Towards a holistic semantic support for context-aware network monitoring

An ontology-based approach


Monitoring current communication networks and services is an increasingly complex task as a result of a growth in the number and variety of components involved. Moreover, different perspectives on network monitoring and optimisation policies must be considered to meet context-dependent monitoring requirements. To face these demanding expectations, this article proposes a semantic-based approach to support the flexible configuration of context-aware network monitoring, where traffic sampling is used to improve efficiency. Thus, a semantic layer is proposed to provide with a standard and interoperable description of the elements, requirements and relevant features in the monitoring domain. On top of this description, semantic rules are applied to make decisions regarding monitoring and auditing policies in a proactive and context-aware manner. Use cases focusing on traffic accounting and traffic classification as monitoring tasks are also provided, demonstrating the expressiveness of the ontology and the contribution of smart SWRL rules for recommending optimised configuration profiles.

This is a preview of subscription content, log in to check access.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11


  1. 1.

    The parameter in SystC indicates that one packet is collected each one hundred or one thousand packets, respectively.

  2. 2.

    The notion of heavy hitter refers to 20% of the largest flows in terms of number of packets.


  1. 1.

    Bhamare D, Kassler A, Vestin J, Khoshkholghi MA, Taheri J (2019) Intopt: in-band network telemetry optimization for nfv service chain monitoring. In: ICC 2019 IEEE international conference on communications (ICC), pp 1–7

  2. 2.

    Bhamare D, Krishnamoorthy M, Gumaste A (2015) Models and algorithms for centralized control planes to optimize control traffic overhead. Comput Commun 70:68–78.

    Article  Google Scholar 

  3. 3.

    Duffield N et al (2004) Sampling for passive internet measurement: a review. Stat Sci 19(3):472–498

    MathSciNet  Article  Google Scholar 

  4. 4.

    Fernández-López M, Gómez-Pérez A, Juristo N (1997) Methontology: from ontological art towards ontological engineering. In: Symposium on ontological art towards ontological engineering of AAAI, pp 33–40

  5. 5.

    Grüninger M, Fox M (1995) Methodology for the Design and Evaluation of Ontologies. In: IJCAI’95, workshop on basic ontological issues in knowledge sharing, 1995.

  6. 6.

    Gu Y, Breslau L, Duffield N, Sen S (2009) On passive one-way loss measurements using sampled flow statistics. In: INFOCOM 2009, IEEE, pp 2946–2950. IEEE

  7. 7.

    Hu C, Wang S, Tian J, Liu B, Cheng Y, Chen Y (2008) Accurate and efficient traffic monitoring using adaptive non-linear sampling method. In: INFOCOM 2008. The 27th conference on computer communications. IEEE, pp 26–30. IEEE

  8. 8.

    Jun JH, Ahn CW, Kim, SH (2014) Ddos attack detection by using packet sampling and flow features. In: Proceedings of the 29th annual ACM symposium on applied computing, pp 711–712. ACM

  9. 9.

    Kim C, Sivaraman A, Katta NP, Bas A, Dixit A, Wobker LJ (xxxx) In-band network telemetry via programmable dataplanes

  10. 10.

    Lin R, Li O, Li Q, Dai K (2014) Exploiting adaptive packet-sampling measurements for multimedia traffic classification. J Commun 9(12):50

    Google Scholar 

  11. 11.

    Mahmood AN, Hu J, Tari Z, Leckie C (2010) Critical infrastructure protection: resource efficient sampling to improve detection of less frequent patterns in network traffic. J Netw Comput Appl 33(4):491–502

    Article  Google Scholar 

  12. 12.

    Martinez A, Yannuzzi M, López V, López D, Ramírez W, Serral-Gracià R, Masip-Bruin X, Maciejewski M, Altmann J (2014) Network management challenges and trends in multi-layer and multi-vendor settings for carrier-grade networks. IEEE Commun Surv Tutorials 16(4):2207–2230

    Article  Google Scholar 

  13. 13.

    Martinez A, Yannuzzi M, de Vergara JL, Serral-Gracià R, Ramírez W (2015) An ontology-based information extraction system for bridging the configuration gap in hybrid SDN environments. In: 2015 IFIP/IEEE international symposium on integrated network management (IM), pp 441–449. IEEE

  14. 14.

    Moraes PS, Sampaio LN, Monteiro JA, Portnoi M (2008) Mononto: a domain ontology for network monitoring and recommendation for advanced internet applications users. In: Network operations and management symposium workshops, 2008. NOMS Workshops 2008. IEEE, pp 116–123. IEEE

  15. 15.

    Noy NF, McGuinness DL (2001) Ontology development 101: a guide to creating your first ontology. Technical report (2001).

  16. 16.

    Rodrigues C, Lima SR, Sabucedo LMÁ, Carvalho P (2012) An ontology for managing network services quality. Expert Syst Appl 39(9):7938–7946

    Article  Google Scholar 

  17. 17.

    Silva DV, Rafael GR (2017) Ontologies for network security and future challenges. In: International conference on cyber warfare and security, p 541. Academic Conferences International Limited

  18. 18.

    Silva JMC, Carvalho P, Lima SR (2014) Computational weight of network traffic sampling techniques. In: 2014 IEEE symposium on computers and communications (ISCC), pp 1–6. IEEE

  19. 19.

    Silva JMC, Carvalho P, Lima SR (2015) Analysing traffic flows through sampling: a comparative study. In: 2015 IEEE symposium on computers and communication (ISCC), pp. 341–346.

  20. 20.

    Silva JMC, Carvalho P, Lima SR (2017) Inside packet sampling techniques: exploring modularity to enhance network measurements. Int J Commun Syst 30(6):10

    Article  Google Scholar 

  21. 21.

    Silva RF, Carvalho P, Lima SR, Álvarez Sabucedo L, Santos-Gago JM, Silva JMC (2019) An ontology-based recommendation system for context-aware network monitoring. In: Rocha Á, Adeli H, Reis LP, Costanzo S (eds) New knowledge in information systems and technologies. Springer International Publishing, Cham, pp 373–384

    Google Scholar 

  22. 22.

    Simmonds A, Sandilands P, Van Ekert L (2004) An ontology for network security attacks. In: Asian applied computing conference, pp 317–323. Springer

  23. 23.

    Stuart D (2016) Practical ontologies for information professionals. Facet Publishing, London

    Google Scholar 

  24. 24.

    Tammaro D, Valenti S, Rossi D, Pescapé A (2012) Exploiting packet-sampling measurements for traffic characterization and classification. Int J Netw Manage 22(6):451–476

    Article  Google Scholar 

  25. 25.

    Tang S, Li D, Niu B, Peng J, Zhu Z (2019) Sel-int: a runtime-programmable selective in-band network telemetry system. In: IEEE transactions on network and service management, pp 1–1

  26. 26.

    Uschold M, King M (1995) Towards a methodology for building ontologies. In: Workshop on basic ontological issues in knowledge sharing, held in conjunction with IJCAI-95

  27. 27.

    Vestin J, Kassler A, Bhamare D, Grinnemo K, Andersson J, Pongracz G (2019) Programmable event detection for in-band network telemetry. In: 2019 IEEE 8th international conference on cloud networking (CloudNet), pp 1–6

  28. 28.

    Wong AKY, Ray P, Parameswaran N, Strassner J (2005) Ontology mapping for the interoperability problem in network management. IEEE J Sel Areas Commun 23(10):2058–2068

    Article  Google Scholar 

  29. 29.

    Xu H, Xiao D (2007) Applying semantic web services to automate network management. In: 2nd IEEE conference on industrial electronics and applications, 2007. ICIEA 2007, pp 461–466. IEEE

  30. 30.

    Yoon S, Ha T, Kim S, Lim H (2017) Scalable traffic sampling using centrality measure on SDNs. IEEE Commun Mag 55(7):43–49

    Article  Google Scholar 

  31. 31.

    Zseby T, Hirsch T, Claise B (2008) Packet sampling for flow accounting: challenges and limitations. In: International conference on passive and active network measurement, pp 61–71. Springer

Download references


This work is financed by National Funds through the Portuguese funding agency, FCT Fundação para a Ciência e Tecnologia within Project UIDB /50014/2020 and also by FCT within the R&D Units Project Scope: UIDB/00319/2020.

Author information



Corresponding author

Correspondence to Paulo Carvalho.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This paper is an extended version of a previous work of the authors presented at WorldCist 2019.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Carvalho, P., Rito Lima, S., Álvarez Sabucedo, L. et al. Towards a holistic semantic support for context-aware network monitoring. Computing (2020).

Download citation


  • Recommendation systems
  • Expert systems
  • Ontology
  • Semantic rules
  • Network monitoring
  • Traffic sampling

Mathematics Subject Classification

  • 68M10
  • 68M11
  • 68M12
  • 68Q55