Scalable offline monitoring

被引：27

作者：

Basin, David ^{[1
]}

Caronni, Germano ^{[2
]}

Ereth, Sarah ^{[3
]}

Harvan, Matúš ^{[4
]}

Klaedtke, Felix ^{[5
]}

Mantel, Heiko ^{[3
]}

机构：

[1] Institute of Information Security, ETH Zurich

[2] Department of Computer Science, TU Darmstadt

[3] NEC Europe Ltd., Heidelberg

来源：

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | 2014年 / 8734卷

关键词：

File organization;

D O I：

10.1007/978-3-319-11164-3_4

中图分类号：

学科分类号：

摘要：

We propose an approach to monitoring IT systems offline, where system actions are logged in a distributed file system and subsequently checked for compliance against policies formulated in an expressive temporal logic. The novelty of our approach is that monitoring is parallelized so that it scales to large logs. Our technical contributions comprise a formal framework for slicing logs, an algorithmic realization based on MapReduce, and a high-performance implementation. We evaluate our approach analytically and experimentally, proving the soundness and completeness of our slicing techniques and demonstrating its practical feasibility and efficiency on real-world logs with 400 GB of relevant data. © Springer International Publishing Switzerland 2014.

引用

页码：31 / 47

页数：16

共 25 条

[1]

Abiteboul S., Hull R., Vianu V., Foundations of Databases: The Logical Level, (1994)

[2]

Alur R., Henzinger T.A., Logics and models of real time: A survey, REX 1991. LNCS, 600, pp. 74-106, (1992)

[3]

Baier C., Katoen J.-P., Principles of Model Checking, (2008)

[4]

Barre B., Klein M., Soucy-Boivin M., Ollivier P.-A., Halle S., MapReduce for parallel trace validation of LTL properties, RV 2012. LNCS, 7687, pp. 184-198, (2013)

[5]

Barringer H., Goldberg A., Havelund K., Sen K., Rule-based runtime verification, VMCAI 2004. LNCS, 2937, pp. 44-57, (2004)

[6]

Barringer H., Groce A., Havelund K., Smith M., Formal analysis of log files, J.Aero. Comput. Inform. Comm, 7, pp. 365-390, (2010)

[7]

Basin D., Harvan M., Klaedtke F., Zalinescu E., MONPOLY: Monitoring usage-control policies, RV 2011. LNCS, 7186, pp. 360-364, (2012)

[8]

Basin D., Harvan M., Klaedtke F., Zalinescu E., Monitoring data usage in distributed systems, IEEE Trans. Software Eng, 39, 10, pp. 1403-1426, (2013)

[9]

Basin D., Klaedtke F., Muller S., Pfitzmann B., Runtime monitoring of metric first-order temporal properties, Proceedings of the 28Th IARCS Annual Conference on Foundations of Software Technology and Theoretical Computer Science (FSTTCS). Leibniz International Proceedings in Informatics (Lipics), 2, pp. 49-60, (2008)

[10]

Bauer A., Gore R., Tiu A., A first-order policy language for history-based transaction monitoring, ICTAC 2009. LNCS, 5684, pp. 96-111, (2009)

← 1 2 3 →