Paper Reading_ML for system
最近(以及预感接下来的一年)会读很多很多的paper......不如开个帖子记录一下读paper心得
SysML相关的文章很多来源于上学期的8980课。有些和具体field(比如DB/architecture/...)相关的就放到各个field的分类里啦,这里放一些不好分类的
Virtual Address Translation via Learned Page Table Indexes
在页表中使用learned index。
笔记在这里:Link
Representation Learning for Resource Usage Prediction
用lstm跟踪进程的运行情况(cpu/mem/disk使用情况),并预测
Selecta: Heterogeneous Cloud Storage Configuration for Data Analytics
根据观测VPS的应用程序负载来推荐VPS配置(eg: SSD还是HDD)
REX: A Development Platform and Online Learning Approach for Runtime Emergent Software Systems
The idea in this paper is similar to a paper[http://www-users.cselabs.umn.edu/classes/Spring-2019/csci8980/papers/tuning.pdf] we have discussed on class before. In the paper[Auto DBMS Tuning...], the author use ML model to automatically tune database knobs, while in this paper the author use ML model to optimize the combination of components in a complex software system to achieve better performance.
The whole framework could be divided into 3 parts:
- Dane: A light weight programming language for implementing small components. These components could be assembled together to build a large scale software system. Some of these components may have the same function but do jobs in different ways. The main contribution of Dane is that it is fast so that different component could be dynamically rewired with very low cost.
- A perception, assembly and learning framework (PAL): It contains 2 modules: 1). Assembly Module. It could assemble different components to implement a feature. 2). Perception Module. It could monitor the performance of the software system, as well as the runtime environment.
- The online learning part. It uses reinforcement learning model “multi-armed bandit” to optimize the selection of components. Also, like the [Auto DBMS Tuning...] paper, some selection of components are related so they could share information. Thus, the author uses regression model to reduce the search space.
Application of ML method:
It used a continuous way when updating configuration. First, the software will run with a random combination of components. After several seconds, the PAL will collect perception data, and the online learning part will update estimates and update the model. Then the software will run under the new configuration for several seconds, and update the model again. In this way we could better shape the software system to the environment.
Positive Points:
- The idea is interesting. It used an automatic ML model to replace manually written rules in previous work. This idea could also apply to other computer system problems where configurations and performance are linked.
- The usage of regression factor model reduces the search space, which achieved balancing exploration and exploitation.
- Compared to [Auto DBMS Tuning...] paper, this paper considered how to adapt to the changes in deployment environment.
Negative Points:
- The performance of the model deeply relies on the components implemented by Dane. Firstly, it means that this model could not be applied to present software systems that are written in more common languages, like C++ and java. Secondly, this requires that the whole software could be disassembled into multiple irrelevant, small, dynamic components. In some situations it may not be guaranteed.
- For a specific tasks(like web server), the author could have built a configuration dataset, so when first running the model, the application could be have a less optimal, but not bad combination of components. This could be better than choosing randomly at first.
Related Links:
https://www.usenix.org/conference/osdi16/technical-sessions/presentation/porter
StormDroid: A Streaminglized Machine Learning-Based System for Detecting Android Malware
Introduction
This paper focuses on detecting malware android applications based on machine learning method. They defined 4 types of features to be extracted from applications:
- 1. well-received features
- 1.1 Permission: Some malicious applications need some specific types of permissions.
- 1.2 Sensitive API Calls: They extracted sensitive API calls from Snail files, and found the top types of sensitive API calls which could best distinguish malicious and benign applications.
- 2. newly-defined features
- 2.1 Sequence: Malicious apps tend to have drastically different sensitive API calls. They defined 3 metrics to quantify the number of sensitive API calls.
- 2.2 Dynamic Behavior: Monitor the activities triggered by each application from their log file.
In both of these features, they removed the common ones which are shared by malicious and benign apps, and left the most distinguishable features.
Application of ML methods
They compared several ML methods: SVM, decision tree, Multi-Layer Perceptron, Naïve Bayes, KNN, Bagging predictor. They also compared the performance of different feature selection methods (Only well-received features / well-received and newly-defined features). Finally, they found that KNN classifier + well-received and newly-defined features achieved the best performance.
Pros
- They contributed to define new features for monitoring dynamic behavior of malicious applications, which achieved better performance than using static analysis only.
Cons
- When analyzing features, they used the same APP dataset which is also used in testing ML classifier. So they removed the common features and selected most distinguishable features based on their analyzing results, before testing their ML classifier. I think there will be a kind of “over-fitting” in this process. They should use different APP dataset for analyzing and testing.
- Decompiling and analyzing the application on Android device may use too many system resources, since the performance of mobile CPU and memory are comparatively lower. Actually I think this method is more suitable for detecting malicious applications on PC.
...
Paper Reading_ML for system的更多相关文章
- ### Paper about Event Detection
Paper about Event Detection. #@author: gr #@date: 2014-03-15 #@email: forgerui@gmail.com 看一些相关的论文. 1 ...
- Toward Scalable Systems for Big Data Analytics: A Technology Tutorial (I - III)
ABSTRACT Recent technological advancement have led to a deluge of data from distinctive domains (e.g ...
- [转载]bigtable 中文版
转载厦门大学林子雨老师的译文 原文: http://dblab.xmu.edu.cn/post/google-bigtable/ Google Bigtable (中文版) 林子雨2012-05-08 ...
- Typical sentences in SCI papers
Beginning 1. In this paper, we focus on the need for 2. This paper proceeds as follow. 3. Th ...
- SSD: Single Shot MultiBox Detector
By Wei Liu, Dragomir Anguelov, Dumitru Erhan, Christian Szegedy, Scott Reed, Cheng-Yang Fu, Alexande ...
- google 论文
从google历年所有论文的汇总来看,TOP5的分别是人工智能和机器学习.算法理论.人机交互与视觉.自然语言处理.机器感知,大家从一个侧面看出goolge research的重点了吧. Google所 ...
- CodeForces 69D Dot (游戏+记忆)
Description Anton and Dasha like to play different games during breaks on checkered paper. By the 11 ...
- Google Bigtable (中文版)
http://dblab.xmu.edu.cn/post/google-bigtable/ Abstract BigTable是一个分布式存储系统,它可以支持扩展到很大尺寸的数据:PB级别的数据,包含 ...
- [转] XEN, KVM, Libvirt and IPTables
http://cooker.techsnail.com/index.php/XEN,_KVM,_Libvirt_and_IPTables XEN, KVM, Libvirt and IPTables ...
随机推荐
- option跳转页面并选中当前值
思路:使用cookie传值赋值 具体实现部分代码: <select onchange="test(this)" class="form-control" ...
- es之索引的别名操作
1:增加别名 为索引school添加一个别名alias1: 1.1:创建索引 PUT student{ "settings": {"number_of_shards&qu ...
- 课上作业补交 p526/syscalls1
P526代码检查: 1 编译运行p524代码,提交运行结果截图 2 MAXLINE的值是多少?提交Ubuntu中查找这个值的命令和结果截图 3 p525 eval 函数中调用的Fork()函数需要什么 ...
- 什么是webpack以及为什么使用它
什么是webpack以及为什么使用它 新建 模板 小书匠 在ES6之前,我们要想进行模块化开发,就必须借助于其他的工具.因为开发时用的是高级语法开发,效率非常高,但很可惜的是,浏览器未必会支持或认识 ...
- AAAI 2019 分析
AAAI 2019 分析 Google Scholar 订阅 CoKE : Word Sense Induction Using Contextualized Knowledge Embeddings ...
- python中单下划线和双下划线的区别
1.python中双下划线(__str__)代表这个变量是特殊变量,是可以直接访问的 __xxx___ 定义的是特列方法.像__init__之类的 2.python前面双划线(__name)代表这个变 ...
- java网络通信:伪异步I/O编程(PIO)
缺点:避免了线程资源耗尽的问题,但是根本上来说,serversocket的accept方法和inputstream的输入流方法都是阻塞型方法. 服务端:加了一个线程池,实现线程复用.客户端不变 pub ...
- LoadRunner之检查点
一.什么是检查点 LoadRunner中检查点是用来判断脚本是否执行成功的.如果不加检查点,只要服务器返回的HTTP状态码是200,VuGen就认为脚本执行通过了.但是很多情况下服务器返回200并不代 ...
- Python学习之==>模块结构调整
一.为什么要进行模块结构调整 当一个脚本中有大量的配置.方法及接口时,脚本显得十分臃肿,可读性很差.为了提高代码的易读性,可以将一个繁杂的脚本根据不同的功能放在不同的目录下分类管理,这整个过程叫做模块 ...
- 【Go语言】map在goroutine通信中的使用问题
简介 本篇文章的主要内容是解决go语言map在使用中遇到的两个问题,对于初学者是不可避免的坑 一.cannot assign to struct field 当map中存在struct类型的成员,如果 ...