Repairing broken tests in evolving software systems is an expensive and challenging task. One of the main challenges for test repair, in particular, is preserving the intent of the original tests in the repaired ones. To address this challenge, we propose a technique for test repair that models and considers the intent of a test when repairing it. Our technique first uses a search-based approach to generate repair candidates for the broken test. It then computes, for each candidate, its likelihood of preserving the original test intent. To do so, the technique characterizes such intent using the path conditions generated during a dynamic symbolic execution of the tests. Finally, the technique reports the best candidates to the developer as repair recommendations. We implemented and evaluated our technique on a benchmark of 91 broken tests in 4 open-source programs. Our results are promising, in that the technique was able to generate intentpreserving repair candidates for over 79% of those broken tests and rank the intent-preserving candidates as the first choice of repair recommendations for almost 70% of the broken tests.
{"title":"Intent-Preserving Test Repair","authors":"Xiangyu Li, Marcelo d’Amorim, A. Orso","doi":"10.1109/ICST.2019.00030","DOIUrl":"https://doi.org/10.1109/ICST.2019.00030","url":null,"abstract":"Repairing broken tests in evolving software systems is an expensive and challenging task. One of the main challenges for test repair, in particular, is preserving the intent of the original tests in the repaired ones. To address this challenge, we propose a technique for test repair that models and considers the intent of a test when repairing it. Our technique first uses a search-based approach to generate repair candidates for the broken test. It then computes, for each candidate, its likelihood of preserving the original test intent. To do so, the technique characterizes such intent using the path conditions generated during a dynamic symbolic execution of the tests. Finally, the technique reports the best candidates to the developer as repair recommendations. We implemented and evaluated our technique on a benchmark of 91 broken tests in 4 open-source programs. Our results are promising, in that the technique was able to generate intentpreserving repair candidates for over 79% of those broken tests and rank the intent-preserving candidates as the first choice of repair recommendations for almost 70% of the broken tests.","PeriodicalId":446827,"journal":{"name":"2019 12th IEEE Conference on Software Testing, Validation and Verification (ICST)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132023567","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Developers may choose to implement a library, despite the existence of similar libraries, considering factors such as computational performance, language or platform dependency, and accuracy. As a result, GitHub is a host to several library projects that have overlaps in the functionalities. These overlaps have been of interest to developers from the perspective of code reuse or preferring one implementation over the other. We present an empirical study to explore the extent and nature of existence of these similarities in the library functions. We have further studied whether the similarity among functions across different libraries and their associated test suites can be leveraged to reveal defects in one another. Applying a natural language processing based approach on the documentations associated with functions, we have extracted matching functions across 12 libraries, available on GitHub, over 2 programming languages and 3 themes. Our empirical evaluation indicates existence of a significant number of similar functions across libraries in same as well as different programming languages where a language can influence the extent of existence of similarities. The test suites from another library can serve as an effective source of defect revealing tests. The study resulted in revealing 72 defects in 12 libraries. Further, we analyzed the source of origination of the defect revealing tests. We deduce that issue reports and pull requests can be beneficial in attaining quality test cases not only to test the libraries in which these issues are reported but also for other libraries that are similar in theme.
{"title":"Similarities Across Libraries: Making a Case for Leveraging Test Suites","authors":"Devika Sondhi, Divya Rani, Rahul Purandare","doi":"10.1109/ICST.2019.00018","DOIUrl":"https://doi.org/10.1109/ICST.2019.00018","url":null,"abstract":"Developers may choose to implement a library, despite the existence of similar libraries, considering factors such as computational performance, language or platform dependency, and accuracy. As a result, GitHub is a host to several library projects that have overlaps in the functionalities. These overlaps have been of interest to developers from the perspective of code reuse or preferring one implementation over the other. We present an empirical study to explore the extent and nature of existence of these similarities in the library functions. We have further studied whether the similarity among functions across different libraries and their associated test suites can be leveraged to reveal defects in one another. Applying a natural language processing based approach on the documentations associated with functions, we have extracted matching functions across 12 libraries, available on GitHub, over 2 programming languages and 3 themes. Our empirical evaluation indicates existence of a significant number of similar functions across libraries in same as well as different programming languages where a language can influence the extent of existence of similarities. The test suites from another library can serve as an effective source of defect revealing tests. The study resulted in revealing 72 defects in 12 libraries. Further, we analyzed the source of origination of the defect revealing tests. We deduce that issue reports and pull requests can be beneficial in attaining quality test cases not only to test the libraries in which these issues are reported but also for other libraries that are similar in theme.","PeriodicalId":446827,"journal":{"name":"2019 12th IEEE Conference on Software Testing, Validation and Verification (ICST)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129323136","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Fuzzing is a form of random testing that is widely used for finding bugs and vulnerabilities. State of the art approaches commonly leverage information about the control flow of prior executions of the program under test to decide which inputs to mutate further. By relying solely on control flow information to characterize executions, such approaches may miss relevant differences. We propose augmenting evolutionary fuzzing by additionally leveraging information about memory accesses performed by the target program. The resulting approach can leverage more sophisticated information about the execution of the target program, enhancing the effectiveness of the evolutionary fuzzing. We implement our approach as a modification of the widely used AFL fuzzer and evaluate our implementation on three widely used target applications. We find distinct crashes from those detected by AFL for all three targets in our evaluation.
{"title":"MemFuzz: Using Memory Accesses to Guide Fuzzing","authors":"Nicolas Coppik, Oliver Schwahn, N. Suri","doi":"10.1109/ICST.2019.00015","DOIUrl":"https://doi.org/10.1109/ICST.2019.00015","url":null,"abstract":"Fuzzing is a form of random testing that is widely used for finding bugs and vulnerabilities. State of the art approaches commonly leverage information about the control flow of prior executions of the program under test to decide which inputs to mutate further. By relying solely on control flow information to characterize executions, such approaches may miss relevant differences. We propose augmenting evolutionary fuzzing by additionally leveraging information about memory accesses performed by the target program. The resulting approach can leverage more sophisticated information about the execution of the target program, enhancing the effectiveness of the evolutionary fuzzing. We implement our approach as a modification of the widely used AFL fuzzer and evaluate our implementation on three widely used target applications. We find distinct crashes from those detected by AFL for all three targets in our evaluation.","PeriodicalId":446827,"journal":{"name":"2019 12th IEEE Conference on Software Testing, Validation and Verification (ICST)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130000821","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Farah Hariri, A. Shi, V. Fernando, Suleman Mahmood, D. Marinov
Mutation testing is widely used in research for evaluating the effectiveness of test suites. There are multiple mutation tools that perform mutation at different levels, including traditional mutation testing at the level of source code (SRC) and more recent mutation testing at the level of compiler intermediate representation (IR). This paper presents an extensive comparison of mutation testing at the SRC and IR levels, specifically at the C programming language and the LLVM compiler IR levels. We use a mutation testing tool called SRCIROR that implements conceptually the same mutation operators at both levels. We also employ automated techniques to account for equivalent and duplicated mutants, and to determine minimal and surface mutants. We carry out our study on 15 programs from the Coreutils library. Overall, we find mutation testing to be better at the SRC level: the SRC level produces much fewer mutants and is thus less expensive, but the SRC level still generates a similar number of minimal and surface mutants, and the mutation scores at both levels are very closely correlated. We also perform a case study on the Space program to evaluate which level's mutation score correlates better with the actual fault-detection capability of test suites sampled from Space's test pool. We find the mutation score at both levels to not be very correlated with the actual fault-detection capability of test suites.
{"title":"Comparing Mutation Testing at the Levels of Source Code and Compiler Intermediate Representation","authors":"Farah Hariri, A. Shi, V. Fernando, Suleman Mahmood, D. Marinov","doi":"10.1109/ICST.2019.00021","DOIUrl":"https://doi.org/10.1109/ICST.2019.00021","url":null,"abstract":"Mutation testing is widely used in research for evaluating the effectiveness of test suites. There are multiple mutation tools that perform mutation at different levels, including traditional mutation testing at the level of source code (SRC) and more recent mutation testing at the level of compiler intermediate representation (IR). This paper presents an extensive comparison of mutation testing at the SRC and IR levels, specifically at the C programming language and the LLVM compiler IR levels. We use a mutation testing tool called SRCIROR that implements conceptually the same mutation operators at both levels. We also employ automated techniques to account for equivalent and duplicated mutants, and to determine minimal and surface mutants. We carry out our study on 15 programs from the Coreutils library. Overall, we find mutation testing to be better at the SRC level: the SRC level produces much fewer mutants and is thus less expensive, but the SRC level still generates a similar number of minimal and surface mutants, and the mutation scores at both levels are very closely correlated. We also perform a case study on the Space program to evaluate which level's mutation score correlates better with the actual fault-detection capability of test suites sampled from Space's test pool. We find the mutation score at both levels to not be very correlated with the actual fault-detection capability of test suites.","PeriodicalId":446827,"journal":{"name":"2019 12th IEEE Conference on Software Testing, Validation and Verification (ICST)","volume":"43 5","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131653353","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Wenxi Wang, Kaiyuan Wang, Mengshi Zhang, S. Khurshid
Constraint-solving is an expensive phase for scenario finding tools. It has been widely observed that there is no single "dominant" SAT solver that always wins in every case; instead, the performance of different solvers varies by cases. Some SAT solvers perform particularly well for certain tasks while other solvers perform well for other tasks. In this paper, we propose an approach that uses machine learning techniques to automatically select a SAT solver for one of the widely used scenario finding tools, i.e. Alloy Analyzer, based on the features extracted from a given model. The goal is to choose the best SAT solver for a given model to minimize the expensive constraint solving time. We extract features from three different levels, i.e. the Alloy source code level, the Kodkod formula level and the boolean formula level. The experimental results show that our portfolio approach outperforms the best SAT solver by 30% as well as the baseline approach by 128% where users randomly select a solver for any given model.
{"title":"Learning to Optimize the Alloy Analyzer","authors":"Wenxi Wang, Kaiyuan Wang, Mengshi Zhang, S. Khurshid","doi":"10.1109/ICST.2019.00031","DOIUrl":"https://doi.org/10.1109/ICST.2019.00031","url":null,"abstract":"Constraint-solving is an expensive phase for scenario finding tools. It has been widely observed that there is no single \"dominant\" SAT solver that always wins in every case; instead, the performance of different solvers varies by cases. Some SAT solvers perform particularly well for certain tasks while other solvers perform well for other tasks. In this paper, we propose an approach that uses machine learning techniques to automatically select a SAT solver for one of the widely used scenario finding tools, i.e. Alloy Analyzer, based on the features extracted from a given model. The goal is to choose the best SAT solver for a given model to minimize the expensive constraint solving time. We extract features from three different levels, i.e. the Alloy source code level, the Kodkod formula level and the boolean formula level. The experimental results show that our portfolio approach outperforms the best SAT solver by 30% as well as the baseline approach by 128% where users randomly select a solver for any given model.","PeriodicalId":446827,"journal":{"name":"2019 12th IEEE Conference on Software Testing, Validation and Verification (ICST)","volume":"75 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121109478","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Béla Vancsics, Péter Gyimesi, Andrea Stocco, D. Mazinanian, Árpád Beszédes, R. Ferenc, A. Mesbah
In our recent work, we proposed BUGSJS, a benchmark of several hundred bugs from popular JavaScript serverside programs. In this abstract paper, we report the results of our initial evaluation in adopting BUGSJS to support an experiment in fault localization. First, we describe how BUGSJS facilitated accessing the information required to perform the experiment, namely, test case code, their outcomes, their associated code coverage and related bug information. Second, we illustrate how BUGSJS can be improved to further enable easier application to fault localization research, for instance, by filtering out failing test cases that do not directly contribute to a bug. We hope that our preliminary results will foster researchers in using BUGSJS to enable highly-reproducible empirical studies and comparisons of JavaScript analysis and testing tools.
{"title":"Poster: Supporting JavaScript Experimentation with BugsJS","authors":"Béla Vancsics, Péter Gyimesi, Andrea Stocco, D. Mazinanian, Árpád Beszédes, R. Ferenc, A. Mesbah","doi":"10.1109/ICST.2019.00046","DOIUrl":"https://doi.org/10.1109/ICST.2019.00046","url":null,"abstract":"In our recent work, we proposed BUGSJS, a benchmark of several hundred bugs from popular JavaScript serverside programs. In this abstract paper, we report the results of our initial evaluation in adopting BUGSJS to support an experiment in fault localization. First, we describe how BUGSJS facilitated accessing the information required to perform the experiment, namely, test case code, their outcomes, their associated code coverage and related bug information. Second, we illustrate how BUGSJS can be improved to further enable easier application to fault localization research, for instance, by filtering out failing test cases that do not directly contribute to a bug. We hope that our preliminary results will foster researchers in using BUGSJS to enable highly-reproducible empirical studies and comparisons of JavaScript analysis and testing tools.","PeriodicalId":446827,"journal":{"name":"2019 12th IEEE Conference on Software Testing, Validation and Verification (ICST)","volume":"55 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125047496","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Simone Vuotto, Massimo Narizzano, Luca Pulina, A. Tacchella
In the context of Requirements Engineering, checking the consistency of functional requirements is an important and still mostly open problem. In case of requirements written in natural language, the corresponding manual review is time consuming and error prone. On the other hand, automated consistency checking most often requires overburdening formalizations. In this paper we introduce ReqV, a tool for formal consistency checking of requirements. The main goal of the tool is to provide an easy-to-use environment for the verification of requirements in Cyber-Physical Systems (CPS). ReqV takes as input a set of requirements expressed in a structured natural language, translates them in a formal language and it checks their inner consistency. In case of failure, ReqV can also extracts a minimal set of conflicting requirements to help designers in correcting the specification.
{"title":"Poster: Automatic Consistency Checking of Requirements with ReqV","authors":"Simone Vuotto, Massimo Narizzano, Luca Pulina, A. Tacchella","doi":"10.1109/ICST.2019.00043","DOIUrl":"https://doi.org/10.1109/ICST.2019.00043","url":null,"abstract":"In the context of Requirements Engineering, checking the consistency of functional requirements is an important and still mostly open problem. In case of requirements written in natural language, the corresponding manual review is time consuming and error prone. On the other hand, automated consistency checking most often requires overburdening formalizations. In this paper we introduce ReqV, a tool for formal consistency checking of requirements. The main goal of the tool is to provide an easy-to-use environment for the verification of requirements in Cyber-Physical Systems (CPS). ReqV takes as input a set of requirements expressed in a structured natural language, translates them in a formal language and it checks their inner consistency. In case of failure, ReqV can also extracts a minimal set of conflicting requirements to help designers in correcting the specification.","PeriodicalId":446827,"journal":{"name":"2019 12th IEEE Conference on Software Testing, Validation and Verification (ICST)","volume":"131 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115541769","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In a growing number of domains, such as IoT for e-health and smart cities, the provisioning of end-to-end services to the users depends on the proper interoperation of multiple systems, forming a new distributed system, often subject to timing constraints. To ensure interoperability and integrity, it is important to conduct integration tests that verify the interactions with the environment and between the system components in key scenarios. To solve the test automation challenges, we propose algorithms for decentralized conformance checking and test input generation, and for checking and enforcing the conditions (local observability and controllability) that allow decentralized test execution. With this, we expect to improve the fault detection and localization capabilities and reduce the communication overhead comparatively to other model-based testing approaches. Our approach will be validated using real case studies from industrial partners.
{"title":"Automated Scenario-Based Integration Testing of Time-Constrained Distributed Systems","authors":"B. Lima","doi":"10.1109/ICST.2019.00060","DOIUrl":"https://doi.org/10.1109/ICST.2019.00060","url":null,"abstract":"In a growing number of domains, such as IoT for e-health and smart cities, the provisioning of end-to-end services to the users depends on the proper interoperation of multiple systems, forming a new distributed system, often subject to timing constraints. To ensure interoperability and integrity, it is important to conduct integration tests that verify the interactions with the environment and between the system components in key scenarios. To solve the test automation challenges, we propose algorithms for decentralized conformance checking and test input generation, and for checking and enforcing the conditions (local observability and controllability) that allow decentralized test execution. With this, we expect to improve the fault detection and localization capabilities and reduce the communication overhead comparatively to other model-based testing approaches. Our approach will be validated using real case studies from industrial partners.","PeriodicalId":446827,"journal":{"name":"2019 12th IEEE Conference on Software Testing, Validation and Verification (ICST)","volume":"77 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134314316","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Configurations play an important role in the behavior and operation of configurable systems. Prior to deployment a configured system is tested in the development environment. However, because of the differences between the development environment and the production environment, the configuration of the system needs to be adapted for the production environment. It is therefore important to re-test the configured system in the production environment. Since the system has already been tested in the development environment one should avoid reapplying all the test cases, it is desirable to reduce the test suite to be used in the production environment as much as possible. This is the goal of the method we propose in this paper. For this, we explore the similarities between the configuration used in the development environment and the configuration for the production environment to eliminate test cases. Indeed, the difference between the two configurations is only at the environment level, i.e. only the configuration parameters that influence the interactions between the system and its environment are changed for the deployment in the production environment. We propose a method that is based on a classification of the configuration parameters (based on their dependency to the environment) and use it to reduce the development time test suite before reapplying it in the production environment.
{"title":"Poster: Re-Testing Configured Instances in the Production Environment - A Method for Reducing the Test Suite","authors":"Oussama Jebbar, M. Saied, F. Khendek, M. Toeroe","doi":"10.1109/ICST.2019.00044","DOIUrl":"https://doi.org/10.1109/ICST.2019.00044","url":null,"abstract":"Configurations play an important role in the behavior and operation of configurable systems. Prior to deployment a configured system is tested in the development environment. However, because of the differences between the development environment and the production environment, the configuration of the system needs to be adapted for the production environment. It is therefore important to re-test the configured system in the production environment. Since the system has already been tested in the development environment one should avoid reapplying all the test cases, it is desirable to reduce the test suite to be used in the production environment as much as possible. This is the goal of the method we propose in this paper. For this, we explore the similarities between the configuration used in the development environment and the configuration for the production environment to eliminate test cases. Indeed, the difference between the two configurations is only at the environment level, i.e. only the configuration parameters that influence the interactions between the system and its environment are changed for the deployment in the production environment. We propose a method that is based on a classification of the configuration parameters (based on their dependency to the environment) and use it to reduce the development time test suite before reapplying it in the production environment.","PeriodicalId":446827,"journal":{"name":"2019 12th IEEE Conference on Software Testing, Validation and Verification (ICST)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132670863","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Failures are unavoidable in complex software systems, and the intrinsic characteristics of cloud systems amplify the problem. Predicting failures before their occurrence by detecting anomalies in system metrics is a viable solution to enable failure preventing or mitigating actions. The most promising approaches for predicting failures exploit statistical analysis or machine learning to reveal anomalies and their correlation with possible failures. Statistical analysis approaches result in far too many false positives, which severely hinder their practical applicability, while accurate machine learning approaches need extensive training with seeded faults, which is often impossible in operative cloud systems. In this paper, we propose EmBeD, Energy-Based anomaly Detection in the cloud, an approach to detect anomalies at runtime based on the free energy of a Restricted Boltzmann Machine (RBM) model. The free energy is a stochastic function that can be used to efficiently score anomalies for detecting outliers. EmBeD analyzes the system behavior from raw metric data, does not require extensive training with seeded faults, and classifies the relation of anomalous behaviors with future failures with very few false positives. The experimental results presented in this paper confirm that EmBeD can precisely predict failure-prone behavior without training with seeded faults, thus overcoming the main limitations of current approaches.
{"title":"An RBM Anomaly Detector for the Cloud","authors":"C. Monni, M. Pezzè, Gaetano Prisco","doi":"10.1109/ICST.2019.00024","DOIUrl":"https://doi.org/10.1109/ICST.2019.00024","url":null,"abstract":"Failures are unavoidable in complex software systems, and the intrinsic characteristics of cloud systems amplify the problem. Predicting failures before their occurrence by detecting anomalies in system metrics is a viable solution to enable failure preventing or mitigating actions. The most promising approaches for predicting failures exploit statistical analysis or machine learning to reveal anomalies and their correlation with possible failures. Statistical analysis approaches result in far too many false positives, which severely hinder their practical applicability, while accurate machine learning approaches need extensive training with seeded faults, which is often impossible in operative cloud systems. In this paper, we propose EmBeD, Energy-Based anomaly Detection in the cloud, an approach to detect anomalies at runtime based on the free energy of a Restricted Boltzmann Machine (RBM) model. The free energy is a stochastic function that can be used to efficiently score anomalies for detecting outliers. EmBeD analyzes the system behavior from raw metric data, does not require extensive training with seeded faults, and classifies the relation of anomalous behaviors with future failures with very few false positives. The experimental results presented in this paper confirm that EmBeD can precisely predict failure-prone behavior without training with seeded faults, thus overcoming the main limitations of current approaches.","PeriodicalId":446827,"journal":{"name":"2019 12th IEEE Conference on Software Testing, Validation and Verification (ICST)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124135667","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: