usenix conference policies
LiveOps: Systems Management as a Service
Existing Management Systems do not detect the most time-consuming and technically difficult anomalies administrators encounter. Oppenheimer found that 33% of outages were caused by human error and that 76% of the time taken to resolve an outage was taken by humans determining what change was needed. Defining anomaly detection rules is challenging and often cannot be shared across organizations. It requires a deep combined knowledge of the software, workload, system configuration, and tuning parameters specific to the workload and overall distributed application topology.
We present LiveOps, a scalable systems and security management service based on auditing the interactions between applications and the persistent state they use. This approach simplifies identifying security vulnerabilities, performs compliance auditing, enables forensic investigations, detects patching problems, optimizes troubleshooting, and detects malware/ intrusions. The service enables knowledge sharing across organizations and administrative boundaries and allows for seamless integration between analysis results from disparate management products that build on it. Our configuration-free agent collects all read and write access to registry entries, files, binaries, and process creation. The agents streaming lossless compression creates log files of only 20 MB per day containing an average of 45 million events. The scalable LiveOps back-end service can analyze 1000 machine days of logs in 30 minutes. LiveOps agents have been deployed on 1149 machines from home systems to corporate desktops, including 381 production MSN servers across 11 sites.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Chad Verbowski and Juhan Lee and Xiaogang Liu and Roussi Roussev and Yi-Min Wang},
title = {{LiveOps}: Systems Management as a Service },
booktitle = {20th Large Installation System Administration Conference (LISA 06)},
year = {2006},
address = {Washington, D.C.},
url = {https://www.usenix.org/conference/lisa-06/liveops-systems-management-service},
publisher = {USENIX Association},
month = dec
}
connect with us