XNV: Explainable Network Verification
Authors: 
Fuliang Li, Minglong Li, Yunhang Pu, Yuxin Zhang, Xingwei Wang, Jiannong CaoAuthors Info & Claims
Fuliang Li, Minglong Li, Yunhang Pu, Yuxin Zhang, Xingwei Wang, Jiannong CaoAuthors Info & ClaimsPages 5097 - 5111
Abstract
Network verification has recently made strides, focusing on the satisfiability of configurations and policies or the performance and versatility of their methods. However, they generally ignore explainability, which is the ability to explain why a network violates or satisfies a certain forwarding policy. In this paper, we propose an explainable network verification framework XNV, which uses a novel interpretable fault analysis method to construct an effective explainable network verifier using knowledge graph (KG). XNV provides appropriate explanations to help operators understand the verification results, improving the transparency and trustworthiness of the verification system. First, XNV uses the KG as an intermediate representation of the configuration semantic level, storing the configuration semantics and routing protocol states. Then, XNV constructs human-logical fault trees for policies and implements root-cause analysis of policy violations based on KG queries and minimum cut set matching. Experiments and case evaluations show that our system provides good interpretability while balancing performance, accelerated understanding, and handling of misconfigurations.
References
[1]
S. Janardhan. (2021). More Details About the October 4 Outage. [Online]. Available: https://engineering.fb.com/2021/10/05/networking-traffic/outage-details
[2]
Reuters. Routing Error Caused Network Outage. Accessed: Sep. 2024. [Online]. Available: https://www.usnews.com/news/technology/articles/2021-10-25/police-investigate-network-outage-at-south-korean-telco-kt
[3]
M. Locklear. Google Accidentally Broke the Internet Throughout Japan. Accessed: Sep. 2024. [Online]. Available: https://www.engadget.com/2017-08-28-google-accidentally-broke-internet-japan.html
[4]
D. Madory. Widespread Impact Casused by Level 3 BGP Route Leak. Accessed: Sep. 2024. [Online]. Available: https://medium.com/oracledevs/widespread-impact-caused-by-level-3-bgp-route-leak-internet-intelligence-3dbd724d9ac5
[5]
Y.-W.-E. Sung, X. Tie, S. H. Y. Wong, and H. Zeng, “Robotron: Top-down network management at Facebook scale,” in Proc. ACM SIGCOMM Conf., Aug. 2016, pp. 426–439.
[6]
A. El-Hassany, P. Tsankov, L. Vanbever, and M. Vechev, “Network-wide configuration synthesis,” in Proc. 29th Int. Conf. Comput. Aided Verification (CAV), Jul. 2017, pp. 261–281.
[7]
A. El-Hassany, P. Tsankov, L. Vanbever, and M. Vechev, “NetComplete: Practical network-wide configuration synthesis with autocompletion,” in Proc. 15th USENIX Symp. Netw. Syst. Design Implement. (NSDI), 2018, pp. 579–594.
[8]
R. Beckett, R. Mahajan, T. Millstein, J. Padhye, and D. Walker, “Don’t mind the gap: Bridging network-wide objectives and device-level configurations,” in Proc. ACM SIGCOMM Conf., Aug. 2016, pp. 328–341.
[9]
A. Fogel et al., “A general approach to network configuration analysis,” in Proc. USENIX Symp. Netw. Syst. Design Implement. (NSDI), 2015, pp. 469–483.
[10]
A. Gember-Jacobson, R. Viswanathan, A. Akella, and R. Mahajan, “Fast control plane analysis using an abstract representation,” in Proc. ACM SIGCOMM Conf., Aug. 2016, pp. 300–313.
[11]
R. Beckett, A. Gupta, R. Mahajan, and D. Walker, “A general approach to network configuration verification,” in Proc. Conf. ACM Special Interest Group Data Commun., Aug. 2017, pp. 155–168.
[12]
A. Abhashkumar, A. Gember-Jacobson, and A. Akella, “Tiramisu: Fast multilayer network verification,” in Proc. 17th USENIX Symp. Netw. Syst. Design Implement. (NSDI), 2020, pp. 201–219.
[13]
S. K. Fayaz et al., “Efficient network reachability analysis using a succinct control plane representation,” in USENIX Symp. Oper. Syst. Design Implement. (OSDI), 2016, pp. 217–232.
[14]
F. Ye et al., “Accuracy, scalability, coverage: A practical configuration verifier on a global WAN,” in Proc. Annu. Conf. ACM Special Interest Group Data Commun. Appl., Technol., Archit., Protocols Comput. Commun., Jul. 2020, pp. 599–614.
[15]
R. Beckett, A. Gupta, R. Mahajan, and D. Walker, “Abstract interpretation of distributed network control planes,” Proc. ACM Program. Lang., vol. 4, pp. 1–27, Jan. 2020.
[16]
Y. Chen, T. Schneider, and L. Vanbever, “Causality analysis in control plane verification,” in Proc. CoNEXT Student Workshop, Dec. 2023, pp. 5–6.
[17]
H. H. Liu et al., “Automatic life cycle management of network configurations,” in Proc. Afternoon Workshop Self-Driving Netw., Aug. 2018, pp. 29–35.
[18]
A. Gember-Jacobson, A. Akella, R. Mahajan, and H. H. Liu, “Automatically repairing network control planes using an abstract representation,” in Proc. SOSP, 2017, pp. 359–373.
[19]
A. Abhashkumar, A. Gember-Jacobson, and A. Akella, “AED: Incrementally synthesizing policy-compliant and manageable configurations,” in Proc. 16th Int. Conf. Emerg. Netw. Exp. Technol., Nov. 2020, pp. 482–495.
[20]
B. Tian et al., “Safely and automatically updating in-network ACL configurations with intent language,” in Proc. ACM Special Interest Group Data Commun., Aug. 2019, pp. 214–226.
[21]
M. Sundararajan, A. Taly, and Q. Yan, “Axiomatic attribution for deep networks,” in Proc. Int. Conf. Mach. Learn., vol. 70, 2017, pp. 3319–3328.
[22]
D. Gunning, M. Stefik, J. Choi, T. Miller, S. Stumpf, and G.-Z. Yang, “XAI—Explainable artificial intelligence,” Sci. Robot., vol. 4, no. 37, 2019, Art. no.
[23]
B. Abdollahi and O. Nasraoui, “Transparency in fair machine learning: The case of explainable recommender systems,” in Human and Machine Learning: Visible, Explainable, Trustworthy and Transparent. Cham, Switzerland: Springer, 2018, pp. 21–35.
[24]
R. Birkner, T. Brodmann, P. Tsankov, L. Vanbever, and M. Vechev, “Metha: Network verifiers need to be correct too!,” in Proc. USENIX NSDI, 2021, pp. 99–113.
[25]
E. Ruijters and M. Stoelinga, “Fault tree analysis: A survey of the state-of-the-art in modeling, analysis and tools,” Comput. Sci. Rev., vol. 15, pp. 29–62, Feb. 2015.
[26]
Y. Rekhter, S. Hares, and T. Li, A Border Gateway Protocol 4 (BGP-4), document RFC 4271, Jan. 2006. [Online]. Available: https://www.rfc-editor.org/info/rfc4271. 10.17487/RFC4271.
[27]
P. Zhang, A. Gember-Jacobson, Y. Zuo, Y. Huang, X. Liu, and H. Li, “Differential network analysis,” in Proc. 19th USENIX Symp. Netw. Syst. Design Implement., 2022, pp. 601–615.
[28]
L. Ryzhyk and M. Budiu, “Differential datalog,” Datalog, vol. 2, pp. 4–5, Jan. 2019.
[29]
S. Kabir, “An overview of fault tree analysis and its application in model based dependability analysis,” Expert Syst. Appl., vol. 77, pp. 114–135, Jul. 2017.
[30]
J. Z. Pan, “Resource description framework,” in Handbook on Ontologies. Cham, Switzerland: Springer, 2009, pp. 71–90.
[31]
F. Van Harmelen and D. L. McGuinness, “Owl web ontology language overview,” World Wide Web Consortium (W3C) Recommendation, vol. 69, p. 70, Jan. 2004.
[32]
Protege. Accessed: Sep. 2024. [Online]. Available: https://protege.stanford.edu
[33]
M. Setnes, R. Babuska, and H. B. Verbruggen, “Rule-based modeling: Precision and transparency,” IEEE Trans. Syst., Man Cybern., C, Appl. Rev., vol. 28, no. 1, pp. 165–169, Feb. 1998.
[34]
T. G. Griffin, F. B. Shepherd, and G. Wilfong, “The stable paths problem and interdomain routing,” IEEE/ACM Trans. Netw., vol. 10, no. 2, pp. 232–243, Apr. 2002.
[35]
I. Horrocks, “SWRL: A semantic web rule language combining OWL and RuleML,” W3C Member Submission, vol. 21, no. 79, pp. 1–31, 2004.
[36]
W. E. Vesely, Fault Tree Handbook, vol. 88. Washington, DC, USA: Government Printing Office, 1981.
[37]
O. Coudert and J. C. Madre, “MetaPrime: An interactive fault-tree analyzer,” IEEE Trans. Rel., vol. 43, no. 1, pp. 121–127, Mar. 1994.
[38]
World Wide Web Consortium (W3C). SPARQL 1.1 Query Language. Accessed: Sep. 2024. [Online]. Available: https://www.w3.org/TR/sparql11-query
[39]
Wikipedia. Dinic’s Algorithm. Accessed: Sep. 2024. [Online]. Available: https://en.wikipedia.org/wiki/Dinic%27s_algorithm#Algorithm
[40]
S. K. R. Kakarla et al., “Finding network misconfigurations by automatic template inference,” in Proc. USENIX NSDI, 2020, pp. 999–1013.
[41]
F. Le, S. Lee, T. Wong, H. S. Kim, and D. Newcomb, “Detecting network-wide and router-specific misconfigurations through data mining,” IEEE/ACM Trans. Netw., vol. 17, no. 1, pp. 66–79, Feb. 2009.
[42]
Y. Nenov, R. Piro, B. Motik, I. Horrocks, Z. Wu, and J. Banerjee, “RDFox: A highly-scalable RDF store,” in Proc. Int. Semantic Web Conf., 2015, pp. 3–20.
[43]
M. Horridge and S. Bechhofer, “The OWL API: A Java API for OWL ontologies,” Semantic Web, vol. 2, no. 1, pp. 11–21, 2011.
[44]
S. Knight, H. X. Nguyen, N. Falkner, R. Bowden, and M. Roughan, “The internet topology zoo,” IEEE J. Sel. Areas Commun., vol. 29, no. 9, pp. 1765–1775, Oct. 2011.
Index Terms
- XNV: Explainable Network Verification
Index terms have been assigned to the content through auto-classification.
Recommendations
Counterfactual Explainable Recommendation
CIKM '21: Proceedings of the 30th ACM International Conference on Information & Knowledge ManagementBy providing explanations for users and system designers to facilitate better understanding and decision making, explainable recommendation has been an important research problem. In this paper, we propose Counterfactual Explainable Recommendation (...
Incremental Network Configuration Verification
HotNets '20: Proceedings of the 19th ACM Workshop on Hot Topics in NetworksNetwork configurations are constantly changing, and each change poses a risk of catastrophic network outages. Consequently, the networking community has put significant effort into developing and optimizing configuration verifiers. However, we observe ...
Counterfactual Explanations in Explainable AI: A Tutorial
KDD '21: Proceedings of the 27th ACM SIGKDD Conference on Knowledge Discovery & Data MiningDeep learning has shown powerful performances in many fields, however its black-box nature hinders its further applications. In response, explainable artificial intelligence emerges, aiming to explain the predictions and behaviors of deep learning ...
Comments
Information & Contributors
Information
Published In
1063-6692 © 2024 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See https://www.ieee.org/publications/rights/index.html for more information.
Publisher
IEEE Press
Publication History
Published: 16 September 2024
Published in TON Volume 32, Issue 6
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 3Total Downloads
- Downloads (Last 12 months)3
- Downloads (Last 6 weeks)3
Reflects downloads up to 13 Jan 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in