2Novel Global Troubleshooting Framework fo Encrypted Traffic

“The extension of the encryption boundary into the transport layer”

Mirja Kühlewind, MAMI

Management and Measurement

Summit 2018

In Chapter 2, we present a novel troubleshooting architecture in the context of encrypted traffic and then present a proof of concept of this architecture in a software-defined networking (SDN) environment. We also present the data collection module that helps to build datasets for further modules in network troubleshooting.

2.1. Novel network troubleshooting architecture for encrypted traffic

As discussed in Chapter 1, the traditional troubleshooting architecture designed for non-encrypted traffic contains four essential modules: data collection, anomaly detection, root cause analysis and remediation. In this architecture, after detecting anomalies in the anomaly detection, its root cause will be identified in the root cause analysis (RCA) module. Finally, the root causes will be addressed in the remediation module to return to a normal state in the network. During the implementation of the RCA and remediation modules, the network will be negatively influenced (e.g. high latency, low reliability, etc.), resulting in negative economic impacts for NOs. According to a report on the North American Network Operator Group (Zeng et al. 2012b), the duration time for the RCA and remediation approaches can be from 1 h to more than 5 h depending on the status of anomalies. In fact, YouTube lost ...

Get Troubleshooting for Network Operators now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.