AGS TechBlog
A source and journal of ideas

Last week I visited University of Georgia. While there, an old friend from the Defense Department asked me about network performance assessment. He wanted to know how to assess and measure whether the “network” is “up” or “down” for a large enterprise?

I would reword this question a bit to mirror the factors that are most important to the company’s management or customers. The reworded question could take several forms:

• To what extent is your company’s network functional for important services?
• Is the network processing all of the requested work or are parts of the network overloaded?
• Has the network been attacked or hacked? Are unauthorized persons accessing the network for services or information?

These are good questions for any company that runs a network or networks. Answering these types of questions can pose some problems. In isolation, the applications that provide most network services have no way of knowing the broader intent of network use and therefore can’t report “inappropriate” requests and actions. The shear number of services and methods (for example, at the application layer, BGP, DHCP, DNS, FTP, GTP, HTTP, IMAP, IRC, Megaco, MGCP, NNTP, NTP, POP, RIP, RPC, RTP, RTSP, SDP, SIP, SMTP, SNMP, SOAP, SSH, Telnet, TLS/SSL, XMPP, and at the internet Layer, IP (IPv4, IPv6), ICMP, ICMPv6, IGMP, IPsec, and many others) available on a network add to the difficulty. In overcoming this difficulty, artificial intelligence approaches can be highly effective in assisting network managers in understanding activities on the network.

Whether you work for the U.S. Department of Defense or a smaller enterprise, there are a large number of tools and applications available to assist the IT professional with monitoring the network, attached hardware, services and usage. Network tools and testing schemes can and do generate large amounts (megabytes+) of data concerning low-level network performance measures such as response times, packet losses, logged entries, etc. If you don’t have an Army of technicians and analysts to study all this information, then artificial intelligence methods can help analyze and reduce the quantity of data that humans must review and can point toward the most important issues that a human analyst should attend to.

artificial intelligence

So what might be an example of how to use artificial intelligence tools in the context of network monitoring, diagnosis, and remediation? Naturally, there is an almost unlimited variety of designs and techniques that could be applied in a hypothetical case. So what follows is one example of what could be done. Of course, the specifics of an actual network, its services, its hardware, and the company’s objectives would dictate the most appropriate techniques that should be applied in an actual case.

Very simple agent components can serve as the basis for network instrumentation. The agents reside on network nodes such as mail, web, or database servers, or other types of devices. These installed agents poll their assigned service or protocol, do simple metric collection, and send reports to each other for cooperative reasons and report back to a repository agent to add to the collective information about the network.

A machine learning system or classifier operates on the main data repositories looking for regularities or clusters within the data. These classified patterns can form the basis of summary reports to IT professionals for further action.

The summary reports can also be used by an expert system or rule-based production system to suggest or even autonomously take action to remediate problems within the network. The summary reports feed into a “dashboard” status system. Many human managers will prefer to review a “dashboard” type of status report which shows top level indicators of network health and possibly contains colored (red, yellow, green) status summaries for network operational functions which are of concern to the network owners.

So, the artificial intelligence tools applied (specifically, agents, machine learning/classifiers, expert systems, and rule-based production systems) work together to collect desired measures and information, analyze and summarize key events and information, report appropriate information to managers and even take action to remediate issues that are detected on the network.

I hope this generates some thinking on how to apply artificial intelligence techniques on real world applications.

-Stu

Day before yesterday, a colleague asked me if I had any tools that would be “good for managing a large set of airborne radars, electronic jammers, and related systems”.  We had a nice discussion about what artificial intelligence tools were good for and how to apply them on a large project.

What am I good for?

During our conversation, it occurred to me that there are probably a large number of “laymen” that are not part of the artificial intelligence research or engineering community that are in the same situation as my colleague.  She has heard the term “artificial intelligence” or AI, but doesn’t know whether AI tools and approaches would help her with her specific program.

So without a background in AI, how do managers make decisions about whether to pursue AI solutions in their endeavors? The sine qua non is a good layman’s outline of example occasions with a bit of explanation.

This needs to be something more than the typical description of how to apply a given technique to the traveling salesman problem or another classical artificial intelligence problem.

Given the need, I will be doing a series of short posts to scratch this itch.

Stay tuned….

So what do we mean when we say that a software system can be “adaptive”, “reactive” and “autonomous”?

For our purposes, we stick pretty close to the Webster definitions of the terms. But here is the gist of the terms as we use them:

“adaptive” - The software system contains a complex set of possible actions and affecters. It chooses from among these possible actions in combinations and orders that are not predetermined but rather are chosen by the software system to achieve the system’s goals as it deems best. So, the system “adapts” its behavior to its situation.

“reactive” - The software system maintains a perception of its “environment”. This environment may be a pure information environment or it may contain perceptions of the physical world. Both the system’s actions and the system’s goals will be modified in response to these perceptions. In other words, the system “reacts” to the world around it.

“autonomous” - The software system’s goals, actions and perceptions (within the scope of its design purpose) are sufficiently complex and robust such that the system can perceive, decide, react, act, and achieve its goals with very little interaction with human operators. The system largely acts on its own for extended periods of time. The distinction of “autonomous” and “semi-autonomous” are matters of the length of time without interaction and the degree of any interaction.

Hopefully, that helps clarify what we mean by “adaptive, reactive and autonomous software systems”.

-Stu

We were fortunate to have AFRL research scientist, Dr. Kevin Gluck, visit our new location last Thursday. During the meeting, we discussed our current project: math modeling of human performance in complex environments. Following our weekly teleconference with the research team and demonstrations of the Predictive Performance Optimizer software tool, we enjoyed some informal discussions over dinner.

Dr. Gluck’s visit was an excellent kickoff for our new location!

-Stu

As you might have noticed from the new address that appears below the logo on the main site, we have recently changed our address.

It is possible that this will be the last in a very long string of relocations (moves)–hopefully!

At least this move comes with a (slightly) bigger office.

-Stu

The MindModeling@Home site ( http://mindmodeling.org ) is up and running.  At AGS TechNet, we are volunteering some of our computer time to assist them in their goals. 

Volunteer computing is a way to use your computer’s “idle” time to contribute some number crunching power to assist in computationally intensive research work.

If you are interested, it is fairly simple to get set up and all the steps are explained on MindModeling’s site.  Essentially, you just download and install an application called “BOINC” from UC Berkeley’s site. It allows you to set how much and under what conditions your own computer will get and execute jobs for the research effort.  Next, using BOINC you join the volunteer computing effort(s) that you want to support.  Then, when you are not using your computer, it will download jobs, execute them, and upload the results.  There are many Universities, researchers, companies, and other interested folks that have been participating since 1995 in volunteer computing efforts.  Today, there are over a million BOINC users and the scale of the overall computing effort puts the volunteer computing community easily in the league of the most powerful supercomputers.

If you haven’t heard of it before, you might check it out. Very cool!

-Stu

A client recently asked me what I meant when I refered to “heuristic search.”  Heuristic search is performed when “brute force search” (or all-possible-paths-search) is computationally intractable.  Essentially, you can think of a heuristic as a “rule of thumb” or an approach to calculate an approximate answer.  Here’s a more detailed description…

A heuristic is defined by Meriam Webster’s on line dictionary as follows:

Main Entry: heu·ris·tic
Pronunciation: hyu-’ris-tik
Function: adjective
Etymology: German heuristisch, from New Latin heuristicus, from Greek heuriskein to discover; akin to Old Irish fo-fúair he found
: involving or serving as an aid to learning, discovery, or problem-solving by experimental and especially trial-and-error methods heuristic assumption>; also
: of or relating to exploratory problem-solving techniques that utilize self-educating techniques (as the evaluation of feedback) to improve performance heuristic computer program>

Heuristics are used in the context of high complexity to find good solutions to problems that might be impossible to solve for an exact or the globally optimum solution.

Examples of the use of heuristic search are found in many common optimization problems.  In many optimization efforts, computations can take billions of billions of years to find the exact solution even on the fastest computers. This is a case where using heuristics may allow you to find a good solution even if the optimal solution is unknown.

-Stu