. [Google Scholar]
- Fess. Available online: https://fess.codelibs.org/index.html (accessed on 7 October 2022).
- Plotly. Available online: https://plotly.com/python/ (accessed on 7 October 2022).
- Apache JMeter. Available online: https://jmeter.apache.org/ (accessed on 7 October 2022).
- IDEA. Available online: https://uchiya.web.nitech.ac.jp/idea/index.html (accessed on 7 November 2022).
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Sasai, K.; Fukutani, R.; Kitagata, G.; Kinoshita, T. Multiagent-Based Data Presentation Mechanism for Multifaceted Analysis in Network Management Tasks. Sensors 2022, 22, 8841. https://doi.org/10.3390/s22228841
Sasai K, Fukutani R, Kitagata G, Kinoshita T. Multiagent-Based Data Presentation Mechanism for Multifaceted Analysis in Network Management Tasks. Sensors. 2022; 22(22):8841. https://doi.org/10.3390/s22228841
Chicago/Turabian StyleSasai, Kazuto, Ryota Fukutani, Gen Kitagata, and Tetsuo Kinoshita. 2022. "Multiagent-Based Data Presentation Mechanism for Multifaceted Analysis in Network Management Tasks" Sensors 22, no. 22: 8841. https://doi.org/10.3390/s22228841