Monitoring and troubleshooting distributed systems is notoriously difficult; potential problems
are complex, varied, and unpredictable. The monitoring and diagnosis tools commonly used …

This paper presents Canopy, Facebook's end-to-end performance tracing infrastructure.
Canopy records causally related performance data across the end-to-end execution path of …

ProTracer: towards practical provenance tracing by alternating between logging and
tainting Page 1 Please do not remove this page ProTracer: towards practical provenance …

When systems fail in the field, logged error or warning messages are frequently the only
evidence available for assessing and diagnosing the underlying cause. Consequently, the …

Traditional auditing techniques generate large and inaccurate causal graphs. To overcome
such limitations, researchers proposed to leverage execution partitioning to improve …

Applications implementing cloud services, such as HDFS, Hadoop YARN, Cassandra, and
HBase, are mostly built as distributed systems designed to scale. In order to analyze and …

Understanding the performance behavior of distributed server stacks at scale is non-trivial.
The servicing of just a single request can trigger numerous sub-requests across …

Advanced Persistent Threats (APT) attacks have plagued modern enterprises, causing
significant financial losses. To counter these attacks, researchers propose techniques that …

The Linux Audit system is widely used as a causality tracking system in real-world
deployments for problem diagnosis and forensic analysis. However, it has poor …

Cyber-attacks are becoming more persistent and complex. Most state-of-the-art attack
forensics techniques either require annotating and instrumenting software applications or …