摘要:
An analysis management system (AMS) is described that analyzes the in-field behavior of a program resource installed on a collection of computing devices, such as mobile telephone devices or the like. In operation, the AMS can instruct different devices to collect data regarding different observation points associated with the program resource, thus spreading the reporting load among the devices. Based on the data that is collected, the AMS can update a dependency graph that describes dependencies among the observation points associated with the program resource. The AMS can then generate new directives based on the updated dependency graph. The AMS can also use the dependency graph and the collected data to infer information regarding observation points that is not directly supplied by the collected data.
摘要:
A system and method for identifying a root cause of a wait in a computer system are provided. Given the identity of a thread of interest and time window, a longest wait period for the thread of interest within the time window is identified. The longest wait period is used as a starting node to generate a ready tree by walking backwards through the data in a system trace to construct a tree of readying events that ready threads for running on a processor. A potentially anomalous chain of events is automatically identified and highlighted in the ready tree. A visualization of the ready tree is presented to a user so that the user can explore the events in the tree and annotate the automatically generated tree to aid in problem diagnosis.
摘要:
An analysis management system (AMS) is described that analyzes the in-field behavior of a program resource installed on a collection of computing devices, such as mobile telephone devices or the like. In operation, the AMS can instruct different devices to collect data regarding different observation points associated with the program resource, thus spreading the reporting load among the devices. Based on the data that is collected, the AMS can update a dependency graph that describes dependencies among the observation points associated with the program resource. The AMS can then generate new directives based on the updated dependency graph. The AMS can also use the dependency graph and the collected data to infer information regarding observation points that is not directly supplied by the collected data.
摘要:
The described implementations relate to analysis of computing programs. One implementation provides a technique that can include accessing values of input variables that are processed by test code and runtime values that are produced by the test code while processing the input variables. The technique can also include modeling relationships between the runtime values and the values of the input variables. The relationships can reflect discontinuous functions of the input variables.
摘要:
The described implementations relate to analysis of computing programs. One implementation provides a technique that can include accessing values of input variables that are processed by test code and runtime values that are produced by the test code while processing the input variables. The technique can also include modeling relationships between the runtime values and the values of the input variables. The relationships can reflect discontinuous functions of the input variables.
摘要:
An analysis system is described for identifying potentially malicious activity within a computer network. It performs this task by interacting with a user to successively remove known instances of non-malicious activity, to eventually reveal potentially malicious activity. The analysis system interacts with the user by inviting the user to apply labels to identified examples of network behavior; upon response by the user, the analysis system supplies new examples of network behavior to the user. In one implementation, the analysis system generates such examples using a combination of feature-based analysis and graph-based analysis. The graph-based analysis relies on analysis of graph structure associated with access events, such as by identifying entropy scores for respective portions of the graph structure.
摘要:
An analysis system is described for identifying potentially malicious activity within a computer network. It performs this task by interacting with a user to successively remove known instances of non-malicious activity, to eventually reveal potentially malicious activity. The analysis system interacts with the user by inviting the user to apply labels to identified examples of network behavior; upon response by the user, the analysis system supplies new examples of network behavior to the user. In one implementation, the analysis system generates such examples using a combination of feature-based analysis and graph-based analysis. The graph-based analysis relies on analysis of graph structure associated with access events, such as by identifying entropy scores for respective portions of the graph structure.
摘要:
A system and method for identifying a root cause of a wait in a computer system are provided. Given the identity of a thread of interest and time window, a longest wait period for the thread of interest within the time window is identified. The longest wait period is used as a starting node to generate a ready tree by walking backwards through the data in a system trace to construct a tree of readying events that ready threads for running on a processor. A potentially anomalous chain of events is automatically identified and highlighted in the ready tree. A visualization of the ready tree is presented to a user so that the user can explore the events in the tree and annotate the automatically generated tree to aid in problem diagnosis.