What is Bayesian networking?

All,

    I am trying to find out exactly what this is.  Google has not been fruitful except to say Microsoft and Cisco are experimenting with the concept.  It looks like probability and what most enterprises do anyway.  I am looking for something more detailed.  Thoughts on what it is beyond my rudimentary understanding?
awakeningsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ken BooneNetwork ConsultantCommented:
So first of all take the the word networking that is associated with Bayesian Networking and recognize that it has nothing to do with networking as we know it - as in IP networking - Microsoft Networking - Cisco Networking.  Bayesian Networking is a statistical modeling algorithm.  It is a way to define a set of circumstances and/or events, showing correlations between them as well providing formulas for predicting results between interactions between components.

Bayesian networks are used for scientific analysis of all types of things, it may deal with biology, etymology, anything ology, etc..  

That is my basic understanding of bayesian networks.  So for Cisco or Microsoft using Bayesian networks, that is in a sense saying their brightest and best are sitting in white rooms, creating bayesian networks for various things to make predications on different things.  It may be used by IPS systems, it might be used for network traffic estimations, traffic generators, traffic analysis, etc..  they might be used for sales forecasts, who knows.  

Hope that helps.
0
awakeningsAuthor Commented:
Ken,

    I saw that, but my management is telling me they have set up their networks by Baysian standards.  As mentioned, I did see Cisco and Microsoft are working on something.  It has to be more than just related to biology.  Here is the Cisco link;

http://blogs.cisco.com/security/understanding-security-through-probability

Here is the microsoft link;
http://research.microsoft.com/apps/pubs/?id=69588

  I just do not understand what they are trying to achieve.  Thoughts are appreciated.

Awakenings
0
Ken BooneNetwork ConsultantCommented:
So basically what they are trying to achieve is that smarter network where they can successfully predict an attack  and defend the network.  Remember Cisco's logo about a self-defending network?  They are using a bayesian network to define network traffic and behaviors in order to predict attacks.    The better and more sophisticated the Bayesian network is built, and programmed after, the smarter and more reliable an IPS system will be.  I think it boils down to how smart and accurate can they build a bayesian network to simulate a real world network with traffic patterns.  The more variables and accurate statistics they can provide the better the depiction of a real network with a Bayesian network.  I think that is basically what they are talking about and how they are using it.
0
Hey MSSPs! What's your total cost of ownership?

WEBINAR: Managed security service providers often deploy & manage products from a variety of solution vendors. But is this really the best approach when it comes to saving time AND money? Join us on Aug. 15th to learn how you can improve your total cost of ownership today!

awakeningsAuthor Commented:
Ken,

   Hmm...That seems odd.  Maybe the ones talking about the network don't understand.  Reducing it down to a Bayesian heuristic on an IPS does not seem like building a network on a Bayesian principle.  Or am I misunderstanding things?  Maybe I need to look up the self defending network?  Why is there so little literature about this?
0
Ken BooneNetwork ConsultantCommented:
Self defending network is one of Cisco's marketing terms. It was big around season 4 or 5 of the show 24.  I would assume you could use a bayesian heuristic to help with routing traffic flows as well.  Perhaps a routing protocol that is based on bayesian network would be a possibility.

I'm no expert on the bayesian network - that is just my understanding of them and how I can see it being used.  Especially from the cisco blog entry you posted.
0
Ken BooneNetwork ConsultantCommented:
There is a good bit of cisco docs on their self-defending network.  Here is a writer from the SANS institute who wrote an article describing it when it first came out.

http://searchsecurity.techtarget.com/magazineContent/The-self-defending-network-Is-it-real-technology-or-market-speak
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
awakeningsAuthor Commented:
Ken,

   Ah... Ok...  Eric Cole, who I respect, wrote the article.  I know IPS devices used to be able to issue a shun command on the firewall.  We all know the other risks with doing that - can anyone say accidental self DOS?  Alright...  So it is probably someone in my company playing off of the ignorance of others because people do not bother doing the research when they hear terminology.  This one made me more than a little curious.

Thanks,

Awakenings
0
awakeningsAuthor Commented:
Real quick,

    Do you know what this means in a practical sense if we were talking routing protocols?  I am not positive what this really means.  It isn't MD5.
0
Ken BooneNetwork ConsultantCommented:
MD5 is simply an encryption algorithm.  From a routing protocol I was purely thinking hypothetically.  So we have RIP, EIGRP, OSPF and BGP and a few others.  Each has there own formula for routing traffic.  Distance Vector formula, for RIP, DUAL algorithm for EIGRP, Links State awareness for OSPF, and then BGP has a 10 step process to choose a best route.  All of these are for routing traffic based on the destination IP address.  Let's say we built a bayesian network that included information on the types of traffic, size of the pipes, utilization on the pipes as well as source and destination IP addresses.  We could then hypothetically make some decisions about traffic based on a statistical bayesian network depiction of the network to route video over a larger link, voice over a smaller link, transactional data could be routed over whatever, depending on current conditions.  But we could possibly go a step further by saying well this his web traffic, which is statistically a small amount of traffic on the uplink, but a large amount of traffic on the downlink.  So perhaps we push out over the small link and route it back over the large link to utilize the larger traffic coming in.

This is just all hypothetical just an example of how a bayesian network "might" be used to attempt to route traffic.
0
awakeningsAuthor Commented:
Ah...  Ok.  I do know about routing protocols and weights (you probably know it better as that appears to be your full time job).  One can use MD5 authentication for routing protocols, but that does not help with Baysian networking.  The weights was something I immediately thought of, but it seems a bit like false advertising to call is Bayesian as it seems like it refers to a specific mathematical model for probability.  Routing protocols don't work specifically off of the Baysian algorithm - at least as far as I know.  It might be loosely based, but I would like to know more information about why they call it that.
0
Ken BooneNetwork ConsultantCommented:
Yea I would agree that todays routing protocols are not based on a bayesian model, but in theory it might be possible to create one based off of a bayesian model.  It might could go as far as predicting attacks based on known malicious IP addresses and based on stats could route them to a black hole.  Just some theoretical thoughts.
0
awakeningsAuthor Commented:
I appreciate them.  Thank you.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.