skip to main content
research-article
Public Access

Inferring Software Component Interaction Dependencies for Adaptation Support

Published:03 February 2016Publication History
Skip Abstract Section

Abstract

A self-managing software system should be able to monitor and analyze its runtime behavior and make adaptation decisions accordingly to meet certain desirable objectives. Traditional software adaptation techniques and recent “[email protected]” approaches usually require an a priori model for a system’s dynamic behavior. Oftentimes the model is difficult to define and labor-intensive to maintain, and tends to get out of date due to adaptation and architecture decay. We propose an alternative approach that does not require defining the system’s behavior model beforehand, but instead involves mining software component interactions from system execution traces to build a probabilistic usage model, which is in turn used to analyze, plan, and execute adaptations. In this article, we demonstrate how such an approach can be realized and effectively used to address a variety of adaptation concerns. In particular, we describe the details of one application of this approach for safely applying dynamic changes to a running software system without creating inconsistencies. We also provide an overview of two other applications of the approach, identifying potentially malicious (abnormal) behavior for self-protection, and improving deployment of software components in a distributed setting for performance self-optimization. Finally, we report on our experiments with engineering self-management features in an emergency deployment system using the proposed mining approach.

References

  1. Amazon Web Services. 2015. Amazon Web Services (AWS) CloudFormation. Retrieved from http://aws.amazon.com/cloudformation/.Google ScholarGoogle Scholar
  2. Daniel Barbará, Julia Couto, Sushil Jajodia, and Ningning Wu. 2001. ADAM: A testbed for exploring the use of data mining in intrusion detection. ACM Sigmod Record 30, 4 (2001), 15--24. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Nelly Bencomo, Amel Bennaceur, Paul Grace, Gordon Blair, and Valerie Issarny. 2013. The role of [email protected] in supporting on-the-fly interoperability. Computing 95, 3 (March 2013), 167--190. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Nelly Bencomo, Robert B. France, Betty H. C. Cheng, and Uwe Aßmann (Eds.). 2014. Mod[email protected]: Foundations, Applications, and Roadmaps. Springer.Google ScholarGoogle Scholar
  5. Dimitri P. Bertsekas and John N. Tsitsiklis. 2008. Introduction to Probability (2nd. ed.). Athena Scientific.Google ScholarGoogle Scholar
  6. Norman Bobroff, Andrzej Kochut, and Kirk Beaty. 2007. Dynamic placement of virtual machines for managing SLA violations. In IFIP/IEEE International Symposium on Integrated Network Management, 119--128.Google ScholarGoogle ScholarCross RefCross Ref
  7. Kyle R. Canavera, Naeem Esfahani, and Sam Malek. 2012. Mining the execution history of a software system to infer the best time for its adaptation. In Internatonal Symposium on the Foundations of Software Engineering, 18:1--18:11. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Emiliano Casalicchio, Daniel A. Menasc, and Arwa Aldhalaan. 2013. Autonomic resource provisioning in cloud systems with availability goals. In ACM Cloud and Autonomic Computing Conference, 1:1--1:10. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. David M. Chess, Charles C. Palmer, and Steve R. White. 2003. Security in an autonomic computing environment. IBM Systems Journal 42, 1 (2003), 107--118. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Mihai Christodorescu, Somesh Jha, and Christopher Kruegel. 2008. Mining specifications of malicious behavior. In Proceedings of the 1st India Software Engineering Conference. ACM, 5--14. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Jonathan E. Cook and Alexander L. Wolf. 1998a. Discovering models of software processes from event-based data. ACM Transactions on Software Engineering Methodology 7, 3 (July 1998), 215--249. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Jonathan E. Cook and Alexander L. Wolf. 1998b. Event-based detection of concurrency. In International Symposium on the Foundations of Software Engineering, 35--45. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Eleazar Eskin, Andrew Arnold, Michael Prerau, Leonid Portnoy, and Sal Stolfo. 2002. A geometric framework for unsupervised anomaly detection. In Applications of Data Mining in Computer Security, Daniel Barbará and Sushil Jajodia (Eds.). Number 6 in Advances in Information Security. Springer US, 77--101.Google ScholarGoogle Scholar
  14. Tom Fawcett. 2006. An introduction to ROC analysis. Pattern Recognition Letters 27, 8 (June 2006), 861--874. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Walid Gaaloul, Karim Baina, and Claude Godart. 2008. Log-based mining techniques applied to Web service composition reengineering. Service Oriented Computing and Applications 2, 2--3 (May 2008), 93--110.Google ScholarGoogle ScholarCross RefCross Ref
  16. Mohamed Medhat Gaber, Arkady Zaslavsky, and Shonali Krishnaswamy. 2005. Mining data streams: A review. SIGMOD Record 34, 2 (June 2005), 18--26. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. David Garlan, Shang Wen Cheng, An Cheng Huang, Bradley Schmerl, and Peter Steenkiste. 2004. Rainbow: Architecture-based self-adaptation with reusable infrastructure. IEEE Computer 37, 10 (Oct. 2004), 46--54. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Mark Hall, Eibe Frank, Geoffrey Holmes, Bernhard Pfahringer, Peter Reutemann, and Ian H. Witten. 2009. The WEKA data mining software: An update. SIGKDD Explorations Newsletter 11, 1 (Nov. 2009), 10--18. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Jiawei Han and Micheline Kamber. 2006. Data Mining: Concepts and Techniques. Morgan Kaufmann. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Jeffrey O. Kephart and David M. Chess. 2003. The vision of autonomic computing. IEEE Computer 36, 1 (Jan. 2003), 41--50. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Latifur Khan, Mamoun Awad, and Bhavani Thuraisingham. 2007. A new intrusion detection system using support vector machines and hierarchical clustering. The VLDB Journal the International Journal on Very Large Data Bases 16, 4 (2007), 507--521. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Jeff Kramer and Jeff Magee. 1990. The evolving philosophers problem: Dynamic change management. IEEE Transactions on Software Engineering 16, 11 (Nov. 1990), 1293--1306. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Terran Lane and Carla E. Brodley. 1997. An application of machine learning to anomaly detection. In Proceedings of the 20th National Information Systems Security Conference, Vol. 377, 366--380.Google ScholarGoogle Scholar
  24. Wenke Lee, S. J. Stolfo, and K. W. Mok. 1999. A data mining framework for building intrusion detection models. In IEEE Symposium on Security and Privacy, 120--132.Google ScholarGoogle Scholar
  25. David Lo, Hong Cheng, Jiawei Han, Siau-Cheng Khoo, and Chengnian Sun. 2009. Classification of software behaviors for failure detection: A discriminative pattern mining approach. In International Conference on Knowledge Discovery and Data Mining, 557--566. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Xiaoxing Ma, Luciano Baresi, Carlo Ghezzi, Valerio Panzica La Manna, and Jian Lu. 2011. Version-consistent dynamic reconfiguration of component-based distributed systems. In International Symposium on the Foundations of Software Engineering, 245--255. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Sam Malek, Nenad Medvidovic, and Marija Mikic-Rakic. 2012. An extensible framework for improving a distributed software system’s deployment architecture. IEEE Transactions on Software Engineering 38, 1 (Feb. 2012), 73--100. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Sam Malek, Marija Mikic-Rakic, and Nenad Medvidovic. 2005. A style-aware architectural middleware for resource-constrained, distributed systems. IEEE Transactions on Software Engineering 31, 3 (March 2005), 256--272. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Sam Malek, Chiyoung Seo, Sharmila Ravula, Brad Petrus, and Nenad Medvidovic. 2007. Reconceptualizing a family of heterogeneous embedded systems via explicit architectural support. In International Conference on Software Engineering, 591--601. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Hamid Reza Motahari-Nezhad, Regis Saint-Paul, Fabio Casati, and Boualem Benatallah. 2011. Event correlation for process discovery from web service interaction logs. The VLDB Journal 20, 3 (June 2011), 417--444. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. OWASP. 2013. OWASP Top Ten Project. Retrieved from https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project.Google ScholarGoogle Scholar
  32. Pallabi Parveen, Zackary R. Weger, Bhavani Thuraisingham, Kevin Hamlen, and Latifur Khan. 2011. Supervised learning for insider threat detection using stream mining. In 2011 23rd IEEE International Conference on Tools with Artificial Intelligence (ICTAI), IEEE, 1032--1039. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Vahe Poladian, Joao Pedro Sousa, David Garlan, and Mary Shaw. 2004. Dynamic configuration of resource-aware services. In International Conference on Software Engineering, 604--613. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Leonid Portnoy, Eleazar Eskin, and Sal Stolfo. 2001. Intrusion detection with unlabeled data using clustering. In In Proceedings of ACM CSS Workshop on Data Mining Applied to Security (DMSA-2001). 5--8.Google ScholarGoogle Scholar
  35. PuppetLabs. 2015. Puppet software. Retrieved from http://puppetlabs.com/.Google ScholarGoogle Scholar
  36. Malek Ben Salem, Shlomo Hershkop, and Salvatore J. Stolfo. 2008. A survey of insider attack detection research. In Insider Attack and Cyber Security, Salvatore J. Stolfo, Steven M. Bellovin, Angelos D. Keromytis, Shlomo Hershkop, Sean W. Smith, and Sara Sinclair (Eds.). Number 39. Springer, 69--90.Google ScholarGoogle Scholar
  37. Matthew G. Schultz, Eleazar Eskin, Erez Zadok, and Salvatore J. Stolfo. 2001. Data mining methods for detection of new malicious executables. In IEEE Symposium on Security and Privacy, 38--49. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Pang-Ning Tan, Michael Steinbach, and Vipin Kumar. 2005. Introduction to Data Mining (1st. ed.). Addison Wesley.Google ScholarGoogle Scholar
  39. Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. 2009. Software Architecture: Foundations, Theory, and Practice. Wiley. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Yves Vandewoude, Peter Ebraert, Yolande Berbers, and Theo D’Hondt. 2007. Tranquility: A low disruptive alternative to quiescence for ensuring safe dynamic updates. IEEE Transactions on Software Engineering 33, 12 (Dec. 2007), 856--868. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Christina Warrender, Stephanie Forrest, and Barak Pearlmutter. 1999. Detecting intrusions using system calls: Alternative data models. In Proceedings of the 1999 IEEE Symposium on Security and Privacy. IEEE, 133--145.Google ScholarGoogle ScholarCross RefCross Ref
  42. Lijie Wen, Jianmin Wang, Wil M. Aalst, Biqing Huang, and Jiaguang Sun. 2009. A novel approach for process mining based on event types. Journal of Intelligent Information Systems 32, 2 (April 2009), 163--190. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Alan W. Williams and Robert L. Probert. 2001. A measure for component interaction test coverage. In ACS/IEEE International Conference on Computer Systems and Applications, 304--312. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. Tao Xie, Suresh Thummalapenta, David Lo, and Chao Liu. 2009. Data mining for software engineering. IEEE Computer 42, 8 (Aug. 2009), 55--62. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. Eric Yuan, Naeem Esfahani, and Sam Malek. 2014a. Automated mining of software component interactions for self-adaptation. In International Symposium on Software Engineering for Adaptive and Self-Managing Systems, 27--36. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Eric Yuan, Naeem Esfahani, and Sam Malek. 2014b. A systematic survey of self-protecting software systems. ACM Transactions on Autonomous and Adaptive Systems 8, 4 (Jan. 2014), 17:1--17:41. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Inferring Software Component Interaction Dependencies for Adaptation Support

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    • Published in

      cover image ACM Transactions on Autonomous and Adaptive Systems
      ACM Transactions on Autonomous and Adaptive Systems  Volume 10, Issue 4
      Special Section on Best Papers from SEAMS 2014 and Regular Articles
      February 2016
      211 pages
      ISSN:1556-4665
      EISSN:1556-4703
      DOI:10.1145/2872308
      Issue’s Table of Contents

      Copyright © 2016 ACM

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      • Published: 3 February 2016
      • Accepted: 1 December 2015
      • Revised: 1 October 2015
      • Received: 1 October 2014
      Published in taas Volume 10, Issue 4

      Permissions

      Request permissions about this article.

      Request Permissions

      Check for updates

      Qualifiers

      • research-article
      • Research
      • Refereed

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!