A YANG-aided Unified Strategy for Black Hole Detection for Backbone Networks
Elif Ak, Kiymet Kaya, Eren Ozaltun, Sule Gunduz Oguducu, Berk Canberk
TL;DR
This paper tackles the problem of silent Black Hole failures in ISP backbone networks, where traditional MANET-focused methods fail to transfer due to different topologies and data needs. It introduces a YANG data model–driven Black Hole-sensitive Metric Matrix (BHMM) analysis built from four ISP-relevant YANG models, with comprehensive feature engineering (temporal and BH-related features) and path-correlation pruning. The approach is evaluated in two distinct network environments, showing a 10% improvement in black hole detection and a 13% increase in packet delivery rate, along with reduced processing time. The work provides a practical, vendor-agnostic method for real-time backbone network monitoring and fault detection, and outlines future work on reducing false positives.
Abstract
Despite the crucial importance of addressing Black Hole failures in Internet backbone networks, effective detection strategies in backbone networks are lacking. This is largely because previous research has been centered on Mobile Ad-hoc Networks (MANETs), which operate under entirely different dynamics, protocols, and topologies, making their findings not directly transferable to backbone networks. Furthermore, detecting Black Hole failures in backbone networks is particularly challenging. It requires a comprehensive range of network data due to the wide variety of conditions that need to be considered, making data collection and analysis far from straightforward. Addressing this gap, our study introduces a novel approach for Black Hole detection in backbone networks using specialized Yet Another Next Generation (YANG) data models with Black Hole-sensitive Metric Matrix (BHMM) analysis. This paper details our method of selecting and analyzing four YANG models relevant to Black Hole detection in ISP networks, focusing on routing protocols and ISP-specific configurations. Our BHMM approach derived from these models demonstrates a 10% improvement in detection accuracy and a 13% increase in packet delivery rate, highlighting the efficiency of our approach. Additionally, we evaluate the Machine Learning approach leveraged with BHMM analysis in two different network settings, a commercial ISP network, and a scientific research-only network topology. This evaluation also demonstrates the practical applicability of our method, yielding significantly improved prediction outcomes in both environments.