Error detection/correction and fault detection/recovery – Data processing system error or fault handling – Reliability and availability
Reexamination Certificate
2009-02-27
2011-11-29
Guyton, Philip (Department: 2113)
Error detection/correction and fault detection/recovery
Data processing system error or fault handling
Reliability and availability
C714S039000, C714S045000
Reexamination Certificate
active
08069374
ABSTRACT:
A technique for automatically detecting and correcting configuration errors in a computing system. In a learning process, recurring event sequences, including e.g., registry access events, are identified from event logs, and corresponding rules are developed. In a detecting phase, the rules are applied to detected event sequences to identify violations and to recover from failures. Event sequences across multiple hosts can be analyzed. The recurring event sequences are identified efficiently by flattening a hierarchical sequence of the events such as is obtained from the Sequitur algorithm. A trie is generated from the recurring event sequences and edges of nodes of the trie are marked as rule edges or non-rule edges. A rule is formed from a set of nodes connected by rule edges. The rules can be updated as additional event sequences are analyzed. False positive suppression policies include a violation-consistency policy and an expected event disappearance policy.
REFERENCES:
patent: 6349393 (2002-02-01), Cox
patent: 6470375 (2002-10-01), Whitner et al.
patent: 7089536 (2006-08-01), Ueki et al.
patent: 7263632 (2007-08-01), Ritz et al.
patent: 7386839 (2008-06-01), Golender
patent: 7483970 (2009-01-01), Anuszczyk et al.
patent: 7725943 (2010-05-01), Shannon et al.
patent: 2004/0199828 (2004-10-01), Cabezas et al.
patent: 2008/0244534 (2008-10-01), Golender
patent: 2008/0276131 (2008-11-01), Bantz
patent: 2010/0100774 (2010-04-01), Ding et al.
Attariyan, et al., “Using Causality to Diagnose Configuration Bugs,” USENIX 2008 Annual Technical Conference on Annual Technical Conference, Boston, Massachusettes, 2008.
Su, et al., “AutoBash: Improving configuration management with operating system causality analysis,” SOSP '07, Oct. 14-17, 2007, Stevenson, Washington, US.
Wang, et al., “Automatic Misconfiguration Troubleshooting with PeerPresure,” Proceedings of the 6th conference on Symposium on Operating Systems Design & Implementation—vol. 6, San Francisco, CA, 2004.
King, et al., “Debugging operating systems with time-traveling virtual machines,” USENIX Association, 2005 USENIX Annual Technical Conference.
Mogul, “Emergent(Mis)behavior;vs.Complex Software Systems,” Proceedings of the 2006 EuroSys Conference, Apr. 18-21, 2006, Leuven, elgium.
Tallann, “Fault Location and Avoidance in Long-Running MultiThreaded Applications,” University of Arizona, Dissertation to Department of Computer Science for the Degree of Doctor of Philosophy, 2007.
Verbowski, et al., “Flight Data Recorder: Monitoring Persistent-State Interactions to Improve Systems Management,” Microsoft Research, Proceedings of the 7th Symposium on operating system design and implementation, Seattle, Washington, 2006.
Manning, et al., “Identifying Hierarchical Structure in Sequences: A linear-time algorithm,” Journal of Artificial Intelligence Research, Sep. 1997.
Rabin, “Fingerprinting by Random Polynomials,” Center for Research on computing technology, Harvard University, TR-15-81 (1981).
Crandall, “Temporal Search: Detecting Hidden Malware Timebombs with Virtual Machines,” University of California at Davis and Santa Barbara, ASPLOS '06, Oct. 21-25, 2006, San Jose, California.
Brumley, “Towards Automatic Discovery of Deviations in Binary Implementations with Applications to Error Detection and Fingerprint Generation,” Proceedings of the 16th USENIX Security Symposium on USENIX Security Symposium, Boston, Massachusettes, 2007.
Panigrahy Rina
Verbowski Chad
Xie Yinglian
Yang Junfeng
Yuan Ding
Guyton Philip
Microsoft Corporation
Vierra Magen Marcus & DeNiro LLP
LandOfFree
Fingerprinting event logs for system management troubleshooting does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Fingerprinting event logs for system management troubleshooting, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Fingerprinting event logs for system management troubleshooting will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4289468