You are here

Progress Report Meeting December 2011


09:00 - 09:05 - Introduction

09:05 - 09:30 - Mario Couture, The Poly-Tracing Project, DRDC Perspective


09:30 - 09:45 - Michel Dagenais, École Polytechnique de Montréal

Title: Project Overview (slides)

Overview of the Tracing and Monitoring Multi-core Distributed Systems project. Achievements in each track, short term plans and longer term future research.

09:45 - 10:05 - State History System

Alexandre Montplaisir (slides)

A final update on the new State System for trace viewers like TMF. We will also present the partial history. This new option allows for important reductions in disk space usage while maintaining logarithmic performance.

10:05 - 10:25 - Naser Ezzati

Title: Multi level trace events linking, storage and display (slides)

This presentation investigates making link between different levels of information and discuss the problem in detail and some possible solutions for that.

10:25 - 10:40 - Break

10:40 - 11:15 - Université Laval

Overview about the work done in Anomaly-Based detection and Policy-Based techniques. (slides)

11:15 - 12:00 - Université Concordia: Abstraction of user space traces


12:00 - 13:00 - Lunch

Lunch will be provided at Polytechnique
Room - L4812

13:00 - 13:40 - LTTng 2.0 + LTTngtop (David+Mathieu+Julien+Yannick)


13:40 - 14:10 - Eclipse

Matthew Khouzam (slides(PDF))

The TMF platform will be explored with this questions and answers. New views will be explored and we will discuss how to help the research projects most effectively.

14:10 - 14:40 - Host-based anomaly detection techniques (Concordia)


14:40 - 15:25 - UOttawa - Model-Directed Tracing

Presentation: (pdf)

Title: War stories and advances in nmoel-directed tracing

Description: Recent progress, including discussion of state machine code generation, and inserting trace directives into state machines.

15:25 - 15:40 - Break

15:40 - 15:55 - Rafik Fahem

Efficient dynamic and static tracepoints in kernel space: (slides)

15:55 - 16:10 - Francis Giraldeau

Presentation: (pdf)

Title: Dependency analysis of userspace applications from kernel trace

Description: Understanding the runtime behavior of a distributed application may be challenging. We propose to apply the Critical Path Method on a kernel trace to recover the execution graph of an application. The method to compute the critical path from the execution graph will be presented. Related and future work will be discussed.

16:10 - 16:30 - Masoume Jabarrifar

Presentation: (pdf)

Title: Multi-level, Multi-core Distributed Trace Synchronization


16:30 - 16:50 - Alireza Shameli Sendi

Presentation: (pdf)

Title: System Health Monitoring and Proactive Response Activation

Response cost evaluation is a major part of the Intrusion Response System (IRS). Although many automated IRSs have been proposed, most of them use statically evaluated responses, avoiding the need for dynamic evaluation of response cost. However, by designing a dynamic evaluation for the responses we can alleviate the drawbacks of the static model. Furthermore, it will be more effective at defending a system from an attack as it will be less predictable. A dynamic model offers the best response based on the current situation of the network. Thus, the evaluation of the positive effects and negative impacts of the responses must be computed online, at attack time, in a dynamic model. We evaluate the response cost online with respect to the resources dependencies, the number of online users, and user’s privilege level.

In this presentation, we present a practical model with relevant factors for response cost evaluation. The proposed model is a platform that leads us to account for the user’s need in terms of quality of services (QoS) and the dependencies of critical processes. Compared with other response evaluation models, the proposed model consists of not only a novel online mechanism for response cost evaluation in complex network
topologies, but also the more detailed factors to evaluate positive effects and negative impacts. In addition, we discuss the main challenges to evaluate response costs with respect to the attack type.

16:50 - 17:00 - Conclusion