MCP-Diag: A Deterministic, Protocol-Driven Architecture for AI-Native Network Diagnostics
This addresses network diagnostics for AIOps by providing a secure and reliable method, though it is incremental as it builds on existing protocols and utilities.
The paper tackled the stochastic grounding problem and security gap in integrating LLMs into network operations by introducing MCP-Diag, a deterministic, protocol-driven architecture that achieved 100% entity extraction accuracy with less than 0.9% execution latency overhead and a 3.7x increase in context token usage.
The integration of Large Language Models (LLMs) into network operations (AIOps) is hindered by two fundamental challenges: the stochastic grounding problem, where LLMs struggle to reliably parse unstructured, vendor-specific CLI output, and the security gap of granting autonomous agents shell access. This paper introduces MCP-Diag, a hybrid neuro-symbolic architecture built upon the Model Context Protocol (MCP). We propose a deterministic translation layer that converts raw stdout from canonical utilities (dig, ping, traceroute) into rigorous JSON schemas before AI ingestion. We further introduce a mandatory "Elicitation Loop" that enforces Human-in-the-Loop (HITL) authorization at the protocol level. Our preliminary evaluation demonstrates that MCP-Diag achieving 100% entity extraction accuracy with less than 0.9% execution latency overhead and 3.7x increase in context token usage.