idnits 2.17.1 draft-jilongwang-opsawg-crc-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 14, 2019) is 1656 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- No issues found here. Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 opsawg WJL. Wang, Ed. 3 Internet-Draft MCC. Miao, Ed. 4 Intended status: Informational ZSY. Zhuang, Ed. 5 Expires: April 16, 2020 ZQL. Zhang, Ed. 6 Tsinghua University 7 CJF. Chen, Ed. 8 CETC 9 October 14, 2019 11 Framework for Network Resources Categorization 12 draft-jilongwang-opsawg-crc-02 14 Abstract 16 This memo presents the definition of cyberspace resource, and then 17 discusses a classification framework for cyberspace resources. 18 Cyberspace is widely applied in people's daily life and it is 19 regarded as a new space, paralleled to the geographic space. There 20 are various resources in cyberspace. However, they have not been 21 systematically defined and classified. The objective of this draft 22 is to present the deifinition of cyberspace resource and a standard 23 classification framework, thus, supporting the unified resource 24 storage and shares. 26 Status of This Memo 28 This Internet-Draft is submitted in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF). Note that other groups may also distribute 33 working documents as Internet-Drafts. The list of current Internet- 34 Drafts is at https://datatracker.ietf.org/drafts/current/. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 This Internet-Draft will expire on April 16, 2020. 43 Copyright Notice 45 Copyright (c) 2019 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (https://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the Simplified BSD License. 58 Table of Contents 60 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 61 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 62 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 63 3. Use cases . . . . . . . . . . . . . . . . . . . . . . . . . . 4 64 3.1. Network Management . . . . . . . . . . . . . . . . . . . 4 65 3.2. Network Search . . . . . . . . . . . . . . . . . . . . . 4 66 3.3. Network Security . . . . . . . . . . . . . . . . . . . . 5 67 4. Methodology for Network Resources Categorization . . . . . . 5 68 4.1. Basic Principles . . . . . . . . . . . . . . . . . . . . 5 69 4.1.1. Scientific principle . . . . . . . . . . . . . . . . 5 70 4.1.2. Systematic principle . . . . . . . . . . . . . . . . 6 71 4.1.3. Orthogonality principle . . . . . . . . . . . . . . . 6 72 4.1.4. Consistency principle . . . . . . . . . . . . . . . . 6 73 4.1.5. Scalable principle . . . . . . . . . . . . . . . . . 6 74 4.2. Requirements on categorization . . . . . . . . . . . . . 6 75 5. Framework for Network Resources Categorization . . . . . . . 7 76 5.1. Class-I . . . . . . . . . . . . . . . . . . . . . . . . . 7 77 5.2. Class-II . . . . . . . . . . . . . . . . . . . . . . . . 8 78 5.2.1. Network Infrastructure . . . . . . . . . . . . . . . 9 79 5.2.2. Network application service . . . . . . . . . . . . . 10 80 5.2.3. Network data source . . . . . . . . . . . . . . . . . 10 81 5.2.4. Network virtual subject . . . . . . . . . . . . . . . 12 82 5.3. Class-III and Class-IV . . . . . . . . . . . . . . . . . 12 83 5.3.1. Autonomous domain . . . . . . . . . . . . . . . . . . 12 84 5.3.2. Network . . . . . . . . . . . . . . . . . . . . . . . 13 85 5.3.3. Intermediate node . . . . . . . . . . . . . . . . . . 16 86 5.3.4. Terminal node . . . . . . . . . . . . . . . . . . . . 18 87 5.3.5. Link . . . . . . . . . . . . . . . . . . . . . . . . 19 88 5.3.6. Inorganic service . . . . . . . . . . . . . . . . . . 21 89 5.3.7. Organic service . . . . . . . . . . . . . . . . . . . 24 90 5.3.8. Code . . . . . . . . . . . . . . . . . . . . . . . . 25 91 5.3.9. Text resource . . . . . . . . . . . . . . . . . . . . 25 92 5.3.10. Picture resource . . . . . . . . . . . . . . . . . . 26 93 5.3.11. Audio resource . . . . . . . . . . . . . . . . . . . 26 94 5.3.12. Video resource . . . . . . . . . . . . . . . . . . . 27 95 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 27 96 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 27 97 8. Security Considerations . . . . . . . . . . . . . . . . . . . 27 98 9. Normative References . . . . . . . . . . . . . . . . . . . . 27 99 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 28 101 1. Introduction 103 Cyberspace, created by communication technologies especially the 104 Internet, is a virtual space where people can easily communicate with 105 others regardless of geographic distance. Due to its convenience, 106 cyberspace has been widely applied in people' daily life and it is 107 regarded as a new space, paralleled to the geographic space. The 108 widely adoption of cyberspace has promote the rapid growth of 109 cyberspace resources. 111 Since the resources in cyberspace have exsited objectively, such as 112 traditional network facilities, access devices, network applications 113 and network datas, it is even not defined up to now. Furthermore, 114 there are not any systematical classification frameworks for 115 cyberspace resources. Most of them are given corresponding names 116 depending on their purpose or vendor, but they seem to be in a 117 "divine" state. Therefore, the resources in cyberspace are not able 118 to stored and shared unifiedly. 120 In order to provide a unified description of cyberspace resources, 121 this draft firstly gives the definition of resources in cyberspace. 122 Then it designs a standard classification framework to classify the 123 resource in cyberspace. This standard framework helps to establish a 124 unified cyberspace resources database, which can be used as the basis 125 for network information storage and sharing in both academia and 126 industry field. 128 1.1. Requirements Language 130 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 131 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 132 document are to be interpreted as described in RFC 2119 [RFC2119]. 134 2. Terminology 136 Methods of linear classification: The classification objects are 137 divided into several levels according to specific forms and 138 attributes, and each level is divided into several categories. The 139 same level category constitutes a parallel relationship, and 140 different level categories form a affiliation relationship. 142 category in higher level: In the methods of linear classification , a 143 category is called category in higher level relative to the next- 144 level category directly divided by it. 146 category in lower level: In the methods of linear classification, a 147 category is called category in lower level relative to the upper- 148 level category that classifies the category. 150 category in same level: In the methods of linear classification, a 151 number of lower-level categories directly classified by a category 152 are called category in same level. 154 3. Use cases 156 The following sections highlight some of the most common framework 157 for network resources categorization use case scenarios and are in no 158 way exhaustive. 160 3.1. Network Management 162 Network management is the process of administering and managing 163 computer networks. Services provided by this discipline include 164 fault analysis, performance management, provisioning of networks and 165 maintaining the quality of service. Now The variety of resources 166 lead to confusion in network. Network resources as the object of 167 network management need to be paid more attention. But for network 168 managers, there is a lack of uniform identification, location and 169 management of resources. 171 The framework for network resources categorization offers a way for 172 network managers to divide the managed resources. It provides unique 173 identities for each resource, that is, all resources can find the 174 appropriate location in the resources framework tree. Then the 175 corresponding code, name and attributes are added into the database 176 to facilitate unified management. At the same time, for resources 177 with abnormal properties ,it can be located and fixed vulnerabilities 178 in time. 180 3.2. Network Search 182 Now many platforms(Shodan, Censys etc.) detect network from the 183 network layer to the application layer based on multiple detection 184 technologies. The main goal is to identify network resources, 185 including websites, network hardware, etc and provide network 186 identifiable resources search and classification, establish 187 corresponding database to support user full-text search, regular 188 expression, boolean logic and digital range search. But the lack of 189 a unified standardized model will lead to inaccurate and incomplete 190 retrieval of resources. 192 This framework classifies the resources of the whole network. It can 193 be used to fill the resources search database, and cover the 194 resources that have not been covered before. At the same time, 195 standardize the storage of network resources and improve the search 196 efficiency. 198 3.3. Network Security 200 Network viruses and worms themselves are also a kind of network 201 resources. With the deepening of network opening and complexity, 202 network viruses and worms are evolving constantly, and the 203 characteristics of diversity and spatial discretization are 204 increasing, resulting in a great hidden danger of network security. 206 The framework for network resources categorization can locate the 207 network resources more accurately and distinguish the benign or 208 malignant network resources, study the process of virus evolution and 209 the possible effects according to the attached attributes , and 210 provide a clearer way to safeguard the operation of network space 211 security, such as anti virus, antivirus and so on. 213 4. Methodology for Network Resources Categorization 215 4.1. Basic Principles 217 The network resources categorization rules SHOULD follow the 218 following principles to meet the completeness, measurability, 219 scalability and relative orthogonality of resources categorization. 221 4.1.1. Scientific principle 223 Categorization rules SHOULD be consistent with the basic. 224 organizational rules of network resources. 226 The resources categorization perspective SHOULD meet the traditional 227 internet resources integration requirements, and meet the mapping 228 entity integration requirements of the multi-sources mapping 229 platform. 231 The resources categorization system SHOULD start from the traditional 232 network resources system and cover resource elements and have certain 233 compatibility. 235 4.1.2. Systematic principle 237 The network resources categorization architecture can sort and 238 systemize all network resources according to their characteristics, 239 correctly reflect the vertical and horizontal architecture, and form 240 a reasonable categorization system. 242 Each resource in the system occupies a position. And it SHALL 243 reflect the certain relationship between resources, and profoundly 244 reveal the network relationship and the whole picture between 245 resources. 247 4.1.3. Orthogonality principle 249 Each taxonomic unit of each categorization level in the resources 250 categorization system SHOULD be mutually incompatible, so that any 251 network resource cannot belong to two groups at the same time. That 252 is, the unique encoding allows the network resources to be uniquely 253 identified and described. 255 4.1.4. Consistency principle 257 Categorization design SHOULD be consistent with other national 258 standards in related fields, and at the same time meets the original 259 information concept and semantic consistency when resources coding 260 and code expansion, addition and deletion. 262 4.1.5. Scalable principle 264 It SHALL meet the needs of the development and change of network 265 resources to a great extent. It can increase the categorization of 266 different levels and can also be extended for expansion of unknown 267 resources. 269 4.2. Requirements on categorization 271 This section describes the requirements for categorization of network 272 resources . The network resources categorization SHOULD meet these 273 requirements to make sure it is orthogonal and accurate. Note that 274 the requirements listed in this section have been separated from the 275 context in which they may appear. 277 The following template is used for the definition of the 278 Requirements: 280 Req-ID: An ID composed of a unique two-digit number. 282 Description: The rationale and description of the requirement. 284 The detail requirements on categorization are listed as following: 286 Req-ID: 01 288 Description: The total range of categories in lower level classified 289 by categories in higher level SHOULD be the same as the range of 290 categories in higher level. 292 Req-ID: 02 294 Description: When dividing category in higher level, SHOULD choose 295 the same classification perspective to get the categories in lower 296 level. 298 Req-ID: 03 300 Description: The categories in same level SHALL do not intersect, do 301 not repeat, and only correspond to a category in higher level. 303 Req-ID: 04 305 Description: Categorization SHOULD be carried out from high to low, 306 and there MUST be no jump. 308 5. Framework for Network Resources Categorization 310 This framework for network resources categorization uses methods of 311 linear classification to classify them into five categories: 312 category, sub-category, large, medium and small-category based on the 313 above principles and requirements. It specifies the classification 314 names of the categories, Class-I, Class-II, Class-III, Class-IV, 315 Class-V, and the small-categories are subdivided and named according 316 to the application requirements. 318 5.1. Class-I 320 Firstly, The categories of network resources are divided into four 321 categories: the network infrastructure, the network application 322 service, the network data resource and the network virtual body based 323 on the sources, applications and activities of network resources. 324 Then the 4 categories are further subdivided into 12 sub-categories. 326 The following template is used for the definition of the 327 categorization of network resources: 329 Class-I: The name of network resources category in highest level 330 EnCode-q: An ID organized in OID format to identify network 331 resources. It can be added to 1.3.6.1.2 mgmt RFC3232 [RFC3232]. 333 Upper-Class: The name of its category in higher level. 335 Attribute:The characteristics of this network resource category from 336 different levels of internet. 338 Class-I: Network Infrastructure 340 EnCode-q:1 342 Upper-Class: None 344 Attribute:MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 345 address\ Operating System\ 347 Class-I: Network application service 349 EnCode-q:2 351 Upper-Class: None 353 Attribute:MAC Address\IP Address\Port\Service\ Protocol\Performance\ 355 Class-I: Network data source 357 EnCode-q:3 359 Upper-Class: None 361 Attribute:IP Address\Port\Service\ Protocol\ Data Format\ Data 362 size\Data Permission\ 364 Class-I: Network virtual subject 366 EnCode-q:4 368 Upper-Class: None 370 Attribute:IP Address\Port\Service\ Protocol\Account Name\ Landing 371 Time\ 373 5.2. Class-II 375 The following template is used for the definition of the 376 categorization of network resources category in second category 377 level: 379 Class-II: The name of network resources category in second level 381 EnCode-q: An ID organized in OID format to identify network 382 resources. It can be added to 1.3.6.1.2 mgmt RFC3232 [RFC3232]. 384 Upper-Class: The name of its category in higher level. 386 Attribute: The characteristics of this network resource category from 387 different levels of internet. 389 5.2.1. Network Infrastructure 391 The Network infrastructure is the physical part of the network 392 resources which provides basic support, including various hardware 393 devices. It is the material basis of all network services and is 394 divided into the following 5 sub-category based on the internet 395 architecture and its network functions, device roles and network 396 levels . 398 Class-II: Autonomous domain 400 EnCode-q:1.1 402 Upper-Class: Network Infrastructure (EnCode-q:1) 404 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 405 address\ Operating 406 System\ASN\ISP\Institutions\Organizations\Operators\ 408 Class-II: Network 410 EnCode-q:1.2 412 Upper-Class: Network Infrastructure (EnCode-q:1) 414 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 415 address\ Operating System\Network 417 Class-II: Intermediate node 419 EnCode-q:1.3 421 Upper-Class: Network Infrastructure (EnCode-q:1) 423 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 424 address\ Operating System\Model Number Code 426 Class-II: Terminal node 427 EnCode-q:1.4 429 Upper-Class: Network Infrastructure (EnCode-q:1) 431 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 432 address\ Operating System\ Model Number Code\ 434 Class-II: Link 436 EnCode-q:1.5 438 Upper-Class: Network Infrastructure (EnCode-q:1) 440 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 441 address\ Operating System\ Transmission medium\Protocol\ 443 5.2.2. Network application service 445 Network application service is an application running on top of the 446 network application layer and provide data storage, manipulation, 447 rendering, communication, or other capabilities. These capabilities 448 typically use an application layer network protocol. It is 449 classified into inorganic services and organic services based on the 450 internet architecture and the unity of a network application service. 452 Class-II: Inorganic service 454 EnCode-q:2.1 456 Upper-Class: Network application service (EnCode-q:2) 458 Attribution: MAC Address\IP Address\Port\Service\ 459 Protocol\Performance\ 461 Class-II: Organic service 463 EnCode-q:2.2 465 Upper-Class: Network application service (EnCode-q:2) 467 Attribution: MAC Address\IP Address\Port\Service\ 468 Protocol\Performance\ 470 5.2.3. Network data source 472 Network data is defined as a resource that is stored on the Internet 473 and is not running. We divide it into five categories based on 474 resource content. 476 Class-II: Code 478 EnCode-q:3.1 480 Upper-Class: Network data source(EnCode-q:3) 482 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 483 size\Data Permission\ Programming Language\ 485 Class-II: Text resource 487 EnCode-q:3.2 489 Upper-Class: Network data source(EnCode-q:3) 491 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 492 size\Data Permission\ 494 Class-II: Picture resource 496 EnCode-q:3.3 498 Upper-Class: Network data source(EnCode-q:3) 500 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 501 size\Data Permission\ 503 Class-II: Audio resource 505 EnCode-q:3.4 507 Upper-Class: Network data source(EnCode-q:3) 509 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 510 size\Data Permission\ 512 Class-II: Video resource 514 EnCode-q:3.5 516 Upper-Class: Network data source(EnCode-q:3) 518 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 519 size\Data Permission\ 521 5.2.4. Network virtual subject 523 The virtual subject of network refers to the account behavior of the 524 network virtual feature stored on the Internet. The carrier of the 525 user in network is a virtual account, So The network virtual subject 526 is divided into the following sub- category. 528 Class-II: Network account 530 EnCode-q:4.1 532 Upper-Class: Network virtual subject (EnCode-q:4) 534 Attribution: IP Address\Port\Service\ Protocol\Account Name\ Landing 535 Time\ 537 5.3. Class-III and Class-IV 539 Note that Network infrastructure, the categorization of the large- 540 categories are organized from the hierarchical location of the 541 network infrastructure in the network architecture and the role 542 played by it. 544 Note that Network application service, first organize the 545 categorization of large-category from the perspective of whether the 546 application is based on ports, and then classify these categories 547 according to the types of services provided by the application. 549 Note that Network data source, firstly the categorization of large- 550 categories are organized from whether the data resources need to be 551 compiled, the storage mode , structure of the data resources and the 552 functions of the data resources are completed. And then classify 553 these categories according to the application scenarios of the data 554 and the data are performed. 556 On the basis of category and sub-category, the resources are further 557 classified and named according to methods of linear classification. 558 On the basis of 4 Class-I and 13 Class-II, there are 22 categories, 559 of which there are 10 network infrastructure categories,5 network 560 application services categories and 7 network data resources 561 categories. 563 5.3.1. Autonomous domain 565 We continue "Autonomous domain" sub-category categorization. 567 Class-III: Autonomous domain. 569 EnCode-q:1.1.1 571 Upper-Class: Autonomous domain (EnCode-q:1.1) 573 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 574 address\ Operating 575 System\ASN\ISP\Institutions\Organizations\Operators\ 577 According to the division of the number of digits of the autonomous 578 system number ASN which is owned by each autonomous region. This 579 large-category is divided into 16 autonomous regions and 32 580 autonomous regions, with a total of 2 categories. 582 Class-IV:Autonomous domain(16 bits) 584 EnCode-q:1.1.1.1 586 Upper-Class: Autonomous domain (EnCode-q:1.1.1) 588 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 589 address\ Operating 590 System\ASN\ISP\Institutions\Organizations\Operators\ 592 Class-IV:Autonomous domain(32 bits) 594 EnCode-q:1.1.1.2 596 Upper-Class: Autonomous domain (EnCode-q:1.1.1) 598 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 599 address\ Operating 600 System\ASN\ISP\Institutions\Organizations\Operators\ 602 5.3.2. Network 604 The subcategories of "network" are organized in accordance with the 605 characteristics of whether the application layer is only oriented to 606 the application layer or the main application layer. 608 Class-III: physical network 610 EnCode-q:1.2.1 612 Upper-Class: Network (EnCode-q:1.2) 614 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 615 address\ Operating System\Network\ 616 Class-III: overlay network 618 EnCode-q:1.2.2 620 Upper-Class: Network (EnCode-q:1.2) 622 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 623 address\ Operating System\Network\ 625 The physical network is divided into categories: the backbone 626 network, the access network, the Internet of things, the industrial 627 network and the other network according to the hierarchical position 628 of the network ,the deployed area, and the production and life tasks 629 undertaken in the entire network architecture. 631 Class-IV: backbone network 633 EnCode-q:1.2.1.1 635 Upper-Class: physical network (EnCode-q:1.2.1) 637 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 638 address\ Operating System\Network\ Organization\ 640 Class-IV: access network 642 EnCode-q:1.2.1.2 644 Upper-Class: physical network (EnCode-q:1.2.1) 646 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 647 address\ Operating System\Network\ Organization\ 649 Class-IV: Internet of things 651 EnCode-q:1.2.1.3 653 Upper-Class: physical network (EnCode-q:1.2.1) 655 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 656 address\ Operating System\Network\ 658 Class-IV: industrial network 660 EnCode-q:1.2.1.4 662 Upper-Class: physical network (EnCode-q:1.2.1) 663 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 664 address\ Operating System\Network\Protocol\ 666 Class-IV: other network 668 EnCode-q:1.2.1.5 670 Upper-Class: physical network (EnCode-q:1.2.1) 672 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 673 address\ Operating System\Network\ 675 The overlay network is divided into 4 categories:Content Delivery 676 Network, peer-to-peer network, virtual private network and the other 677 network. 679 Class-IV:Content Delivery Network 681 EnCode-q:1.2.2.1 683 Upper-Class: overlay network (EnCode-q:1.2.2) 685 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 686 address\ Operating System\Network\ 688 Class-IV:peer-to-peer network 690 EnCode-q:1.2.2.2 692 Upper-Class: overlay network (EnCode-q:1.2.2) 694 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 695 address\ Operating System\Network\ 697 Class-IV:virtual private network RFC2764 [RFC2764] 699 EnCode-q:1.2.2.3 701 Upper-Class: overlay network (EnCode-q:1.2.2) 703 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 704 address\ Operating System\Network\ 706 Class-IV:other network 708 EnCode-q:1.2.2.4 710 Upper-Class: overlay network (EnCode-q:1.2.2) 711 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 712 address\ Operating System\Network\ 714 5.3.3. Intermediate node 716 The "intermediate node" sub-category organizes a large-category 717 according to the functions that nodes play in the network 718 architecture. It is divided into routing node, switching node, and 719 controlling node. 721 Class-III: routing node 723 EnCode-q:1.3.1 725 Upper-Class: Intermediate node(EnCode-q:1.3) 727 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 728 address\ Operating System\Model Number Code\ Routing Protocol\ 730 Class-III: switching node 732 EnCode-q:1.3.2 734 Upper-Class: Intermediate node(EnCode-q:1.3) 736 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 737 address\ Operating System\Model Number Code\ 739 Class-III: controlling node 741 EnCode-q:1.3.3 743 Upper-Class: Intermediate node(EnCode-q:1.3) 745 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 746 address\ Operating System\Model Number Code\ 748 The routing node is classified into categories inter-domain routing 749 node and intra-domain routing node according to the working level of 750 the routing. 752 Class-IV: inter-domain routing node RFC904 [RFC904] 754 EnCode-q:1.3.1.1 756 Upper-Class: routing node (EnCode-q:1.3.1) 757 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 758 address\Operating System\Model Number Code\ Routing Protocol\ 760 Class-IV: intra-domain routing node 762 EnCode-q:1.3.1.2 764 Upper-Class: routing node (EnCode-q:1.3.1) 766 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 767 address\Operating System\Model Number Code\ Routing Protocol\ASN\ISP\ 769 The switching node is organized into different categories according 770 to different network segments where the node is located. 772 Class-IV: hub 774 EnCode-q:1.3.2.1 776 Upper-Class: switching node (EnCode-q:1.3.2) 778 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 779 address\ Operating System\Model Number Code\ 781 Class-IV: bridge RFC1242 [RFC1242] 783 EnCode-q:1.3.2.2 785 Upper-Class: switching node (EnCode-q:1.3.2) 787 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 788 address\ Operating System\Model Number Code\ 790 Class-IV: switch 792 EnCode-q:1.3.2.3 794 Upper-Class: switching node (EnCode-q:1.3.2) 796 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 797 address\ Operating System\Model Number Code\ 799 Class-IV: gateway 801 EnCode-q:1.3.2.4 803 Upper-Class: switching node (EnCode-q:1.3.2) 804 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 805 address\ Operating System\Model Number Code\ 807 Class-IV: other 809 EnCode-q:1.3.2.5 811 Upper-Class: switching node (EnCode-q:1.3.2) 813 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 814 address\ Operating System\Model Number Code\ 816 The controlling node is no longer to be classified here. 818 5.3.4. Terminal node 820 The "Terminal node" sub-category organizes a large-category according 821 to the functions played by the terminal in actual production and 822 life. It is divided into client, site, hybrid node, and a total of 823 three major categories. 825 Class-III: client 827 EnCode-q:1.4.1 829 Upper-Class: Terminal node (EnCode-q:1.4) 831 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 832 address\ Operating System\ Model Number Code\ 834 Class-III: server 836 EnCode-q:1.4.2 838 Upper-Class: Terminal node (EnCode-q:1.4) 840 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 841 address\ Operating System\ Model Number Code\Performance\ 843 Class-III: hybrid node 845 EnCode-q:1.4.3 847 Upper-Class: Terminal node (EnCode-q:1.4) 849 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 850 address\ Operating System\ Model Number Code\ 851 The client category is subdivided into desktop device, mobile device, 852 sensor device, and other according to the physical device types of 853 the nodes. 855 Class-IV: desktop device 857 EnCode-q:1.4.1.1 859 Upper-Class: client (EnCode-q:1.4.1) 861 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 862 address\ Operating System\ Model Number Code\ 864 Class-IV: mobile device 866 EnCode-q:1.4.1.2 868 Upper-Class: client (EnCode-q:1.4.1) 870 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 871 address\ Operating System\ Model Number Code\ 873 Class-IV: sensor device 875 EnCode-q:1.4.1.3 877 Upper-Class: client (EnCode-q:1.4.1) 879 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 880 address\ Operating System\ Model Number Code\ Detection information\ 882 Class-IV: other 884 EnCode-q:1.4.1.4 886 Upper-Class: client (EnCode-q:1.4.1) 888 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 889 address\ Operating System\ Model Number Code\ 891 The server and hybrid node continue the division of their sub- 892 category 894 5.3.5. Link 896 The "Link" sub-category is organized into a large-category of 897 transmission links according to the transmission medium used by the 898 network, and is divided into two categories: wired link and wireless 899 link. 901 Class-III: wired link 903 EnCode-q:1.5.1 905 Upper-Class: Link (EnCode-q:1.5) 907 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 908 address\ Operating System\ Transmission medium\Protocol\ 910 Class-III: wireless link 912 EnCode-q:1.5.2 914 Upper-Class: Link (EnCode-q:1.5) 916 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 917 addre 919 The wired link category is organized according to the material of the 920 transmission medium and the winding mode of the transmission medium. 921 It is divided into twisted pair, coaxial cable, digital subscriber 922 line ,optical fiber and other. 924 Class-IV: twisted pair 926 EnCode-q:1.5.1.1 928 Upper-Class: wired link (EnCode-q:1.5.1) 930 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 931 address\ Operating System\ Transmission medium\Protocol\ 933 Class-IV: coaxial cable 935 EnCode-q:1.5.1.2 937 Upper-Class: wired link (EnCode-q:1.5.1) 939 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 940 address\ Operating System\ Transmission medium\Protocol\ 942 Class-IV: digital subscriber line 944 EnCode-q:1.5.1.3 945 Upper-Class: wired link (EnCode-q:1.5.1) 947 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 948 address\ Operating System\ Transmission medium\Protocol\ 950 Class-IV: optical fiber 952 EnCode-q:1.5.1.4 954 Upper-Class: wired link (EnCode-q:1.5.1) 956 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 957 address\ Operating System\ Transmission medium\Protocol\ 959 Class-IV: other 961 EnCode-q:1.5.1.5 963 Upper-Class: wired link (EnCode-q:1.5.1) 965 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 966 address\ Operating System\ Transmission medium\Protocol\ 968 The wireless is no longer to be classified here. 970 5.3.6. Inorganic service 972 The "Inorganic Service" sub-category, according to the port type used 973 by the application, the tight program bound to the application and 974 the port RFC6346 [RFC6346], organizes a large-category. which is 975 divided into generic port service , registered port service , and 976 dynamic/private port service. 978 Class-III: generic port service 980 EnCode-q:2.1.1 982 Upper-Class: Inorganic service (EnCode-q:2.1) 984 Attribution: MAC Address\IP Address\Port\Service\ 985 Protocol\Performance\ 987 Class-III: registered port service 989 EnCode-q:2.1.2 991 Upper-Class: Inorganic service (EnCode-q:2.1) 992 Attribution: MAC Address\IP Address\Port\Service\ 993 Protocol\Performance\ 995 Class-III: dynamic/private port service 997 EnCode-q:2.1.3 999 Upper-Class: Inorganic service (EnCode-q:2.1) 1001 Attribution: MAC Address\IP Address\Port\Service\ 1002 Protocol\Performance\ 1004 According to the port used and the type of service provided, the 1005 generic port service is divided into website service (HTTP, HTTPS), 1006 file transfer service (FTP, TFTP), mail service (SMTP, POP3, IMAP), 1007 network management service (SNMP) RFC1157 [RFC1157], domain name 1008 service (DNS) and other. 1010 Class-IV: website service 1012 EnCode-q:2.1.1.1 1014 Upper-Class: generic port service (EnCode-q:2.1.1) 1016 Attribution: MAC Address\IP Address\Port\Service\ 1017 Protocol\Performance\URL\ 1019 Class-IV: file transfer service 1021 EnCode-q:2.1.1.2 1023 Upper-Class: generic port service (EnCode-q:2.1.1) 1025 Attribution: MAC Address\IP Address\Port\Service\ 1026 Protocol\Performance\ 1028 Class-IV: mail service 1030 EnCode-q:2.1.1.3 1032 Upper-Class: generic port service (EnCode-q:2.1.1) 1034 Attribution: MAC Address\IP Address\Port\Service\ 1035 Protocol\Performance\ 1037 Class-IV: network management service 1039 EnCode-q:2.1.1.4 1040 Upper-Class: generic port service (EnCode-q:2.1.1) 1042 Attribution: MAC Address\IP Address\Port\Service\ 1043 Protocol\Performance\ 1045 Class-IV: domain name service 1047 EnCode-q:2.1.1.5 1049 Upper-Class: generic port service (EnCode-q:2.1.1) 1051 Attribution: MAC Address\IP Address\Port\Service\ 1052 Protocol\Performance\ 1054 Class-IV: other 1056 EnCode-q:2.1.1.6 1058 Upper-Class: generic port service (EnCode-q:2.1.1) 1060 Attribution: MAC Address\IP Address\Port\Service\ 1061 Protocol\Performance\ 1063 The registered port service is no longer to be classified here. 1064 According to the type of services provided by the application, the 1065 dynamic/private port service is divided into search query service, 1066 audio and video service, shopping service, social service and other. 1068 Class-IV: search query service 1070 EnCode-q:2.1.3.1 1072 Upper-Class: dynamic/private port service (EnCode-q:2.1.3) 1074 Attribution: MAC Address\IP Address\Port\Service\ 1075 Protocol\Performance\ 1077 Class-IV: audio and video service 1079 EnCode-q:2.1.3.2 1081 Upper-Class: dynamic/private port service (EnCode-q:2.1.3) 1083 Attribution: MAC Address\IP Address\Port\Service\ 1084 Protocol\Performance\ 1086 Class-IV: shopping service 1087 EnCode-q:2.1.3.3 1089 Upper-Class: dynamic/private port service (EnCode-q:2.1.3) 1091 Attribution: MAC Address\IP Address\Port\Service\ 1092 Protocol\Performance\ 1094 Class-IV: social service 1096 EnCode-q:2.1.3.4 1098 Upper-Class: dynamic/private port service (EnCode-q:2.1.3) 1100 Attribution: MAC Address\IP Address\Port\Service\ 1101 Protocol\Performance\ 1103 Class-IV: other 1105 EnCode-q:2.1.3.5 1107 Upper-Class: dynamic/private port service (EnCode-q:2.1.3) 1109 Attribution: MAC Address\IP Address\Port\Service\ 1110 Protocol\Performance\ 1112 5.3.7. Organic service 1114 The "organic service" continues the sub-category classification. 1116 Class-III: Organic service 1118 EnCode-q:2.2.1 1120 Upper-Class: Organic service (EnCode-q:2.2) 1122 Attribution: MAC Address\IP Address\Port\Service\ 1123 Protocol\Performance\ 1125 The organic service categories are classified into P2P service , CDN 1126 service and other according to the scenario where the application is 1127 located and the network service function. 1129 Class-IV: P2P service 1131 EnCode-q:2.2.1.1 1133 Upper-Class: Organic service (EnCode-q:2.2.1) 1134 Attribution: MAC Address\IP Address\Port\Service\ 1135 Protocol\Performance\ 1137 Class-IV: CDN service 1139 EnCode-q:2.2.1.2 1141 Upper-Class: Organic service (EnCode-q:2.2.1) 1143 Attribution: MAC Address\IP Address\Port\Service\ 1144 Protocol\Performance\ 1146 Class-IV: other 1148 EnCode-q:2.2.1.3 1150 Upper-Class: Organic service (EnCode-q:2.2.1) 1152 Attribution: MAC Address\IP Address\Port\Service\ 1153 Protocol\Performance\ 1155 5.3.8. Code 1157 The "Code" continues the sub-category classification and is no longer 1158 subdivided. 1160 Class-III: Code 1162 EnCode-q:3.1.1 1164 Upper-Class: Code (EnCode-q:3.1) 1166 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 1167 size\Data Permission\ Programming Language\ 1169 5.3.9. Text resource 1171 The "Text resource" sub-category, according to the storage form of 1172 text, whether the text can be represented by unified data or format 1173 to organize large categories, is divided into structured text, semi- 1174 structured text, unstructured text. 1176 Class-III: structured text 1178 EnCode-q:3.2.1 1180 Upper-Class: Text resource (EnCode-q:3.2) 1181 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 1182 size\Data Permission\ 1184 Class-III: semi-structured text 1186 EnCode-q:3.2.2 1188 Upper-Class: Text resource (EnCode-q:3.2) 1190 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 1191 size\Data Permission\ 1193 Class-III: unstructured text 1195 EnCode-q:3.2.3 1197 Upper-Class: Text resource (EnCode-q:3.2) 1199 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 1200 size\Data Permission\ 1202 The " structured text", "semi-structured text" and " structured text 1203 "continues the large-category classification and is no longer 1204 subdivided. 1206 5.3.10. Picture resource 1208 The "picture resource" continues the sub-category classification and 1209 is no longer subdivided. 1211 Class-III: Picture resource 1213 EnCode-q:3.3.1 1215 Upper-Class: Picture resource (EnCode-q:3.3) 1217 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 1218 size\Data Permission\ 1220 5.3.11. Audio resource 1222 The Audio resource continues the sub-category classification and is 1223 no longer subdivided. 1225 Class-III: Audio resource 1227 EnCode-q:3.4.1 1228 Upper-Class: Audio resource (EnCode-q:3.4) 1230 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 1231 size\Data Permission\ 1233 5.3.12. Video resource 1235 The " Video resource" continues the sub-category classification. and 1236 is no longer subdivided. 1238 Class-III: Video resource 1240 EnCode-q:3.5.1 1242 Upper-Class: Video resource (EnCode-q:3.5) 1244 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 1245 size\Data Permission\ 1247 6. Acknowledgements 1249 The authors would like to thank the support of Tsinghua. University 1250 and China Electronic Technology Group Corporation thirtieth Research 1251 Institute. We also thank the following persons for their suggestions 1252 on earlier versions of this work: Zhi Sun, Jianfeng Chen, Da He, Rui 1253 Xu, Zhihong Rao, etc, for their. discussion, comments and 1254 suggestions. 1256 7. IANA Considerations 1258 This memo includes no request to IANA. 1260 8. Security Considerations 1262 This document only defines a framework for network resources 1263 categorization. This document itself does not directly introduce 1264 security issues. 1266 9. Normative References 1268 [RFC1157] Case, J., "A Simple Network Management Protocol (SNMP)", 1269 RFC 1157, May 1990. 1271 [RFC1242] Bradner, S., "Benchmarking Terminology for Network 1272 Interconnection Devices", RFC 1242, July 1991. 1274 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1275 Requirement Levels", RFC 2119, March 1997. 1277 [RFC2764] Gleeson, B., "A Framework for IP Based Virtual Private 1278 Networks", RFC 2764, February 2000. 1280 [RFC3232] Reynolds, J., "Assigned Numbers: RFC 1700 is Replaced by 1281 an On-line Database", RFC 3232, January 2002. 1283 [RFC6346] Bush, R., "The Address plus Port (A+P) Approach to the 1284 IPv4 Address Shortage", RFC 6346, August 2011. 1286 [RFC904] Mills, D., "A Framework for IP Based Virtual Private 1287 Networks", RFC 904, April 1984. 1289 Authors' Addresses 1291 Jilong Wang (editor) 1292 Tsinghua University 1293 Beijing 100084 1294 China 1296 Email: wjl@tsinghua.edu.cn 1298 Congcong Miao (editor) 1299 Tsinghua University 1300 Beijing 100084 1301 China 1303 Email: mccmiao@163.com 1305 Shuying Zhuang (editor) 1306 Tsinghua University 1307 Beijing 100084 1308 China 1310 Email: 17751034616@163.com 1312 Qianli Zhang (editor) 1313 Tsinghua University 1314 Beijing 100084 1315 China 1317 Email: zhang@cernet.edu.cn 1318 Jianfeng Chen (editor) 1319 CETC 1320 Chengdu 610000 1321 China 1323 Email: atrix@163.com