Internet-Draft | Cyberspace Resources Categorization | December 2022 |
Wang, et al. | Expires 16 June 2023 | [Page] |
This memo presents the definition of cyberspace resource, and then discusses a classification framework for cyberspace resources. Cyberspace is widely applied in people's daily life and it is regarded as a new space, paralleled to the geographic space. There are various resources in cyberspace. However, they have not been systematically defined and classified. The objective of this draft is to present the deifinition of cyberspace resource and a standard classification framework, thus, supporting the unified resource storage and shares.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 16 June 2023.¶
Copyright (c) 2022 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
Cyberspace, created by communication technologies especially the Internet, is a virtual space where people can easily communicate with others regardless of geographic distance. Due to its convenience, cyberspace has been widely applied in people' daily life and it is regarded as a new space, paralleled to the geographic space. The widely adoption of cyberspace has promote the rapid growth of cyberspace resources.¶
Since the resources in cyberspace have exsited objectively, such as traditional network facilities, access devices, network applications and network datas, it is even not defined up to now. Furthermore, there are not any systematical classification frameworks for cyberspace resources. Most of them are given corresponding names depending on their purpose or vendor, but they seem to be in a "divine" state. Therefore, the resources in cyberspace are not able to stored and shared unifiedly.¶
In order to provide a unified description of cyberspace resources, this draft firstly gives the definition of resources in cyberspace. Then it designs a standard classification framework to classify the resource in cyberspace. This standard framework helps to establish a unified cyberspace resources database, which can be used as the basis for network information storage and sharing in both academia and industry field.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].¶
Methods of linear classification: The classification objects are divided into several levels according to specific forms and attributes, and each level is divided into several categories. The same level category constitutes a parallel relationship, and different level categories form a affiliation relationship.¶
category in higher level: In the methods of linear classification , a category is called category in higher level relative to the next-level category directly divided by it.¶
category in lower level: In the methods of linear classification, a category is called category in lower level relative to the upper-level category that classifies the category.¶
category in same level: In the methods of linear classification, a number of lower-level categories directly classified by a category are called category in same level.¶
The following sections highlight some of the most common framework for network resources categorization use case scenarios and are in no way exhaustive.¶
Network management is the process of administering and managing computer networks. Services provided by this discipline include fault analysis, performance management, provisioning of networks and maintaining the quality of service. Now The variety of resources lead to confusion in network. Network resources as the object of network management need to be paid more attention. But for network managers, there is a lack of uniform identification, location and management of resources.¶
The framework for network resources categorization offers a way for network managers to divide the managed resources. It provides unique identities for each resource, that is, all resources can find the appropriate location in the resources framework tree. Then the corresponding code, name and attributes are added into the database to facilitate unified management. At the same time, for resources with abnormal properties ,it can be located and fixed vulnerabilities in time.¶
Now many platforms(Shodan, Censys etc.) detect network from the network layer to the application layer based on multiple detection technologies. The main goal is to identify network resources, including websites, network hardware, etc and provide network identifiable resources search and classification, establish corresponding database to support user full-text search, regular expression, boolean logic and digital range search. But the lack of a unified standardized model will lead to inaccurate and incomplete retrieval of resources.¶
This framework classifies the resources of the whole network. It can be used to fill the resources search database, and cover the resources that have not been covered before. At the same time, standardize the storage of network resources and improve the search efficiency.¶
Network viruses and worms themselves are also a kind of network resources. With the deepening of network opening and complexity, network viruses and worms are evolving constantly, and the characteristics of diversity and spatial discretization are increasing, resulting in a great hidden danger of network security.¶
The framework for network resources categorization can locate the network resources more accurately and distinguish the benign or malignant network resources, study the process of virus evolution and the possible effects according to the attached attributes , and provide a clearer way to safeguard the operation of network space security, such as anti virus, antivirus and so on.¶
The network resources categorization rules SHOULD follow the following principles to meet the completeness, measurability, scalability and relative orthogonality of resources categorization.¶
Categorization rules SHOULD be consistent with the basic. organizational rules of network resources.¶
The resources categorization perspective SHOULD meet the traditional internet resources integration requirements, and meet the mapping entity integration requirements of the multi-sources mapping platform.¶
The resources categorization system SHOULD start from the traditional network resources system and cover resource elements and have certain compatibility.¶
The network resources categorization architecture can sort and systemize all network resources according to their characteristics, correctly reflect the vertical and horizontal architecture, and form a reasonable categorization system.¶
Each resource in the system occupies a position. And it SHALL reflect the certain relationship between resources, and profoundly reveal the network relationship and the whole picture between resources.¶
Each taxonomic unit of each categorization level in the resources categorization system SHOULD be mutually incompatible, so that any network resource cannot belong to two groups at the same time. That is, the unique encoding allows the network resources to be uniquely identified and described.¶
Categorization design SHOULD be consistent with other national standards in related fields, and at the same time meets the original information concept and semantic consistency when resources coding and code expansion, addition and deletion.¶
It SHALL meet the needs of the development and change of network resources to a great extent. It can increase the categorization of different levels and can also be extended for expansion of unknown resources.¶
This section describes the requirements for categorization of network resources . The network resources categorization SHOULD meet these requirements to make sure it is orthogonal and accurate. Note that the requirements listed in this section have been separated from the context in which they may appear.¶
The following template is used for the definition of the Requirements:¶
Req-ID: An ID composed of a unique two-digit number.¶
Description: The rationale and description of the requirement.¶
The detail requirements on categorization are listed as following:¶
Req-ID: 01¶
Description: The total range of categories in lower level classified by categories in higher level SHOULD be the same as the range of categories in higher level.¶
Req-ID: 02¶
Description: When dividing category in higher level, SHOULD choose the same classification perspective to get the categories in lower level.¶
Req-ID: 03¶
Description: The categories in same level SHALL do not intersect, do not repeat, and only correspond to a category in higher level.¶
Req-ID: 04¶
Description: Categorization SHOULD be carried out from high to low, and there MUST be no jump.¶
This framework for network resources categorization uses methods of linear classification to classify them into five categories: category, sub-category, large, medium and small-category based on the above principles and requirements. It specifies the classification names of the categories, Class-I, Class-II, Class-III, Class-IV, Class-V, and the small-categories are subdivided and named according to the application requirements.¶
Firstly, The categories of network resources are divided into four categories: the network infrastructure, the network application service, the network data resource and the network virtual body based on the sources, applications and activities of network resources. Then the 4 categories are further subdivided into 12 sub-categories.¶
The following template is used for the definition of the categorization of network resources:¶
Class-I: The name of network resources category in highest level¶
EnCode-q: An ID organized in OID format to identify network resources. It can be added to 1.3.6.1.2 mgmt RFC3232 [RFC3232].¶
Upper-Class: The name of its category in higher level.¶
Attribute:The characteristics of this network resource category from different levels of internet.¶
Class-I: Network Infrastructure¶
EnCode-q:1¶
Upper-Class: None¶
Attribute:MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\¶
Class-I: Network application service¶
EnCode-q:2¶
Upper-Class: None¶
Attribute:MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
Class-I: Network data source¶
EnCode-q:3¶
Upper-Class: None¶
Attribute:IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\¶
Class-I: Network virtual subject¶
EnCode-q:4¶
Upper-Class: None¶
Attribute:IP Address\Port\Service\ Protocol\Account Name\ Landing Time\¶
The following template is used for the definition of the categorization of network resources category in second category level:¶
Class-II: The name of network resources category in second level¶
EnCode-q: An ID organized in OID format to identify network resources. It can be added to 1.3.6.1.2 mgmt RFC3232 [RFC3232].¶
Upper-Class: The name of its category in higher level.¶
Attribute: The characteristics of this network resource category from different levels of internet.¶
The Network infrastructure is the physical part of the network resources which provides basic support, including various hardware devices. It is the material basis of all network services and is divided into the following 5 sub-category based on the internet architecture and its network functions, device roles and network levels .¶
Class-II: Autonomous domain¶
EnCode-q:1.1¶
Upper-Class: Network Infrastructure (EnCode-q:1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ASN\ISP\Institutions\Organizations\Operators\¶
Class-II: Network¶
EnCode-q:1.2¶
Upper-Class: Network Infrastructure (EnCode-q:1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network¶
Class-II: Intermediate node¶
EnCode-q:1.3¶
Upper-Class: Network Infrastructure (EnCode-q:1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code¶
Class-II: Terminal node¶
EnCode-q:1.4¶
Upper-Class: Network Infrastructure (EnCode-q:1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Model Number Code\¶
Class-II: Link¶
EnCode-q:1.5¶
Upper-Class: Network Infrastructure (EnCode-q:1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Transmission medium\Protocol\¶
Network application service is an application running on top of the network application layer and provide data storage, manipulation, rendering, communication, or other capabilities. These capabilities typically use an application layer network protocol. It is classified into inorganic services and organic services based on the internet architecture and the unity of a network application service.¶
Class-II: Inorganic service¶
EnCode-q:2.1¶
Upper-Class: Network application service (EnCode-q:2)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
Class-II: Organic service¶
EnCode-q:2.2¶
Upper-Class: Network application service (EnCode-q:2)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
Network data is defined as a resource that is stored on the Internet and is not running. We divide it into five categories based on resource content.¶
Class-II: Code¶
EnCode-q:3.1¶
Upper-Class: Network data source(EnCode-q:3)¶
Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\ Programming Language\¶
Class-II: Text resource¶
EnCode-q:3.2¶
Upper-Class: Network data source(EnCode-q:3)¶
Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\¶
Class-II: Picture resource¶
EnCode-q:3.3¶
Upper-Class: Network data source(EnCode-q:3)¶
Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\¶
Class-II: Audio resource¶
EnCode-q:3.4¶
Upper-Class: Network data source(EnCode-q:3)¶
Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\¶
Class-II: Video resource¶
EnCode-q:3.5¶
Upper-Class: Network data source(EnCode-q:3)¶
Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\¶
The virtual subject of network refers to the account behavior of the network virtual feature stored on the Internet. The carrier of the user in network is a virtual account, So The network virtual subject is divided into the following sub- category.¶
Class-II: Network account¶
EnCode-q:4.1¶
Upper-Class: Network virtual subject (EnCode-q:4)¶
Attribution: IP Address\Port\Service\ Protocol\Account Name\ Landing Time\¶
Note that Network infrastructure, the categorization of the large-categories are organized from the hierarchical location of the network infrastructure in the network architecture and the role played by it.¶
Note that Network application service, first organize the categorization of large-category from the perspective of whether the application is based on ports, and then classify these categories according to the types of services provided by the application.¶
Note that Network data source, firstly the categorization of large-categories are organized from whether the data resources need to be compiled, the storage mode , structure of the data resources and the functions of the data resources are completed. And then classify these categories according to the application scenarios of the data and the data are performed.¶
On the basis of category and sub-category, the resources are further classified and named according to methods of linear classification. On the basis of 4 Class-I and 13 Class-II, there are 22 categories, of which there are 10 network infrastructure categories,5 network application services categories and 7 network data resources categories.¶
We continue "Autonomous domain" sub-category categorization.¶
Class-III: Autonomous domain.¶
EnCode-q:1.1.1¶
Upper-Class: Autonomous domain (EnCode-q:1.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ASN\ISP\Institutions\Organizations\Operators\¶
According to the division of the number of digits of the autonomous system number ASN which is owned by each autonomous region. This large-category is divided into 16 autonomous regions and 32 autonomous regions, with a total of 2 categories.¶
Class-IV:Autonomous domain(16 bits)¶
EnCode-q:1.1.1.1¶
Upper-Class: Autonomous domain (EnCode-q:1.1.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ASN\ISP\Institutions\Organizations\Operators\¶
Class-IV:Autonomous domain(32 bits)¶
EnCode-q:1.1.1.2¶
Upper-Class: Autonomous domain (EnCode-q:1.1.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ASN\ISP\Institutions\Organizations\Operators\¶
The subcategories of "network" are organized in accordance with the characteristics of whether the application layer is only oriented to the application layer or the main application layer.¶
Class-III: physical network¶
EnCode-q:1.2.1¶
Upper-Class: Network (EnCode-q:1.2)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\¶
Class-III: overlay network¶
EnCode-q:1.2.2¶
Upper-Class: Network (EnCode-q:1.2)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\¶
The physical network is divided into categories: the backbone network, the access network, the Internet of things, the industrial network and the other network according to the hierarchical position of the network ,the deployed area, and the production and life tasks undertaken in the entire network architecture.¶
Class-IV: backbone network¶
EnCode-q:1.2.1.1¶
Upper-Class: physical network (EnCode-q:1.2.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\ Organization\¶
Class-IV: access network¶
EnCode-q:1.2.1.2¶
Upper-Class: physical network (EnCode-q:1.2.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\ Organization\¶
Class-IV: Internet of things¶
EnCode-q:1.2.1.3¶
Upper-Class: physical network (EnCode-q:1.2.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\¶
Class-IV: industrial network¶
EnCode-q:1.2.1.4¶
Upper-Class: physical network (EnCode-q:1.2.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\Protocol\¶
Class-IV: other network¶
EnCode-q:1.2.1.5¶
Upper-Class: physical network (EnCode-q:1.2.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\¶
The overlay network is divided into 4 categories:Content Delivery Network, peer-to-peer network, virtual private network and the other network.¶
Class-IV:Content Delivery Network¶
EnCode-q:1.2.2.1¶
Upper-Class: overlay network (EnCode-q:1.2.2)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\¶
Class-IV:peer-to-peer network¶
EnCode-q:1.2.2.2¶
Upper-Class: overlay network (EnCode-q:1.2.2)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\¶
Class-IV:virtual private network RFC2764 [RFC2764]¶
EnCode-q:1.2.2.3¶
Upper-Class: overlay network (EnCode-q:1.2.2)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\¶
Class-IV:other network¶
EnCode-q:1.2.2.4¶
Upper-Class: overlay network (EnCode-q:1.2.2)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\¶
The "intermediate node" sub-category organizes a large-category according to the functions that nodes play in the network architecture. It is divided into routing node, switching node, and controlling node.¶
Class-III: routing node¶
EnCode-q:1.3.1¶
Upper-Class: Intermediate node(EnCode-q:1.3)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code\ Routing Protocol\¶
Class-III: switching node¶
EnCode-q:1.3.2¶
Upper-Class: Intermediate node(EnCode-q:1.3)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code\¶
Class-III: controlling node¶
EnCode-q:1.3.3¶
Upper-Class: Intermediate node(EnCode-q:1.3)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code\¶
The routing node is classified into categories inter-domain routing node and intra-domain routing node according to the working level of the routing.¶
Class-IV: inter-domain routing node RFC904 [RFC904]¶
EnCode-q:1.3.1.1¶
Upper-Class: routing node (EnCode-q:1.3.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\Operating System\Model Number Code\ Routing Protocol\¶
Class-IV: intra-domain routing node¶
EnCode-q:1.3.1.2¶
Upper-Class: routing node (EnCode-q:1.3.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\Operating System\Model Number Code\ Routing Protocol\ASN\ISP\¶
The switching node is organized into different categories according to different network segments where the node is located.¶
Class-IV: hub¶
EnCode-q:1.3.2.1¶
Upper-Class: switching node (EnCode-q:1.3.2)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code\¶
Class-IV: bridge RFC1242 [RFC1242]¶
EnCode-q:1.3.2.2¶
Upper-Class: switching node (EnCode-q:1.3.2)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code\¶
Class-IV: switch¶
EnCode-q:1.3.2.3¶
Upper-Class: switching node (EnCode-q:1.3.2)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code\¶
Class-IV: gateway¶
EnCode-q:1.3.2.4¶
Upper-Class: switching node (EnCode-q:1.3.2)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code\¶
Class-IV: other¶
EnCode-q:1.3.2.5¶
Upper-Class: switching node (EnCode-q:1.3.2)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code\¶
The controlling node is no longer to be classified here.¶
The "Terminal node" sub-category organizes a large-category according to the functions played by the terminal in actual production and life. It is divided into client, site, hybrid node, and a total of three major categories.¶
Class-III: client¶
EnCode-q:1.4.1¶
Upper-Class: Terminal node (EnCode-q:1.4)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Model Number Code\¶
Class-III: server¶
EnCode-q:1.4.2¶
Upper-Class: Terminal node (EnCode-q:1.4)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Model Number Code\Performance\¶
Class-III: hybrid node¶
EnCode-q:1.4.3¶
Upper-Class: Terminal node (EnCode-q:1.4)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Model Number Code\¶
The client category is subdivided into desktop device, mobile device, sensor device, and other according to the physical device types of the nodes.¶
Class-IV: desktop device¶
EnCode-q:1.4.1.1¶
Upper-Class: client (EnCode-q:1.4.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Model Number Code\¶
Class-IV: mobile device¶
EnCode-q:1.4.1.2¶
Upper-Class: client (EnCode-q:1.4.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Model Number Code\¶
Class-IV: sensor device¶
EnCode-q:1.4.1.3¶
Upper-Class: client (EnCode-q:1.4.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Model Number Code\ Detection information\¶
Class-IV: other¶
EnCode-q:1.4.1.4¶
Upper-Class: client (EnCode-q:1.4.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Model Number Code\¶
The server and hybrid node continue the division of their sub- category¶
The "Link" sub-category is organized into a large-category of transmission links according to the transmission medium used by the network, and is divided into two categories: wired link and wireless link.¶
Class-III: wired link¶
EnCode-q:1.5.1¶
Upper-Class: Link (EnCode-q:1.5)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Transmission medium\Protocol\¶
Class-III: wireless link¶
EnCode-q:1.5.2¶
Upper-Class: Link (EnCode-q:1.5)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway addre¶
The wired link category is organized according to the material of the transmission medium and the winding mode of the transmission medium. It is divided into twisted pair, coaxial cable, digital subscriber line ,optical fiber and other.¶
Class-IV: twisted pair¶
EnCode-q:1.5.1.1¶
Upper-Class: wired link (EnCode-q:1.5.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Transmission medium\Protocol\¶
Class-IV: coaxial cable¶
EnCode-q:1.5.1.2¶
Upper-Class: wired link (EnCode-q:1.5.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Transmission medium\Protocol\¶
Class-IV: digital subscriber line¶
EnCode-q:1.5.1.3¶
Upper-Class: wired link (EnCode-q:1.5.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Transmission medium\Protocol\¶
Class-IV: optical fiber¶
EnCode-q:1.5.1.4¶
Upper-Class: wired link (EnCode-q:1.5.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Transmission medium\Protocol\¶
Class-IV: other¶
EnCode-q:1.5.1.5¶
Upper-Class: wired link (EnCode-q:1.5.1)¶
Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Transmission medium\Protocol\¶
The wireless is no longer to be classified here.¶
The "Inorganic Service" sub-category, according to the port type used by the application, the tight program bound to the application and the port RFC6346 [RFC6346], organizes a large-category. which is divided into generic port service , registered port service , and dynamic/private port service.¶
Class-III: generic port service¶
EnCode-q:2.1.1¶
Upper-Class: Inorganic service (EnCode-q:2.1)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
Class-III: registered port service¶
EnCode-q:2.1.2¶
Upper-Class: Inorganic service (EnCode-q:2.1)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
Class-III: dynamic/private port service¶
EnCode-q:2.1.3¶
Upper-Class: Inorganic service (EnCode-q:2.1)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
According to the port used and the type of service provided, the generic port service is divided into website service (HTTP, HTTPS), file transfer service (FTP, TFTP), mail service (SMTP, POP3, IMAP), network management service (SNMP) RFC1157 [RFC1157], domain name service (DNS) and other.¶
Class-IV: website service¶
EnCode-q:2.1.1.1¶
Upper-Class: generic port service (EnCode-q:2.1.1)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\URL\¶
Class-IV: file transfer service¶
EnCode-q:2.1.1.2¶
Upper-Class: generic port service (EnCode-q:2.1.1)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
Class-IV: mail service¶
EnCode-q:2.1.1.3¶
Upper-Class: generic port service (EnCode-q:2.1.1)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
Class-IV: network management service¶
EnCode-q:2.1.1.4¶
Upper-Class: generic port service (EnCode-q:2.1.1)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
Class-IV: domain name service¶
EnCode-q:2.1.1.5¶
Upper-Class: generic port service (EnCode-q:2.1.1)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
Class-IV: other¶
EnCode-q:2.1.1.6¶
Upper-Class: generic port service (EnCode-q:2.1.1)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
The registered port service is no longer to be classified here. According to the type of services provided by the application, the dynamic/private port service is divided into search query service, audio and video service, shopping service, social service and other.¶
Class-IV: search query service¶
EnCode-q:2.1.3.1¶
Upper-Class: dynamic/private port service (EnCode-q:2.1.3)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
Class-IV: audio and video service¶
EnCode-q:2.1.3.2¶
Upper-Class: dynamic/private port service (EnCode-q:2.1.3)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
Class-IV: shopping service¶
EnCode-q:2.1.3.3¶
Upper-Class: dynamic/private port service (EnCode-q:2.1.3)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
Class-IV: social service¶
EnCode-q:2.1.3.4¶
Upper-Class: dynamic/private port service (EnCode-q:2.1.3)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
Class-IV: other¶
EnCode-q:2.1.3.5¶
Upper-Class: dynamic/private port service (EnCode-q:2.1.3)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
The "organic service" continues the sub-category classification.¶
Class-III: Organic service¶
EnCode-q:2.2.1¶
Upper-Class: Organic service (EnCode-q:2.2)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
The organic service categories are classified into P2P service , CDN service and other according to the scenario where the application is located and the network service function.¶
Class-IV: P2P service¶
EnCode-q:2.2.1.1¶
Upper-Class: Organic service (EnCode-q:2.2.1)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
Class-IV: CDN service¶
EnCode-q:2.2.1.2¶
Upper-Class: Organic service (EnCode-q:2.2.1)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
Class-IV: other¶
EnCode-q:2.2.1.3¶
Upper-Class: Organic service (EnCode-q:2.2.1)¶
Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\¶
The "Code" continues the sub-category classification and is no longer subdivided.¶
Class-III: Code¶
EnCode-q:3.1.1¶
Upper-Class: Code (EnCode-q:3.1)¶
Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\ Programming Language\¶
The "Text resource" sub-category, according to the storage form of text, whether the text can be represented by unified data or format to organize large categories, is divided into structured text, semi-structured text, unstructured text.¶
Class-III: structured text¶
EnCode-q:3.2.1¶
Upper-Class: Text resource (EnCode-q:3.2)¶
Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\¶
Class-III: semi-structured text¶
EnCode-q:3.2.2¶
Upper-Class: Text resource (EnCode-q:3.2)¶
Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\¶
Class-III: unstructured text¶
EnCode-q:3.2.3¶
Upper-Class: Text resource (EnCode-q:3.2)¶
Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\¶
The " structured text", "semi-structured text" and " structured text "continues the large-category classification and is no longer subdivided.¶
The "picture resource" continues the sub-category classification and is no longer subdivided.¶
Class-III: Picture resource¶
EnCode-q:3.3.1¶
Upper-Class: Picture resource (EnCode-q:3.3)¶
Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\¶
The Audio resource continues the sub-category classification and is no longer subdivided.¶
Class-III: Audio resource¶
EnCode-q:3.4.1¶
Upper-Class: Audio resource (EnCode-q:3.4)¶
Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\¶
The " Video resource" continues the sub-category classification. and is no longer subdivided.¶
Class-III: Video resource¶
EnCode-q:3.5.1¶
Upper-Class: Video resource (EnCode-q:3.5)¶
Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\¶
The authors would like to thank the support of Tsinghua. University and China Electronic Technology Group Corporation thirtieth Research Institute. We also thank the following persons for their suggestions on earlier versions of this work: Zhi Sun, Jianfeng Chen, Da He, Rui Xu, Zhihong Rao, etc, for their. discussion, comments and suggestions.¶
This memo includes no request to IANA.¶
This document only defines a framework for network resources categorization. This document itself does not directly introduce security issues.¶