On Improving Deep Learning Trace Analysis with System Call Arguments
Kernel traces are sequences of low-level events comprising a name and multiple arguments including a timestamp, a process id, and a return value, depending on the event. Their analysis helps uncover intrusions, identify bugs, and find latency causes. However, their effectiveness is hindered by omitting the event arguments. To remedy this limitation, we introduce a general approach to learn a representation of the event names along with their arguments using both embedding and encoding. The proposed method is readily applicable to most neural networks and is task-agnostic. The benefit is quantified by conducting an ablation study on three groups of arguments: call-related, process-related, and time-related. Experiments were conducted on a novel web request dataset and validated on a second dataset collected on pre-production servers by Ciena. By leveraging additional information, we were able to increase the performance of two widely-used neural networks, an LSTM and a Transformer, by up to 11.3% on two unsupervised language modelling tasks. Such tasks may be used to detect anomalies, pre-train neural networks to improve their performance, and extract a contextual representation of the events.
Tue 18 MayDisplayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change
17:00 - 17:50 | |||
17:01 4mTalk | What Code Is Deliberately Excluded from Test Coverage and Why? Technical Papers Andre Hora UFMG Pre-print | ||
17:05 3mTalk | AndroR2: A Dataset of Manually-Reproduced Bug Reports for Android apps Data Showcase Tyler Wendland University of Minnesota, Jingyang Sun University of Bristish Columbia, Junayed Mahmud George Mason University, S M Hasan Mansur George Mason University, Steven Huang University of Bristish Columbia, Kevin Moran George Mason University, Julia Rubin University of British Columbia, Canada, Mattia Fazzini University of Minnesota | ||
17:08 3mTalk | Apache Software Foundation Incubator Project Sustainability Dataset Data Showcase Likang Yin University of California, Davis, Zhiyuan Zhang University of California, Davis, Qi Xuan Institute of Cyberspace Security, Zhejiang University of Technology, Hangzhou 310023, China, Vladimir Filkov University of California at Davis, USA | ||
17:11 4mTalk | Leveraging Models to Reduce Test Cases in Software Repositories Technical Papers Pre-print Media Attached | ||
17:15 4mTalk | Which contributions count? Analysis of attribution in open source Technical Papers Jean-Gabriel Young University of Vermont, amanda casari Open Source Programs Office, Google, Katie McLaughlin Open Source Programs Office, Google, Milo Trujillo University of Vermont, Laurent Hébert-Dufresne University of Vermont, James P. Bagrow University of Vermont Pre-print Media Attached | ||
17:19 4mTalk | On Improving Deep Learning Trace Analysis with System Call Arguments Technical Papers Quentin Fournier Polytechnique Montréal, Daniel Aloise Polytechnique Montréal, Seyed Vahid Azhari Ciena, François Tetreault Ciena Pre-print | ||
17:23 27mLive Q&A | Discussions and Q&A Technical Papers | ||
Go directly to this room on Clowdr