opsawg WJL. Wang, Ed. Internet-Draft MCC. Miao, Ed. Intended status: Informational ZSY. Zhuang, Ed. Expires: 7 December 2023 ZQL. Zhang, Ed. ZCY. Zhang, Ed. Tsinghua University 5 June 2023 Framework for Cyberspace Resources Categorization draft-jilongwang-opsawg-crc-05 Abstract This memo presents the definition of cyberspace resource, and then discusses a classification framework for cyberspace resources. Cyberspace is widely applied in people's daily life and it is regarded as a new space, paralleled to the geographic space. There are various resources in cyberspace. However, they have not been systematically defined and classified. The objective of this draft is to present the deifinition of cyberspace resource and a standard classification framework, thus, supporting the unified resource storage and shares. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 7 December 2023. Copyright Notice Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved. Wang, et al. Expires 7 December 2023 [Page 1] Internet-Draft Cyberspace Resources Categorization June 2023 This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Use cases . . . . . . . . . . . . . . . . . . . . . . . . . . 4 3.1. Network Management . . . . . . . . . . . . . . . . . . . 4 3.2. Network Search . . . . . . . . . . . . . . . . . . . . . 4 3.3. Network Security . . . . . . . . . . . . . . . . . . . . 5 4. Methodology for Network Resources Categorization . . . . . . 5 4.1. Basic Principles . . . . . . . . . . . . . . . . . . . . 5 4.1.1. Scientific principle . . . . . . . . . . . . . . . . 5 4.1.2. Systematic principle . . . . . . . . . . . . . . . . 6 4.1.3. Orthogonality principle . . . . . . . . . . . . . . . 6 4.1.4. Consistency principle . . . . . . . . . . . . . . . . 6 4.1.5. Scalable principle . . . . . . . . . . . . . . . . . 6 4.2. Requirements on categorization . . . . . . . . . . . . . 6 5. Framework for Network Resources Categorization . . . . . . . 7 5.1. Class-I . . . . . . . . . . . . . . . . . . . . . . . . . 7 5.2. Class-II . . . . . . . . . . . . . . . . . . . . . . . . 8 5.2.1. Network Infrastructure . . . . . . . . . . . . . . . 9 5.2.2. Network application service . . . . . . . . . . . . . 10 5.2.3. Network data source . . . . . . . . . . . . . . . . . 10 5.2.4. Network virtual subject . . . . . . . . . . . . . . . 12 5.3. Class-III and Class-IV . . . . . . . . . . . . . . . . . 12 5.3.1. Autonomous domain . . . . . . . . . . . . . . . . . . 12 5.3.2. Network . . . . . . . . . . . . . . . . . . . . . . . 13 5.3.3. Intermediate node . . . . . . . . . . . . . . . . . . 16 5.3.4. Terminal node . . . . . . . . . . . . . . . . . . . . 18 5.3.5. Link . . . . . . . . . . . . . . . . . . . . . . . . 20 5.3.6. Inorganic service . . . . . . . . . . . . . . . . . . 21 5.3.7. Organic service . . . . . . . . . . . . . . . . . . . 24 5.3.8. Code . . . . . . . . . . . . . . . . . . . . . . . . 25 5.3.9. Text resource . . . . . . . . . . . . . . . . . . . . 25 5.3.10. Picture resource . . . . . . . . . . . . . . . . . . 26 5.3.11. Audio resource . . . . . . . . . . . . . . . . . . . 26 5.3.12. Video resource . . . . . . . . . . . . . . . . . . . 27 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 27 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 27 Wang, et al. Expires 7 December 2023 [Page 2] Internet-Draft Cyberspace Resources Categorization June 2023 8. Security Considerations . . . . . . . . . . . . . . . . . . . 27 9. Normative References . . . . . . . . . . . . . . . . . . . . 27 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 28 1. Introduction Cyberspace, created by communication technologies especially the Internet, is a virtual space where people can easily communicate with others regardless of geographic distance. Due to its convenience, cyberspace has been widely applied in people' daily life and it is regarded as a new space, paralleled to the geographic space. The widely adoption of cyberspace has promote the rapid growth of cyberspace resources. Since the resources in cyberspace have exsited objectively, such as traditional network facilities, access devices, network applications and network datas, it is even not defined up to now. Furthermore, there are not any systematical classification frameworks for cyberspace resources. Most of them are given corresponding names depending on their purpose or vendor, but they seem to be in a "divine" state. Therefore, the resources in cyberspace are not able to stored and shared unifiedly. In order to provide a unified description of cyberspace resources, this draft firstly gives the definition of resources in cyberspace. Then it designs a standard classification framework to classify the resource in cyberspace. This standard framework helps to establish a unified cyberspace resources database, which can be used as the basis for network information storage and sharing in both academia and industry field. 1.1. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. 2. Terminology Methods of linear classification: The classification objects are divided into several levels according to specific forms and attributes, and each level is divided into several categories. The same level category constitutes a parallel relationship, and different level categories form a affiliation relationship. category in higher level: In the methods of linear classification , a category is called category in higher level relative to the next- level category directly divided by it. Wang, et al. Expires 7 December 2023 [Page 3] Internet-Draft Cyberspace Resources Categorization June 2023 category in lower level: In the methods of linear classification, a category is called category in lower level relative to the upper- level category that classifies the category. category in same level: In the methods of linear classification, a number of lower-level categories directly classified by a category are called category in same level. 3. Use cases The following sections highlight some of the most common framework for network resources categorization use case scenarios and are in no way exhaustive. 3.1. Network Management Network management is the process of administering and managing computer networks. Services provided by this discipline include fault analysis, performance management, provisioning of networks and maintaining the quality of service. Now The variety of resources lead to confusion in network. Network resources as the object of network management need to be paid more attention. But for network managers, there is a lack of uniform identification, location and management of resources. The framework for network resources categorization offers a way for network managers to divide the managed resources. It provides unique identities for each resource, that is, all resources can find the appropriate location in the resources framework tree. Then the corresponding code, name and attributes are added into the database to facilitate unified management. At the same time, for resources with abnormal properties ,it can be located and fixed vulnerabilities in time. 3.2. Network Search Now many platforms(Shodan, Censys etc.) detect network from the network layer to the application layer based on multiple detection technologies. The main goal is to identify network resources, including websites, network hardware, etc and provide network identifiable resources search and classification, establish corresponding database to support user full-text search, regular expression, boolean logic and digital range search. But the lack of a unified standardized model will lead to inaccurate and incomplete retrieval of resources. Wang, et al. Expires 7 December 2023 [Page 4] Internet-Draft Cyberspace Resources Categorization June 2023 This framework classifies the resources of the whole network. It can be used to fill the resources search database, and cover the resources that have not been covered before. At the same time, standardize the storage of network resources and improve the search efficiency. 3.3. Network Security Network viruses and worms themselves are also a kind of network resources. With the deepening of network opening and complexity, network viruses and worms are evolving constantly, and the characteristics of diversity and spatial discretization are increasing, resulting in a great hidden danger of network security. The framework for network resources categorization can locate the network resources more accurately and distinguish the benign or malignant network resources, study the process of virus evolution and the possible effects according to the attached attributes , and provide a clearer way to safeguard the operation of network space security, such as anti virus, antivirus and so on. 4. Methodology for Network Resources Categorization 4.1. Basic Principles The network resources categorization rules SHOULD follow the following principles to meet the completeness, measurability, scalability and relative orthogonality of resources categorization. 4.1.1. Scientific principle Categorization rules SHOULD be consistent with the basic. organizational rules of network resources. The resources categorization perspective SHOULD meet the traditional internet resources integration requirements, and meet the mapping entity integration requirements of the multi-sources mapping platform. The resources categorization system SHOULD start from the traditional network resources system and cover resource elements and have certain compatibility. Wang, et al. Expires 7 December 2023 [Page 5] Internet-Draft Cyberspace Resources Categorization June 2023 4.1.2. Systematic principle The network resources categorization architecture can sort and systemize all network resources according to their characteristics, correctly reflect the vertical and horizontal architecture, and form a reasonable categorization system. Each resource in the system occupies a position. And it SHALL reflect the certain relationship between resources, and profoundly reveal the network relationship and the whole picture between resources. 4.1.3. Orthogonality principle Each taxonomic unit of each categorization level in the resources categorization system SHOULD be mutually incompatible, so that any network resource cannot belong to two groups at the same time. That is, the unique encoding allows the network resources to be uniquely identified and described. 4.1.4. Consistency principle Categorization design SHOULD be consistent with other national standards in related fields, and at the same time meets the original information concept and semantic consistency when resources coding and code expansion, addition and deletion. 4.1.5. Scalable principle It SHALL meet the needs of the development and change of network resources to a great extent. It can increase the categorization of different levels and can also be extended for expansion of unknown resources. 4.2. Requirements on categorization This section describes the requirements for categorization of network resources . The network resources categorization SHOULD meet these requirements to make sure it is orthogonal and accurate. Note that the requirements listed in this section have been separated from the context in which they may appear. The following template is used for the definition of the Requirements: Req-ID: An ID composed of a unique two-digit number. Description: The rationale and description of the requirement. Wang, et al. Expires 7 December 2023 [Page 6] Internet-Draft Cyberspace Resources Categorization June 2023 The detail requirements on categorization are listed as following: Req-ID: 01 Description: The total range of categories in lower level classified by categories in higher level SHOULD be the same as the range of categories in higher level. Req-ID: 02 Description: When dividing category in higher level, SHOULD choose the same classification perspective to get the categories in lower level. Req-ID: 03 Description: The categories in same level SHALL do not intersect, do not repeat, and only correspond to a category in higher level. Req-ID: 04 Description: Categorization SHOULD be carried out from high to low, and there MUST be no jump. 5. Framework for Network Resources Categorization This framework for network resources categorization uses methods of linear classification to classify them into five categories: category, sub-category, large, medium and small-category based on the above principles and requirements. It specifies the classification names of the categories, Class-I, Class-II, Class-III, Class-IV, Class-V, and the small-categories are subdivided and named according to the application requirements. 5.1. Class-I Firstly, The categories of network resources are divided into four categories: the network infrastructure, the network application service, the network data resource and the network virtual body based on the sources, applications and activities of network resources. Then the 4 categories are further subdivided into 12 sub-categories. The following template is used for the definition of the categorization of network resources: Class-I: The name of network resources category in highest level Wang, et al. Expires 7 December 2023 [Page 7] Internet-Draft Cyberspace Resources Categorization June 2023 EnCode-q: An ID organized in OID format to identify network resources. It can be added to 1.3.6.1.2 mgmt RFC3232 [RFC3232]. Upper-Class: The name of its category in higher level. Attribute:The characteristics of this network resource category from different levels of internet. Class-I: Network Infrastructure EnCode-q:1 Upper-Class: None Attribute:MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Class-I: Network application service EnCode-q:2 Upper-Class: None Attribute:MAC Address\IP Address\Port\Service\ Protocol\Performance\ Class-I: Network data source EnCode-q:3 Upper-Class: None Attribute:IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\ Class-I: Network virtual subject EnCode-q:4 Upper-Class: None Attribute:IP Address\Port\Service\ Protocol\Account Name\ Landing Time\ 5.2. Class-II The following template is used for the definition of the categorization of network resources category in second category level: Wang, et al. Expires 7 December 2023 [Page 8] Internet-Draft Cyberspace Resources Categorization June 2023 Class-II: The name of network resources category in second level EnCode-q: An ID organized in OID format to identify network resources. It can be added to 1.3.6.1.2 mgmt RFC3232 [RFC3232]. Upper-Class: The name of its category in higher level. Attribute: The characteristics of this network resource category from different levels of internet. 5.2.1. Network Infrastructure The Network infrastructure is the physical part of the network resources which provides basic support, including various hardware devices. It is the material basis of all network services and is divided into the following 5 sub-category based on the internet architecture and its network functions, device roles and network levels . Class-II: Autonomous domain EnCode-q:1.1 Upper-Class: Network Infrastructure (EnCode-q:1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ASN\ISP\Institutions\Organizations\Operators\ Class-II: Network EnCode-q:1.2 Upper-Class: Network Infrastructure (EnCode-q:1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network Class-II: Intermediate node EnCode-q:1.3 Upper-Class: Network Infrastructure (EnCode-q:1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code Class-II: Terminal node Wang, et al. Expires 7 December 2023 [Page 9] Internet-Draft Cyberspace Resources Categorization June 2023 EnCode-q:1.4 Upper-Class: Network Infrastructure (EnCode-q:1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Model Number Code\ Class-II: Link EnCode-q:1.5 Upper-Class: Network Infrastructure (EnCode-q:1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Transmission medium\Protocol\ 5.2.2. Network application service Network application service is an application running on top of the network application layer and provide data storage, manipulation, rendering, communication, or other capabilities. These capabilities typically use an application layer network protocol. It is classified into inorganic services and organic services based on the internet architecture and the unity of a network application service. Class-II: Inorganic service EnCode-q:2.1 Upper-Class: Network application service (EnCode-q:2) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ Class-II: Organic service EnCode-q:2.2 Upper-Class: Network application service (EnCode-q:2) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ 5.2.3. Network data source Network data is defined as a resource that is stored on the Internet and is not running. We divide it into five categories based on resource content. Wang, et al. Expires 7 December 2023 [Page 10] Internet-Draft Cyberspace Resources Categorization June 2023 Class-II: Code EnCode-q:3.1 Upper-Class: Network data source(EnCode-q:3) Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\ Programming Language\ Class-II: Text resource EnCode-q:3.2 Upper-Class: Network data source(EnCode-q:3) Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\ Class-II: Picture resource EnCode-q:3.3 Upper-Class: Network data source(EnCode-q:3) Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\ Class-II: Audio resource EnCode-q:3.4 Upper-Class: Network data source(EnCode-q:3) Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\ Class-II: Video resource EnCode-q:3.5 Upper-Class: Network data source(EnCode-q:3) Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\ Wang, et al. Expires 7 December 2023 [Page 11] Internet-Draft Cyberspace Resources Categorization June 2023 5.2.4. Network virtual subject The virtual subject of network refers to the account behavior of the network virtual feature stored on the Internet. The carrier of the user in network is a virtual account, So The network virtual subject is divided into the following sub- category. Class-II: Network account EnCode-q:4.1 Upper-Class: Network virtual subject (EnCode-q:4) Attribution: IP Address\Port\Service\ Protocol\Account Name\ Landing Time\ 5.3. Class-III and Class-IV Note that Network infrastructure, the categorization of the large- categories are organized from the hierarchical location of the network infrastructure in the network architecture and the role played by it. Note that Network application service, first organize the categorization of large-category from the perspective of whether the application is based on ports, and then classify these categories according to the types of services provided by the application. Note that Network data source, firstly the categorization of large- categories are organized from whether the data resources need to be compiled, the storage mode , structure of the data resources and the functions of the data resources are completed. And then classify these categories according to the application scenarios of the data and the data are performed. On the basis of category and sub-category, the resources are further classified and named according to methods of linear classification. On the basis of 4 Class-I and 13 Class-II, there are 22 categories, of which there are 10 network infrastructure categories,5 network application services categories and 7 network data resources categories. 5.3.1. Autonomous domain We continue "Autonomous domain" sub-category categorization. Class-III: Autonomous domain. Wang, et al. Expires 7 December 2023 [Page 12] Internet-Draft Cyberspace Resources Categorization June 2023 EnCode-q:1.1.1 Upper-Class: Autonomous domain (EnCode-q:1.1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ASN\ISP\Institutions\Organizations\Operators\ According to the division of the number of digits of the autonomous system number ASN which is owned by each autonomous region. This large-category is divided into 16 autonomous regions and 32 autonomous regions, with a total of 2 categories. Class-IV:Autonomous domain(16 bits) EnCode-q:1.1.1.1 Upper-Class: Autonomous domain (EnCode-q:1.1.1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ASN\ISP\Institutions\Organizations\Operators\ Class-IV:Autonomous domain(32 bits) EnCode-q:1.1.1.2 Upper-Class: Autonomous domain (EnCode-q:1.1.1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ASN\ISP\Institutions\Organizations\Operators\ 5.3.2. Network The subcategories of "network" are organized in accordance with the characteristics of whether the application layer is only oriented to the application layer or the main application layer. Class-III: physical network EnCode-q:1.2.1 Upper-Class: Network (EnCode-q:1.2) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\ Wang, et al. Expires 7 December 2023 [Page 13] Internet-Draft Cyberspace Resources Categorization June 2023 Class-III: overlay network EnCode-q:1.2.2 Upper-Class: Network (EnCode-q:1.2) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\ The physical network is divided into categories: the backbone network, the access network, the Internet of things, the industrial network and the other network according to the hierarchical position of the network ,the deployed area, and the production and life tasks undertaken in the entire network architecture. Class-IV: backbone network EnCode-q:1.2.1.1 Upper-Class: physical network (EnCode-q:1.2.1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\ Organization\ Class-IV: access network EnCode-q:1.2.1.2 Upper-Class: physical network (EnCode-q:1.2.1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\ Organization\ Class-IV: Internet of things EnCode-q:1.2.1.3 Upper-Class: physical network (EnCode-q:1.2.1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\ Class-IV: industrial network EnCode-q:1.2.1.4 Upper-Class: physical network (EnCode-q:1.2.1) Wang, et al. Expires 7 December 2023 [Page 14] Internet-Draft Cyberspace Resources Categorization June 2023 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\Protocol\ Class-IV: other network EnCode-q:1.2.1.5 Upper-Class: physical network (EnCode-q:1.2.1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\ The overlay network is divided into 4 categories:Content Delivery Network, peer-to-peer network, virtual private network and the other network. Class-IV:Content Delivery Network EnCode-q:1.2.2.1 Upper-Class: overlay network (EnCode-q:1.2.2) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\ Class-IV:peer-to-peer network EnCode-q:1.2.2.2 Upper-Class: overlay network (EnCode-q:1.2.2) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\ Class-IV:virtual private network RFC2764 [RFC2764] EnCode-q:1.2.2.3 Upper-Class: overlay network (EnCode-q:1.2.2) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\ Class-IV:other network EnCode-q:1.2.2.4 Upper-Class: overlay network (EnCode-q:1.2.2) Wang, et al. Expires 7 December 2023 [Page 15] Internet-Draft Cyberspace Resources Categorization June 2023 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Network\ 5.3.3. Intermediate node The "intermediate node" sub-category organizes a large-category according to the functions that nodes play in the network architecture. It is divided into routing node, switching node, and controlling node. Class-III: routing node EnCode-q:1.3.1 Upper-Class: Intermediate node(EnCode-q:1.3) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code\ Routing Protocol\ Class-III: switching node EnCode-q:1.3.2 Upper-Class: Intermediate node(EnCode-q:1.3) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code\ Class-III: controlling node EnCode-q:1.3.3 Upper-Class: Intermediate node(EnCode-q:1.3) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code\ The routing node is classified into categories inter-domain routing node and intra-domain routing node according to the working level of the routing. Class-IV: inter-domain routing node RFC904 [RFC904] EnCode-q:1.3.1.1 Upper-Class: routing node (EnCode-q:1.3.1) Wang, et al. Expires 7 December 2023 [Page 16] Internet-Draft Cyberspace Resources Categorization June 2023 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\Operating System\Model Number Code\ Routing Protocol\ Class-IV: intra-domain routing node EnCode-q:1.3.1.2 Upper-Class: routing node (EnCode-q:1.3.1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\Operating System\Model Number Code\ Routing Protocol\ASN\ISP\ The switching node is organized into different categories according to different network segments where the node is located. Class-IV: hub EnCode-q:1.3.2.1 Upper-Class: switching node (EnCode-q:1.3.2) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code\ Class-IV: bridge RFC1242 [RFC1242] EnCode-q:1.3.2.2 Upper-Class: switching node (EnCode-q:1.3.2) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code\ Class-IV: switch EnCode-q:1.3.2.3 Upper-Class: switching node (EnCode-q:1.3.2) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code\ Class-IV: gateway EnCode-q:1.3.2.4 Upper-Class: switching node (EnCode-q:1.3.2) Wang, et al. Expires 7 December 2023 [Page 17] Internet-Draft Cyberspace Resources Categorization June 2023 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code\ Class-IV: other EnCode-q:1.3.2.5 Upper-Class: switching node (EnCode-q:1.3.2) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\Model Number Code\ The controlling node is no longer to be classified here. 5.3.4. Terminal node The "Terminal node" sub-category organizes a large-category according to the functions played by the terminal in actual production and life. It is divided into client, site, hybrid node, and a total of three major categories. Class-III: client EnCode-q:1.4.1 Upper-Class: Terminal node (EnCode-q:1.4) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Model Number Code\ Class-III: server EnCode-q:1.4.2 Upper-Class: Terminal node (EnCode-q:1.4) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Model Number Code\Performance\ Class-III: hybrid node EnCode-q:1.4.3 Upper-Class: Terminal node (EnCode-q:1.4) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Model Number Code\ Wang, et al. Expires 7 December 2023 [Page 18] Internet-Draft Cyberspace Resources Categorization June 2023 The client category is subdivided into desktop device, mobile device, sensor device, and other according to the physical device types of the nodes. Class-IV: desktop device EnCode-q:1.4.1.1 Upper-Class: client (EnCode-q:1.4.1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Model Number Code\ Class-IV: mobile device EnCode-q:1.4.1.2 Upper-Class: client (EnCode-q:1.4.1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Model Number Code\ Class-IV: sensor device EnCode-q:1.4.1.3 Upper-Class: client (EnCode-q:1.4.1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Model Number Code\ Detection information\ Class-IV: other EnCode-q:1.4.1.4 Upper-Class: client (EnCode-q:1.4.1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Model Number Code\ The server and hybrid node continue the division of their sub- category Wang, et al. Expires 7 December 2023 [Page 19] Internet-Draft Cyberspace Resources Categorization June 2023 5.3.5. Link The "Link" sub-category is organized into a large-category of transmission links according to the transmission medium used by the network, and is divided into two categories: wired link and wireless link. Class-III: wired link EnCode-q:1.5.1 Upper-Class: Link (EnCode-q:1.5) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Transmission medium\Protocol\ Class-III: wireless link EnCode-q:1.5.2 Upper-Class: Link (EnCode-q:1.5) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway addre The wired link category is organized according to the material of the transmission medium and the winding mode of the transmission medium. It is divided into twisted pair, coaxial cable, digital subscriber line ,optical fiber and other. Class-IV: twisted pair EnCode-q:1.5.1.1 Upper-Class: wired link (EnCode-q:1.5.1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Transmission medium\Protocol\ Class-IV: coaxial cable EnCode-q:1.5.1.2 Upper-Class: wired link (EnCode-q:1.5.1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Transmission medium\Protocol\ Wang, et al. Expires 7 December 2023 [Page 20] Internet-Draft Cyberspace Resources Categorization June 2023 Class-IV: digital subscriber line EnCode-q:1.5.1.3 Upper-Class: wired link (EnCode-q:1.5.1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Transmission medium\Protocol\ Class-IV: optical fiber EnCode-q:1.5.1.4 Upper-Class: wired link (EnCode-q:1.5.1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Transmission medium\Protocol\ Class-IV: other EnCode-q:1.5.1.5 Upper-Class: wired link (EnCode-q:1.5.1) Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway address\ Operating System\ Transmission medium\Protocol\ The wireless is no longer to be classified here. 5.3.6. Inorganic service The "Inorganic Service" sub-category, according to the port type used by the application, the tight program bound to the application and the port RFC6346 [RFC6346], organizes a large-category. which is divided into generic port service , registered port service , and dynamic/private port service. Class-III: generic port service EnCode-q:2.1.1 Upper-Class: Inorganic service (EnCode-q:2.1) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ Class-III: registered port service Wang, et al. Expires 7 December 2023 [Page 21] Internet-Draft Cyberspace Resources Categorization June 2023 EnCode-q:2.1.2 Upper-Class: Inorganic service (EnCode-q:2.1) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ Class-III: dynamic/private port service EnCode-q:2.1.3 Upper-Class: Inorganic service (EnCode-q:2.1) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ According to the port used and the type of service provided, the generic port service is divided into website service (HTTP, HTTPS), file transfer service (FTP, TFTP), mail service (SMTP, POP3, IMAP), network management service (SNMP) RFC1157 [RFC1157], domain name service (DNS) and other. Class-IV: website service EnCode-q:2.1.1.1 Upper-Class: generic port service (EnCode-q:2.1.1) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\URL\ Class-IV: file transfer service EnCode-q:2.1.1.2 Upper-Class: generic port service (EnCode-q:2.1.1) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ Class-IV: mail service EnCode-q:2.1.1.3 Upper-Class: generic port service (EnCode-q:2.1.1) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ Wang, et al. Expires 7 December 2023 [Page 22] Internet-Draft Cyberspace Resources Categorization June 2023 Class-IV: network management service EnCode-q:2.1.1.4 Upper-Class: generic port service (EnCode-q:2.1.1) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ Class-IV: domain name service EnCode-q:2.1.1.5 Upper-Class: generic port service (EnCode-q:2.1.1) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ Class-IV: other EnCode-q:2.1.1.6 Upper-Class: generic port service (EnCode-q:2.1.1) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ The registered port service is no longer to be classified here. According to the type of services provided by the application, the dynamic/private port service is divided into search query service, audio and video service, shopping service, social service and other. Class-IV: search query service EnCode-q:2.1.3.1 Upper-Class: dynamic/private port service (EnCode-q:2.1.3) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ Class-IV: audio and video service EnCode-q:2.1.3.2 Upper-Class: dynamic/private port service (EnCode-q:2.1.3) Wang, et al. Expires 7 December 2023 [Page 23] Internet-Draft Cyberspace Resources Categorization June 2023 Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ Class-IV: shopping service EnCode-q:2.1.3.3 Upper-Class: dynamic/private port service (EnCode-q:2.1.3) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ Class-IV: social service EnCode-q:2.1.3.4 Upper-Class: dynamic/private port service (EnCode-q:2.1.3) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ Class-IV: other EnCode-q:2.1.3.5 Upper-Class: dynamic/private port service (EnCode-q:2.1.3) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ 5.3.7. Organic service The "organic service" continues the sub-category classification. Class-III: Organic service EnCode-q:2.2.1 Upper-Class: Organic service (EnCode-q:2.2) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ The organic service categories are classified into P2P service , CDN service and other according to the scenario where the application is located and the network service function. Class-IV: P2P service Wang, et al. Expires 7 December 2023 [Page 24] Internet-Draft Cyberspace Resources Categorization June 2023 EnCode-q:2.2.1.1 Upper-Class: Organic service (EnCode-q:2.2.1) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ Class-IV: CDN service EnCode-q:2.2.1.2 Upper-Class: Organic service (EnCode-q:2.2.1) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ Class-IV: other EnCode-q:2.2.1.3 Upper-Class: Organic service (EnCode-q:2.2.1) Attribution: MAC Address\IP Address\Port\Service\ Protocol\Performance\ 5.3.8. Code The "Code" continues the sub-category classification and is no longer subdivided. Class-III: Code EnCode-q:3.1.1 Upper-Class: Code (EnCode-q:3.1) Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\ Programming Language\ 5.3.9. Text resource The "Text resource" sub-category, according to the storage form of text, whether the text can be represented by unified data or format to organize large categories, is divided into structured text, semi- structured text, unstructured text. Class-III: structured text Wang, et al. Expires 7 December 2023 [Page 25] Internet-Draft Cyberspace Resources Categorization June 2023 EnCode-q:3.2.1 Upper-Class: Text resource (EnCode-q:3.2) Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\ Class-III: semi-structured text EnCode-q:3.2.2 Upper-Class: Text resource (EnCode-q:3.2) Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\ Class-III: unstructured text EnCode-q:3.2.3 Upper-Class: Text resource (EnCode-q:3.2) Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\ The " structured text", "semi-structured text" and " structured text "continues the large-category classification and is no longer subdivided. 5.3.10. Picture resource The "picture resource" continues the sub-category classification and is no longer subdivided. Class-III: Picture resource EnCode-q:3.3.1 Upper-Class: Picture resource (EnCode-q:3.3) Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\ 5.3.11. Audio resource The Audio resource continues the sub-category classification and is no longer subdivided. Wang, et al. Expires 7 December 2023 [Page 26] Internet-Draft Cyberspace Resources Categorization June 2023 Class-III: Audio resource EnCode-q:3.4.1 Upper-Class: Audio resource (EnCode-q:3.4) Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\ 5.3.12. Video resource The " Video resource" continues the sub-category classification. and is no longer subdivided. Class-III: Video resource EnCode-q:3.5.1 Upper-Class: Video resource (EnCode-q:3.5) Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data size\Data Permission\ 6. Acknowledgements The authors would like to thank the support of Tsinghua. University and China Electronic Technology Group Corporation thirtieth Research Institute. We also thank the following persons for their suggestions on earlier versions of this work: Zhi Sun, Jianfeng Chen, Da He, Rui Xu, Zhihong Rao, etc, for their. discussion, comments and suggestions. 7. IANA Considerations This memo includes no request to IANA. 8. Security Considerations This document only defines a framework for network resources categorization. This document itself does not directly introduce security issues. 9. Normative References [RFC1157] Case, J., "A Simple Network Management Protocol (SNMP)", RFC 1157, May 1990, . Wang, et al. Expires 7 December 2023 [Page 27] Internet-Draft Cyberspace Resources Categorization June 2023 [RFC1242] Bradner, S., "Benchmarking Terminology for Network Interconnection Devices", RFC 1242, July 1991, . [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", RFC 2119, March 1997, . [RFC2764] Gleeson, B., "A Framework for IP Based Virtual Private Networks", RFC 2764, February 2000, . [RFC3232] Reynolds, J., "Assigned Numbers: RFC 1700 is Replaced by an On-line Database", RFC 3232, January 2002, . [RFC6346] Bush, R., "The Address plus Port (A+P) Approach to the IPv4 Address Shortage", RFC 6346, August 2011, . [RFC904] Mills, D., "A Framework for IP Based Virtual Private Networks", RFC 904, April 1984, . Authors' Addresses Jilong Wang (editor) Tsinghua University Beijing 100084 China Email: wjl@tsinghua.edu.cn Congcong Miao (editor) Tsinghua University Beijing 100084 China Email: mccmiao@163.com Shuying Zhuang (editor) Tsinghua University Beijing 100084 China Email: 17751034616@163.com Wang, et al. Expires 7 December 2023 [Page 28] Internet-Draft Cyberspace Resources Categorization June 2023 Qianli Zhang (editor) Tsinghua University Beijing 100084 China Email: zhang@cernet.edu.cn Chengyuan Zhang (editor) Tsinghua University Beijing 100084 China Email: chengyua21@mails.tsinghua.edu.cn Wang, et al. Expires 7 December 2023 [Page 29]