research-article

EnCore: exploiting system environment and correlation information for misconfiguration detection

Authors:

Lakshminarayanan Renganarayana,

Yuanyuan ZhouAuthors Info & Claims

ACM SIGPLAN Notices, Volume 49, Issue 4

Pages 687 - 700

https://doi.org/10.1145/2644865.2541983

Published: 24 February 2014 Publication History

Abstract

As software systems become more complex and configurable, failures due to misconfigurations are becoming a critical problem. Such failures often have serious functionality, security and financial consequences. Further, diagnosis and remediation for such failures require reasoning across the software stack and its operating environment, making it difficult and costly. We present a framework and tool called EnCore to automatically detect software misconfigurations. EnCore takes into account two important factors that are unexploited before: the interaction between the configuration settings and the executing environment, as well as the rich correlations between configuration entries. We embrace the emerging trend of viewing systems as data, and exploit this to extract information about the execution environment in which a configuration setting is used. EnCore learns configuration rules from a given set of sample configurations. With training data enriched with the execution context of configurations, EnCore is able to learn a broad set of configuration anomalies that spans the entire system. EnCore is effective in detecting both injected errors and known real-world problems - it finds 37 new misconfigurations in Amazon EC2 public images and 24 new configuration problems in a commercial private cloud. By systematically exploiting environment information and by learning correlation rules across multiple configuration settings, EnCore detects 1.6x to 3.5x more misconfiguration anomalies than previous approaches.

References

[1]

Misconfiguration brings down entire .se domain in Sweden. http://www.circleid.com.

[2]

Google Code Style Guide. http://googlestyleguide.googlecode.com.

[3]

Internet Assigned Numbers Authority. http://www.iana.org.

[4]

Lint, a C program Verifier. http://www.unix.com/manpage/FreeBSD/1/lint.

[5]

Mysql log security. http://www.securityfocus.com/advisories/3803.

[6]

PHP configuration error. http://stackoverflow.com/questions/7754133.

[7]

PyLint. http://www.logilab.org/project/pylint/.

[8]

RapidMiner. http://www.rapid-i.com.

[9]

At what point does a config file become a programming language? http://stackoverflow.com/questions/648246/at-whatpoint-does-a-config-file-become-a-programming-language.

[10]

Weka. http://www.cs.waikato.ac.nz/ml/weka.

[11]

G. Ammons, V. Bala, T. Mummert, D. Reimer, and X. Zhang. Virtual machine images as structured data: the Mirage image library. In HotCloud, 2011.

Digital Library

[12]

S. Anand, D. Bell, and J. Hughes. The Role of Domain Knowledge in Data Mining. In Proceedings of 4th International Conference on Information and Knowledge Management (CIKM'95), December 1995.

Digital Library

[13]

M. Attariyan and J. Flinn. Using Causality to Diagnose Configuration Bugs. In Proceedings of 2008 USENIX Annual Technical Conference, June 2008.

Digital Library

[14]

M. Attariyan and J. Flinn. Automating Configuration Troubleshooting with Dynamic Information Flow Analysis. In Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation (OSDI'10), October 2010.

Digital Library

[15]

M. Attariyan, M. Chow, and J. Flinn. X-ray: Diagnosing Performance Misconfigurations in Production Software. In Proceedings of the 10th USENIX Conference on Operating Systems Design and Implementation (OSDI'12), October 2012.

Digital Library

[16]

P. S. Bradley and O. L. Mangasarian. Feature Selection via Concave Minimiation and Support Vector Machiens. In Proceedings of the 5th International Conference on Machine Learning (ICML'98), July 1998.

Digital Library

[17]

C. Cadar, D. Dunbar, and D. Engler. KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs. In Proceeedings of the 8th USENIX conference on Operating Systems Design and Implementation (OSDI'08), December 2008.

Digital Library

[18]

D. Engler, D. Y. Chen, S. Hallem, A. Chou, and B. Chelf. Bugs as Deviant Behavior: A General Approach to Inferring Errors in Systems Code. In Proceedings of the 18th ACMSymposium on Operating Systems Principles (SOSP'01), October 2001.

Digital Library

[19]

J. Gray. Dependability in the Internet Era, 2001. Keynote presentation at the 2nd HDCC Workshop.

[20]

J. Han, J. Pei, and Y. Yin. Mining Frequent Pattern without Candidate Generation. In Proceedings of the 2000 ACMInternational conference on Management of Data (SIGMOD'00), May 2000.

Digital Library

[21]

M. Hong, Z. Lu, and Y. Fuqing. A Component-based software configuration management model and its supporting system. In Proceedings of the 24th International Conference on Software Engineering (ICSE'02), May 2002.

[22]

Q. Huang, H. J. Wang, and N. Borisov. Privacy-Preserving Friends Troubleshooting Network. In Proceedings of the 12th Network and Distributed System Security Symposium (NDSS'05), February 2005.

[23]

R. J. and B. Jr. Efficiently Mining Long Patterns from Database. In Proceedings ACM SIGMOD International Conference on Management of Data (SIGMOD'98), June 1998.

Digital Library

[24]

R. Johnson. More details on today's outage. http://www.facebook.com/notes/facebook-engineering/more-details-on-todaysoutage/431441338919.

[25]

L. Keller, P. Upadhyaya, and G. Candea. ConfErr: A Tool for Assessing Resilience to Human Configuration Errors. In Proceedings of the 38th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'08), June 2008.

[26]

E. Kohler, B. Chen, M. F. Kaashoek, R. Morris, and M. Poletto. Programming language techniques for modular router configurations. Technical Report MIT-LCS-TR-812, MIT Laboratory for Computer Science, August 2000.

[27]

D. Lutterkort. Augeas - a Configuration API. In 2008 Linux Symposium, 2008.

[28]

J. Mason. Against The Use Of Programming Languages in Configuration Files. http://taint.org/2011/02/18/001527a.html.

[29]

K. Nagaraja, F. Oliveria, R. Bianchini, R. P. Martin, and T. D. Nguyen. Understanding and Dealing with Operator Mistakes in Internet Services. In Proceedings of the 6th USENIX Conference on Operating Systems Design and Implementation (OSDI'04), December 2004.

Digital Library

[30]

D. Oppenheimer, A. Ganapathi, and D. A. Patterson. Why Do Internet Services Fail, and What Can Be Done About It? In Proceedings of the 4th USENIX Symposium on Internet Technologies and Systems (USITS'03), March 2003.

Digital Library

[31]

A. Rabkin and R. Katz. Static Extraction of Program Configuration Options. In Proceedings of the 33th International Conference on Software Engineering (ICSE'11), May 2011.

Digital Library

[32]

A. Rabkin and R. Katz. Precomputing Possible Configuration Error Diagnoses. In Proceedings of the 26th IEEE/ACM International Conference on Automated Software Engineering (ICSE'11), May 2011.

Digital Library

[33]

A. Rakesh and S. Ramakrishnan. In Proceedings of the 20th International Conference on Very Large Data Bases (VLDB'94), September 1994.

[34]

V. Ramachandran, M. Gupta, M. Sethi, and S. R. Chowdhury. Determining Configuration Parameter Dependencies via Analysis of Configuration Data from Multi-tiered Enterprise Applications. In Proceedings of the 6th International Conference on Autonomic Computing and Communications (ICAC'09), June 2009.

Digital Library

[35]

B. S., M. R., U. J., and T. S. Dynamic Itemset Counting and Implication Rules for Market Basket Data. In Proceedings ACM SIGMOD International Conference on Management of Data (SIGMOD'97), May 1997.

Digital Library

[36]

C. Shannon. A Mathematical Theory of Communication. The Bell System Technical Journal, 27:379--423, July 1984.

[37]

K. Smets and J. Vreeken. SLIM: Directly Mining Descriptive Patterns. In Proceedings of 2012 SIAM International Conference on Data Mining (SDM'12), April 2012.

[38]

R. Srikant and R. Agrawl. Mining Quantative Association Rules in Large Relational Tables. In Proceedings ACM SIGMOD International Conference on Management of Data (SIGMOD'96), June 1996.

Digital Library

[39]

Y.-Y. Su, M. Attariyan, and J. Flinn. AutoBash: Improving Configuration Management with Operating System Causality Analysis. In Proceedings of the 21st ACM Symposium on Operating Sytems Principles (SOSP'07), October 2007.

Digital Library

[40]

S. Traugott and J. Huddleston. Bootstrapping an Infrastructure. In Proceedings of the 13th Systems Administration Conference (LISA'99), November 1999.

Digital Library

[41]

H. J. Wang, J. C. Platt, Y. Chen, R. Zhang, and Y.-M. Wang. Automatic Misconfiguration Troubleshooting with PeerPressure. In Proceedings of the 6th USENIX Conference on Operating Systems Design and Implementation (OSDI'04), December 2004.

Digital Library

[42]

Y.-M. Wang, C. Verbowski, J. Dunagan, Y. Chen, H. Wang, C. Yuan, and Z. Zhang. STRIDER: A Black-box, Statebased Approach to Change and Configuration Management and Support. In Proceedings of the 17th Large Installation Systems Admistration Conference (LISA'03), October 2003.

Digital Library

[43]

M. Welsh. What I wish systems researchers would work on. http://http://matt-welsh.blogspot.com/2013/05.

[44]

T. Xu, J. Zhang, P. Huang, J. Zheng, T. Sheng, D. Yuan, Y. Zhou, and S. Pasupathy. Do not Blame Users for Misconfigurations. In Proceedings of the 24th ACM Symposium on Operating Systems Principles (SOSP'13).

Digital Library

[45]

W. Xu, L. Huang, A. Fox, D. Patterson, and M. Jordan. Detecting Large-Scale System Problems by Mining Console Logs. In Proceedings of the 2009 Symposium on Operating Systems Principles, 2009.

Digital Library

[46]

Z. Yin, X.Ma, J. Zheng, Y. Zhou, L. N. Bairavasundaram, and S. Pasupathy. An Empirical Study on Configuration Errors in Commercial and Open Source Systems. In Proceedings of the 23rd ACM Symposium on Operating Systems Principles (SOSP'11), October 2011.

Digital Library

[47]

D. Yuan, Y. Xie, R. Panigrahy, J. Yang, C. Verbowsky, and A. Kumar. Context-based Online Configuration-Error Detection. In Proceedings of 2011 USENIX Anuual Technical Conference, June 2011.

Digital Library

Cited By

Li JLi SLi KLuo FYu HLi SLi XRoychoudhury APaiva AAbreu RStorey M(2024)ECFuzz: Effective Configuration Fuzzing for Large-Scale SystemsProceedings of the IEEE/ACM 46th International Conference on Software Engineering10.1145/3597503.3623315(1-12)Online publication date: 20-May-2024
https://dl.acm.org/doi/10.1145/3597503.3623315
Samir ADagenborg H(2023)Adaptive Controller to Identify Misconfigurations and Optimize the Performance of Kubernetes Clusters and IoT Edge DevicesService-Oriented and Cloud Computing10.1007/978-3-031-46235-1_11(170-187)Online publication date: 12-Oct-2023
https://doi.org/10.1007/978-3-031-46235-1_11
Samir AAl-Wosabi AKhan MDagenborg H(2023)A Multi-pronged Self-adaptive Controller for Analyzing Misconfigurations for Kubernetes Clusters and IoT Edge DevicesService-Oriented and Cloud Computing10.1007/978-3-031-46235-1_10(153-169)Online publication date: 12-Oct-2023
https://doi.org/10.1007/978-3-031-46235-1_10
Show More Cited By

Index Terms

EnCore: exploiting system environment and correlation information for misconfiguration detection
1. General and reference
  1. Cross-computing tools and techniques
    1. Reliability
2. Software and its engineering
  1. Software organization and properties
    1. Extra-functional properties
      1. Software reliability

Recommendations

Do not blame users for misconfigurations
SOSP '13: Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles

Similar to software bugs, configuration errors are also one of the major causes of today's system failures. Many configuration issues manifest themselves in ways similar to software bugs such as crashes, hangs, silent failures. It leaves users clueless ...
EnCore: exploiting system environment and correlation information for misconfiguration detection
ASPLOS '14: Proceedings of the 19th international conference on Architectural support for programming languages and operating systems

As software systems become more complex and configurable, failures due to misconfigurations are becoming a critical problem. Such failures often have serious functionality, security and financial consequences. Further, diagnosis and remediation for such ...
Systems Approaches to Tackling Configuration Errors: A Survey

In recent years, configuration errors (i.e., misconfigurations) have become one of the dominant causes of system failures, resulting in many severe service outages and downtime. Unfortunately, it is notoriously difficult for system users (e.g., ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM SIGPLAN Notices

ACM SIGPLAN Notices Volume 49, Issue 4

ASPLOS '14

April 2014

729 pages

ISSN:0362-1340

EISSN:1558-1160

DOI:10.1145/2644865

Editors:
Mark W. Bailey
Hamilton College, Clinton, NY
,
Rajeev Balasubramonian
University of Utah
,
Al Davis
University of Utah
,
Sarita Adve
University of Illinois at Urbana-Champ

Issue’s Table of Contents

ASPLOS '14: Proceedings of the 19th international conference on Architectural support for programming languages and operating systems
February 2014
780 pages
ISBN:9781450323055
DOI:10.1145/2541940
General Chairs:
Rajeev Balasubramonian
University of Utah
,
Al Davis
University of Utah
,
Program Chair:
Sarita Adve
University of Illinois at Urbana-Champ

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 February 2014

Published in SIGPLAN Volume 49, Issue 4

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

100
Total Citations
View Citations
863
Total Downloads

Downloads (Last 12 months)72
Downloads (Last 6 weeks)2

Reflects downloads up to 18 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Li JLi SLi KLuo FYu HLi SLi XRoychoudhury APaiva AAbreu RStorey M(2024)ECFuzz: Effective Configuration Fuzzing for Large-Scale SystemsProceedings of the IEEE/ACM 46th International Conference on Software Engineering10.1145/3597503.3623315(1-12)Online publication date: 20-May-2024
https://dl.acm.org/doi/10.1145/3597503.3623315
Samir ADagenborg H(2023)Adaptive Controller to Identify Misconfigurations and Optimize the Performance of Kubernetes Clusters and IoT Edge DevicesService-Oriented and Cloud Computing10.1007/978-3-031-46235-1_11(170-187)Online publication date: 12-Oct-2023
https://doi.org/10.1007/978-3-031-46235-1_11
Samir AAl-Wosabi AKhan MDagenborg H(2023)A Multi-pronged Self-adaptive Controller for Analyzing Misconfigurations for Kubernetes Clusters and IoT Edge DevicesService-Oriented and Cloud Computing10.1007/978-3-031-46235-1_10(153-169)Online publication date: 12-Oct-2023
https://doi.org/10.1007/978-3-031-46235-1_10
Palumbo FBuji AYazidi AHaugerud H(2022)Genetic Algorithms For Tightening Security2022 14th IFIP Wireless and Mobile Networking Conference (WMNC)10.23919/WMNC56391.2022.9954297(62-69)Online publication date: 17-Oct-2022
https://doi.org/10.23919/WMNC56391.2022.9954297
Byrne AAtes ETurk APchelin VDuri SNadgowda SIsci CCoskun A(2022)Praxi: Cloud Software Discovery That Learns From PracticeIEEE Transactions on Cloud Computing10.1109/TCC.2020.297543910:2(872-884)Online publication date: 1-Apr-2022
https://doi.org/10.1109/TCC.2020.2975439
Cheng RZhang LMarinov DXu TCadar CZhang X(2021)Test-case prioritization for configuration testingProceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3460319.3464810(452-465)Online publication date: 11-Jul-2021
https://dl.acm.org/doi/10.1145/3460319.3464810
Li WJia ZLi SZhang YWang TXu EWang JLiao XCadar CZhang X(2021)Challenges and opportunities: an in-depth empirical study on configuration error injection testingProceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3460319.3464799(478-490)Online publication date: 11-Jul-2021
https://dl.acm.org/doi/10.1145/3460319.3464799
Zoppi TCeccarelli ABondavalli A(2021)MADneSs: A Multi-Layer Anomaly Detection Framework for Complex Dynamic SystemsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2019.290836618:2(796-809)Online publication date: 1-Mar-2021
https://doi.org/10.1109/TDSC.2019.2908366
Athamnah MPal AKant K(2018)A Framework for Misconfiguration Diagnosis in Interconnected Multiparty Systems2018 27th International Conference on Computer Communication and Networks (ICCCN)10.1109/ICCCN.2018.8487411(1-9)Online publication date: Jul-2018
https://doi.org/10.1109/ICCCN.2018.8487411
Zhu YLiu JGuo MMa WBao Y(2017)ACTS in NeedProceedings of the 8th Asia-Pacific Workshop on Systems10.1145/3124680.3124730(1-8)Online publication date: 2-Sep-2017
https://dl.acm.org/doi/10.1145/3124680.3124730
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents