You are here

Progress report meeting - december 2012

The full outline of the december meeting can be found here. Here is the part concerning the DMCT project.

Thursday, December 6, 2012 (all day)

Distributed Multi-Core Tracing (project "dmct")

Start time End time Presenter Subject Description
9:00 9:30 DRDC: Mario Couture Introduction Brief description of the project initial objectives, its organization, the participants and a summary of the main results and motivation for subsequent work.
9:30 10:30 Alexandre Montplaisir, Matthew Khouzam and the TMF team at Ericsson The Tracing and Monitoring Framework (TMF) (slides) An important part of the project was applying the new proposed algorithms to real industrial problems. A research and development team at Ericsson developed TMF in collaboration with research associates and students from the project. The resulting system helped refine several of the proposed algorithms and now offers unrivaled performance for analyzing trace data.
10:30 10:45 Break    
10:45 11:15 Hamoud Aljamaan/ Pr. Tim Lethbridge Model-level tracing: presentation and demo. We will demonstrate our progress towards injecting trace statements at the model level, particularly tracing associations, states, and controlling tracing based on the state of objects. Our techniques are tracer-agnostic: They can inject tracing in generated code for LTTng or other tracers.
11:15 12:00 Maxime Carbonneau-Leclerc/ Pr. Béchir Ktari Automated fault identification: presentation and demo. Overview about the work done in signature-based, anomaly-based and policy-based detection techniques. In addition, we will focus on our progress in the modelling of a system and the use of expert systems for identifying behaviours that violate a given security policy.
12:00 13:00 Lunch    
13:00 14:00 Shariyar Murtaza, Waseem Fadel, and Heidar Pirzadeh/ Pr. Abdelwahab Hamou-Lhadj Trace abstraction and correlation: presentation and demo. We will present trace abstraction techniques that we have developed  to simplify the analysis of large system call traces using the Linux Pattern Library. We will also discuss the extraction of high-level views from user space traces using the concept of execution phases. Another aspect of this presentation will focus on presenting the work resulting from the additional investment made by DRDC in the trace abstraction research thread, namely, the review of existing host-based anomaly detection techniques, the comparison of various machine-learning algorithms in the context of anomaly detection systems, and the application of redundancy and diversity for system resilience. This work has led to the definition of two research projects, namely the Online Surveillance of Critical Computer Systems through Advanced Host-Based Detection and the Secure High Availability and Resiliency for Critical Computerized Systems.
14:00 14:30 David Goulet/ Mathieu Desnoyers Algorithms and architecture for tracing Description of the algorithms and techniques used to insert tracepoints in the kernel and in userspace applications with LTTng and UST. Moreover, the organization of shared memory buffers and helper daemons (session and consumer daemons) is described.
14:30 15:00 Julien Desfossez/ Pr. Michel Dagenais Virtual machines and real machines simultaneous tracing and monitoring with LTTngTop (slides) The streaming tracing architecture is described along with the LTTngTop live monitoring application. LTTngTop can access tracing data directly from the shared memory buffers or through the network, and efficiently produces a summary of the performance of each node, CPU, process, and other system resources.
15:00 15:15 Break    
15:15 15:45 Masoume Jabbarifar/ Pr. Michel Dagenais Distributed traces synchronisation (slides) New and efficient algorithms were developed to incrementally compute the clock differences between every pair of traced communicating nodes. Moreover, a synchronization minimum spanning tree and optimal reference node are incrementally computed to efficiently present a synchronized view of traces originating from several networked nodes.
15:45 16:15 Francis Giraldeau/ Pr. Michel Dagenais Distributed traces modelling and critical path analysis (slides) The dependencies between the different events causing state changes in processes are automatically analyzed in order to compute the critical path between a start and end event (e.g. query and response). This analysis takes into account several effects including parallel computations happening asynchronously and many different models of distributed computations. This is extremely helpful in identifying where the total time is spent to serve a request.
16:15 16:45 Alireza Shameli/ Pr. Michel Dagenais System health monitoring and reactive measures activation Once faults are identified from trace analysis, through abstraction and automated fault identification, the system needs to assess the system health and determine if reactive measures are necessary. We propose new algorithms which take into account the criticality of the resources attacked, the effectiveness but also detrimental effect of the available reactive measures, and the recent history of previously applied reactive measures.
16:45 17:00   Conclusion