pracextractor extracting configuration good practices
play

PracExtractor: Extracting Configuration Good Practices from Manuals - PowerPoint PPT Presentation

Sep 23, 2023 •332 likes •658 views

PracExtractor: Extracting Configuration Good Practices from Manuals to Detect Server Misconfigurations Chengcheng Xiang 1 , Haochen Huang 1 , Andrew Yoo 1 , Yuanyuan Zhou 1 , Shankar Pasupathy 2 2 1 1 Our lives are largely served by online

  1. PracExtractor: Extracting Configuration Good Practices from Manuals to Detect Server Misconfigurations Chengcheng Xiang 1 , Haochen Huang 1 , Andrew Yoo 1 , Yuanyuan Zhou 1 , Shankar Pasupathy 2 2 1 1

  2. Our lives are largely served by online services today 2

  3. What serve us are these powerful and complex data center systems 3

  4. In particular: data center co configurat ation has become highly complex No. of parameters • Too many config 1376 parameters 940 • Parameters are correlated 669 426 4

  5. Software release large manuals to assist sysadmins with configurations 5494 pages 3724 pages Too long to read 2331 pages Not easy to navigate Sysadmin Unreliable sources 1009 pages 787 pages 5

  6. Is there any useful information that can be automatically extract from manuals? • Yes! Good Practices • Describe how to set parameters in a good way from usage experiences • Examples Software parameter Good practices Violation outcomes Httpd ExtendedStatus For highest performance, set Performance downgrade ExtendedStatus off. HBase hbase.regionserv Setting this to false will select the Vulnerable to DoS attack er.thrift.framed default transport, vulnerable to DoS. Cassandra enable_transient Transient replication is Unreliable service _replication experimental and is not recommended for production use. 6

  7. How useful are the good practices in manuals? Q1: Are good practices specific or general? General good practices like “set to a large value” are not helpful. We collected 261 good practices Q2: Are good practices already checked in source code? from six software If they are, it is non-necessary to extract them from manuals. manuals to answer these questions Q3: Are good practices always equivalent to default settings? If they are, then sysadmins can just leave configurations as default. 7

  8. How useful are the good practices in manuals? Q1: Are good practices specific or general? General advice like “set to a large value” is not helpful. Answer: 60% of studied good practices are specific. 8

  9. How useful are the good practices in manuals? Q2: Are good practices already checked in source code? If they are, it is non-necessary to extract them from manuals. Answer : only 3% of specific good practices are checked in source code. 9

  10. How useful are the good practices in manuals? Q3: Are good practices always equivalent to default settings? If they are, then sysadmins can just leave configurations as default. Answer : 61% of specific good practices are not equivalent to default settings 10

  11. Based on the study we designed PracExtractor to Extract Convert Good practices descriptions Check Specifications p1: “The crc32 option is Config files Manual recommended." p1 == crc32 p2 = 6 p2: “A value between 8 to 16 p2 ∈ [8, 16] … is suggested.” p3 < ThreadsPerChild p3: “We suggest to set it less than ThreadsPerChild .” 11

  12. Two challenges with PracExtractor How to effective filter noises and extracts only good practice descriptions? • 99.6% – 97.3% of sentences in manuals are NOT related to good practices. How to convert good practice descriptions in free-text into checkable specifications? • Sentences like “the crc32 option is recommended” is not directly checkable 12

  13. Challenge 1: Extract good practice descriptions • Keyword filtering • Syntactic-pattern filtering 13

  14. Challenge 1: Extract good practice descriptions • Keyword filtering • Syntactic-pattern filtering Sentences in manuals Good practices candidates Keyword filtering “The crc32 option is “The crc32 option is recommended." recommended ." “This is not guaranteed even “This is not guaranteed even with the recommended with the recommended settings” settings” “Specifies how to generate and verify the checksum stored in the disk blocks” 14

  15. Challenge 1: Extract good practice descriptions • Keyword filtering • Syntactic-pattern filtering Good practices candidates “The crc32 option is recommended ." “This is not guaranteed even with the recommended settings” 15

  16. Challenge 1: Extract good practice descriptions • Keyword filtering • Syntactic-pattern filtering Syntactic- Good practices candidates pattern filtering csubj acomp Good practices descriptions The crc32 option is recommended . “The crc32 option is recommended." nsubj amod This is not guaranteed even with the recommended settings. 16

  17. Challenge 2: Convert descriptions into specifications • Setting entity identification • Semantic pattern matching 17

  18. Challenge 2: Convert descriptions into specifications • Setting entity identification • Semantic pattern matching Good practices descriptions Good practices descriptions p1: “The crc32 option is p1: “The crc32 option is recommended.” recommended.” enum p2: “A value between 8 to 16 is p2: “A value between 8 to 16 is suggested.” suggested.” int int p3: “We suggest to set it less than p3: “We suggest to set it less than ThreadsPerChild .” ThreadsPerChild.” parameter 18

  19. Challenge 2: Convert descriptions into specifications • Setting entity identification • Semantic pattern matching Good practices descriptions 1. <enum> Specifications 2. between <int> to <int> p1: “The crc32 option is recommended.” 3. less than <parameter> p1 == crc32 enum p2 ∈ [8, 16] p2: “A value between 8 to 16 is suggested.” p3 < ThreadsPerChild int int p3: “We suggest to set it less than ThreadsPerChild .” parameter 19

  20. Evaluation of PracExtractor • Extract good practices from software manuals • Detect real-world configuration errors 20

  21. Evaluation of PracExtractor • Accuracy of good practice extraction • Training sets: 6 studied manuals included in our characteristic study • Testing sets: 6 new manuals not included in our study 21

  22. Evaluation of PracExtractor • Accuracy of good practice extraction • Precision: what percentage of good practices extracted are true • Recall: what percentage of true good practices are extracted 22

  23. Evaluation of PracExtractor • Accuracy of good practice extraction • Good practice descriptions extraction 23

  24. Evaluation of PracExtractor • Accuracy of good practice extraction • Good practice specifications extraction 24

  25. Evaluation of PracExtractor • Detect real-world configuration errors • Downloaded 2200 docker images from docker hub. • Detected 1423 practice violations from 853 unique images. • Got 47 confirmed as real configuration errors (325 reported in total). 25

  26. Evaluation of PracExtractor • Outcome of the confirmed configuration errors 26

  27. Evaluation of PracExtractor • Analysis of the detected violations • Wrong change: a parameter is changed to a value violating good practices • Wrong default: a parameter’s default violate good practices but is not changed 27

  28. Evaluation of PracExtractor • Analysis of the detected violations • Wrong change: a parameter is changed to a value violating good practices • Wrong default: a parameter’s default violate good practices but is not changed 28

  29. Evaluation of PracExtractor • Analysis of the detected violations • Wrong change: a parameter is changed to a value violating good practices • Wrong default: a parameter’s default violate good practices but is not changed 29

  30. Summary of PracExtractor • Identified good practices as useful information from manuals for configuration validation. • Studied 261 good practices from six software manuals to prove usefulness. • Built PracExtractor to automatically extract good practices from manuals. • PracExtractor achieved reasonably high precision and recall. • PracExtractor detected 47 real-world configuration errors. 30

  31. Thank you! c4xiang@cs.ucsd.edu 31

Recommend

Good Practices An Introduction Presentation Module 3 Good Practices and Youth perception

Good Practices An Introduction Presentation Module 3 Good Practices and Youth perception

YouthMetre - Training Materials Good Practices An Introduction Presentation Module 3 Good Practices and Youth perception Today, the sharing of practices is one of the first things to be carried out in a knowledge management initiative. The

213 views • 8 slides
Global Progress and Good Practices of Alliance 8.7 1 Alliance 8.7 Good Practices Examples

Global Progress and Good Practices of Alliance 8.7 1 Alliance 8.7 Good Practices Examples

Global Progress and Good Practices of Alliance 8.7 1 Alliance 8.7 Good Practices Examples of Coordinating Mechanisms Child Labour Platform The ILO's Global Business Network on Forced Labour 2 Pathfinder Countries A strong

581 views • 24 slides
Configuration management Configuration management Configuration management Configuration

Configuration management Configuration management Configuration management Configuration

Configuration management Configuration management Configuration management Configuration management Configuration management Field of management that focuses on establishing and maintaining consistency of a systems attributes

647 views • 6 slides
Augeas a configuration API Raphal Pinson Configuration Management Sitewide configuration

Augeas a configuration API Raphal Pinson Configuration Management Sitewide configuration

Augeas a configuration API Raphal Pinson Configuration Management Sitewide configuration Local configuration Editing of Configuration Data (1) Keyhole approaches (2) Greenfield approaches (3) Templating Missing pieces Handle

831 views • 61 slides
Welcome! Best Practices and Challenges with System Center Configuration Manager Welcome to our

Welcome! Best Practices and Challenges with System Center Configuration Manager Welcome to our

Conference 2018 Conference 2018 Welcome! Best Practices and Challenges with System Center Configuration Manager Welcome to our joint panel Ivan Hrgovich Bryan Swan Cristian Toma Curtis Les Michael Hirano 2 Conference 2018 Overview of

474 views • 19 slides
Work Family balance Good practices from France UN May the 15th 2012 Summary I Facts

Work Family balance Good practices from France UN May the 15th 2012 Summary I Facts

Work Family balance Good practices from France UN May the 15th 2012 Summary I Facts &amp; figures in France and Europe II Good practices as regards the Government Policies III Media and state of mind IV Best practices in

459 views • 33 slides
LibreOffice configuration management tools, approaches &amp; best practices Thorsten Behrens -

LibreOffice configuration management tools, approaches &amp; best practices Thorsten Behrens -

LibreOffice configuration management tools, approaches &amp; best practices Thorsten Behrens - tbehrens@suse.com LibreOffice Hacker at SUSE What, Why, How Customize LibreOffice repeatably Makes your life easier, happier &amp; more secure

823 views • 18 slides
Sharing Good Practices on Restorative Justice: Opportunities and Challenges Thailand, among other

Sharing Good Practices on Restorative Justice: Opportunities and Challenges Thailand, among other

Sharing Good Practices on Restorative Justice: Opportunities and Challenges Matti Joutsen Special Advisor, TIJ National Symposium on Restorative Justice Bangkok, 20 June 2019 Sharing Good Practices on Restorative Justice: Opportunities and

343 views • 8 slides
Extracting Gait Parameters Extracting Gait Parameters from Raw Data from Raw Data

Extracting Gait Parameters Extracting Gait Parameters from Raw Data from Raw Data

Extracting Gait Parameters Extracting Gait Parameters from Raw Data from Raw Data Accelerometers Accelerometers Andr DIAS a,b,c , Lukas GORZELNIAK b , Angela DRING c , Gunnar HARTVIGSEN a,d , Alexander HORSCH b,d a Norwegian Centre for

582 views • 15 slides
Types of Good Practices Focusing on Types of Good Practices Focusing on Family Poverty Reduction

Types of Good Practices Focusing on Types of Good Practices Focusing on Family Poverty Reduction

Types of Good Practices Focusing on Types of Good Practices Focusing on Family Poverty Reduction and Social Family Poverty Reduction and Social Exclusion Exclusion Zitha Mokomane Zitha Mokomane Human Sciences Research Council of South Afric a

523 views • 13 slides
National and Regional Trade Policy Support Good Practices and Lessons Learnt in sustaining trade

National and Regional Trade Policy Support Good Practices and Lessons Learnt in sustaining trade

TRADECOM II | BUILDING ACP TRADE CAPACITY KNOWLEDGE SHARING ON TRADE AND INVESTMENT GOOD PRACTICES 20-21 February 2018 - Brussels, Belgium National and Regional Trade Policy Support Good Practices and Lessons Learnt in sustaining trade

217 views • 11 slides
1 Methods of Extracting or Obtaining Essential Oils The most common method for extracting

1 Methods of Extracting or Obtaining Essential Oils The most common method for extracting

1 Methods of Extracting or Obtaining Essential Oils The most common method for extracting essential oils is using steam distillation. Solvents are often used in extracting oils that are waxy The most expensive method is using CO2 which does not

358 views • 16 slides
Extracting Tables from PDFs Extracting Tables from PDFs Using Camelot and Excalibur to

Extracting Tables from PDFs Extracting Tables from PDFs Using Camelot and Excalibur to

Extracting Tables from PDFs Extracting Tables from PDFs Using Camelot and Excalibur to automate PDF table extraction and export Dimiter Naydenov @dimitern 1 . 1 Overview Overview PDF: brief history, structure, representing tables Camelot

355 views • 13 slides
HPC Clusters: Best Practices and Performance Study Agenda HPC at HPE System

HPC Clusters: Best Practices and Performance Study Agenda HPC at HPE System

HPC Clusters: Best Practices and Performance Study Agenda HPC at HPE System Configuration and Tuning Best Practices for Building Applications Intel Xeon Processors Efficient Methods in Executing Applications Tools and

879 views • 38 slides
Enhancing the patient's' right to avoid pain through the EU network of manager of good practices

Enhancing the patient's' right to avoid pain through the EU network of manager of good practices

Enhancing the patient's' right to avoid pain through the EU network of manager of good practices on chronic pain Mariano Votta , Director of Active Citizenship Network, Bruxelles, 26 April 2018 Good morning everyone. As co-organizer of this

163 views • 3 slides
Good Husbandry Practices in Poultry Production to Ensure Environment and Food Safety Dr. S. D.

Good Husbandry Practices in Poultry Production to Ensure Environment and Food Safety Dr. S. D.

Good Husbandry Practices in Poultry Production to Ensure Environment and Food Safety Dr. S. D. Chowdhury Professor Department of Poultry Science Bangladesh Agricultural University Mymensingh-2202 E-mail: drsdchow@gmail.com Background Good

583 views • 21 slides
Good Laboratory Practices PRACTICE Definition : GLP embodies a set of principles that Ephy

Good Laboratory Practices PRACTICE Definition : GLP embodies a set of principles that Ephy

6/19/2015 GLP: GOOD LABORATORY Good Laboratory Practices PRACTICE Definition : GLP embodies a set of principles that Ephy Khaemba provides a framework within which laboratory studies are planned performed, monitored, EOHS / RESEARCH

775 views • 5 slides
Carlos da Fonseca ATING DIGITAL TRANSFORMATION GOOD PRACTICES FOR ACCELER- Brazilian Digital

Carlos da Fonseca ATING DIGITAL TRANSFORMATION GOOD PRACTICES FOR ACCELER- Brazilian Digital

SESSION 2 GOOD PRACTICES FOR ACCELERATING DIGITAL TRANSFORMATION Carlos da Fonseca ATING DIGITAL TRANSFORMATION GOOD PRACTICES FOR ACCELER- Brazilian Digital Transformation Strategy: Preparing For the Future Brazilian Ministry of Foreign

357 views • 7 slides
MMCD Webinar Series presents: Good Tendering Practices After Tercon Follow MMCD for the latest

MMCD Webinar Series presents: Good Tendering Practices After Tercon Follow MMCD for the latest

MMCD Webinar Series presents: Good Tendering Practices After Tercon Follow MMCD for the latest industry news and updates Website : mmcd.net 1 Good Tendering Practices After Tercon MMCD Webinar March 23, 2011 - Vancouver Presented by: Karen

713 views • 35 slides
EPiServer och Configuration Management EPiServer och Configuration Management Configuration

EPiServer och Configuration Management EPiServer och Configuration Management Configuration

EPiServer och Configuration Management EPiServer och Configuration Management Configuration Management in general Tools we use SCM Structure of folder and project Web.config Tips about Project Files and Assembly references 2 CM Tools used

347 views • 20 slides
Engineering Good Practices Renel Smith and Orlena Gotel Pace University, New York REET07 -

Engineering Good Practices Renel Smith and Orlena Gotel Pace University, New York REET07 -

RE-O-POLY A Game to Introduce Lightweight Requirements Engineering Good Practices Renel Smith and Orlena Gotel Pace University, New York REET07 - Monday 15th October, 2007 (India) Problem Learning about RE practices can be boring /

298 views • 14 slides
Good Pharm acovigilance Practices ( GVP) 3 rd Stakeholders Meeting on the new pharmacovigilance

Good Pharm acovigilance Practices ( GVP) 3 rd Stakeholders Meeting on the new pharmacovigilance

Good Pharm acovigilance Practices ( GVP) 3 rd Stakeholders Meeting on the new pharmacovigilance legislation Presented by: Priya Bahri (EMA) and Patricia Moore (MHRA) An agency of the European Union Scope Self-standing guidance on

505 views • 11 slides
New Work Item Proposal Harmonization of Good Clinical Practices IMDRF September 16, 2014

New Work Item Proposal Harmonization of Good Clinical Practices IMDRF September 16, 2014

New Work Item Proposal Harmonization of Good Clinical Practices IMDRF September 16, 2014 Background for ISO 14155 * International standard Good clinical practice for design, conduct, recording and reporting of clinical investigations

738 views • 5 slides
Presentation, best practices and roadmap Synopsis Historic and general Installation

Presentation, best practices and roadmap Synopsis Historic and general Installation

Ora2Pg Presentation, best practices and roadmap Synopsis Historic and general Installation Best practices Common configuration Schema migration Data migration Stored procedures migration Unitary tests PL/SQL to

690 views • 32 slides

More recommend