predicting computer system failures using support vector
play

Predicting Computer System Failures Using Support Vector Machines - PDF document

Jul 22, 2023 •262 likes •389 views

Predicting Computer System Failures Using Support Vector Machines Errin W. Fulp a Glenn A. Fink b Jereme N. Haack b a Wake Forest University b Pacific Northwest National Department of Computer Science Laboratory Winston-Salem NC, USA Richland

  1. Predicting Computer System Failures Using Support Vector Machines Errin W. Fulp a Glenn A. Fink b Jereme N. Haack b a Wake Forest University b Pacific Northwest National Department of Computer Science Laboratory Winston-Salem NC, USA Richland WA, USA Pacific Northwest NATIONAL LABORATORY USENIX Workshop on the Analysis of System Logs December 7, 2008 System Event Prediction 1 High-Performance Computing Trends PROJECTED PERFORMANCE DEVELOPMENT ARCHITECTURES 100 10 Pflop/s X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X SIMD 1 Pflop/s 1 Pflop/s X X X X CONSTELLAT A IONS 80 CLUSTER X X SUM 100 Tflop/s MPP X X X X X X 10 Tflop/s X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X N=1 60 X X X X X X X 1 Tflop/s X X X X X X X 40 100 Gflop/s N=500 X SMP 10 Gflop/s 20 1 Gflop/s SINGLE PROCESSOR 0 JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV JUN NOV PROJECTED 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 • Expected that computing will continue to double each year – Petaflop systems listed on top500.org – However CPU clock rates will see limited increases • Computing improvements achieved with more processors – IBM Blue Gene at LLNL has 212,992 processors – System failures will become more problematic E. W. Fulp WASL 2008

  2. System Event Prediction 2 System Events • There are several critical system events – Hardware failure, software failure, and user error – Frequency will increase as systems become larger (cluster) – Resulting in lower overall system utilization • Cannot easily improve failure rates, can we manage failure ? – Smarter scheduling of applications and services – Minimize the impact of failure • Accurate event predictions are key for event management – Are predictions possible? How accurate? – Need system status information to make predictions E. W. Fulp WASL 2008 System Event Prediction 3 System Status Information • Almost every computer maintains a system log file – Provide information about system events – syslog is actually general-purpose logging facility [Lon01] • An event represents a change in system state – Include hardware failures, software failures, and security Host Facility Level Tag Time Message 198.129.8.6 kern alert 1 1171062692 kernel raid5: Disk failure on sde1, disabling device • Entries contain information such as: time, message, and tag – Time identifies when the message was recorded – Message describes the event, typically natural language – Tag represents criticality, low values are more important E. W. Fulp WASL 2008

  3. System Event Prediction 4 Log Files Host Facility Level Tag Time Message 198.129.8.6 local7 notice 189 1171061732 sysstat 198.129.8.6 kern info 6 1171061732 kernel md: using maximum available idle IO bandwidth 198.129.8.6 cron info 78 1171061733 crond 2500 (root) CMD (/usr/lib/sa/sa1 1 1) 198.129.8.6 auth info 38 1171062445 rsh(pam unix) 2215 session opened for user by (uid=0) 198.129.8.6 auth info 38 1171062445 in.rshd 2216 root@hpcs2.cs.edu as root: cmd=/root/temps 198.129.8.6 daemon info 30 1171062590 smartd 88 Device: /dev/twe0 SMART Prefailure Attribute 198.129.8.18 syslog info 46 1171062590 syslogd restart. 198.129.7.282 daemon info 30 1171062590 ntpd 2555 synchronized to 198.129.149.218, str 198.129.7.222 daemon info 30 1171062590 ntpd 2555 synchronized to 198.129.149.218, str 198.129.7.238 daemon info 30 1171062590 ntpd 2555 synchronized to 198.129.149.218, str 198.129.8.6 auth notice 37 1171062590 sshd(pam unix) 12430 auth failure; logname=el-fork-o 198.129.8.6 kern info 6 1171062590 kernel md: using 512k, over a total of 12287936 blocks. 198.129.8.6 cron info 78 1171062601 crond 2500 (root) CMD (/usr/lib/sa/fork-it 1 1) 198.129.8.6 kern alert 1 1171062692 kernel raid5: Disk failure on sde1, disabling device • Log file is a list of messages, can be analyzed for – Auditing, determine the cause of an event ( past ) – Predicting important events ( future ) E. W. Fulp WASL 2008 System Event Prediction 5 Example System Event to Predict • An interesting event is disk failure – By 2018 [large systems] could have 300 concurrent reconstructions at depth any time [SG07] – Predicting disk failure is important – Easy to identify event in the log... M • Predict failure as early as possible – n messages M = { m 1 , m 1 , ..., m n } lead – Assume m n is the event – Min depth d and max lead l • Are all messages the same? time E. W. Fulp WASL 2008

  4. System Event Prediction 6 SMART • Self-Monitoring Analysis & Reporting Technology (SMART) – SMART disks monitor their health and performance – Attributes describe current state, each attribute has unique ID • Many different types of messages (Attribute and Value) Attribute Meaning Raw Read Error Rate changed to x 1 Airflow Temperature changed to x 190 2 Throughput Performance 8 Seek Time Performance 201 Soft Read Error Rate changed to x • Pinheiro et.al. investigated Google hard drive failure [PWB07] – Some SMART parameters do correlate with drive failure – Conclude SMART messages alone may not be sufficient E. W. Fulp WASL 2008 System Event Prediction 7 Disk Failure Prediction • What features (information) should be considered? – A message contains criticality, message, and time – Is there a series of messages that tend to be a precursor? • Consider a sequence of messages arriving (ordered by time) – Is it possible to classify into failure and non-failure classes? – Other approaches have considered Bayesian Nets and HMM h198.129.146.158 h198.129.146.227 h198.129.149.180 200 200 200 150 150 150 tag number tag number tag number 100 100 100 50 50 50 0 0 0 1.1778 1.1779 1.178 1.1781 1.1782 1.1783 1.1784 1.1785 1.1778 1.1779 1.178 1.1781 1.1782 1.1783 1.1784 1.1785 1.1778 1.1779 1.178 1.1781 1.1782 1.1783 1.1784 1.1785 time (seconds) 9 time (seconds) 9 time (seconds) 9 x 10 x 10 x 10 E. W. Fulp WASL 2008

  5. System Event Prediction 8 Support Vector Machines • Support Vector Machine (SVM) is a classification algorithm – Consider a set of samples from two different classes – Each vector consists of features describing the sample – SVM finds a hyperplane separating the classes in hyperspace – The vectors closest to the plane are the support vectors • Great for aggregate statistics, what about series? – Interested in using sequences of messages as features E. W. Fulp WASL 2008 System Event Prediction 9 Spectrum Kernel • A spectrum kernel considers k length sequences as features – The frequency of the sequence is the feature value • Assume two symbols { A, B } and sequence length k = 2 – There are 2 k possible sequences (features) ( AA, AB, BA, BB ) – Value of a feature is the number of occurrences M = { A , A , B , A , A , B , B , A } AA : 2 AB : 2 BA : 2 BB : 1 – There are b k possible sequences, were b is number of symbols • How does this work for syslog messages? E. W. Fulp WASL 2008

  6. System Event Prediction 10 tag Sequences • Each message has a tag that indicates criticality – Sequence of messages represented by sequence of tag values h198.129.146.158 Example tag Levels 200 0.4 0.35 percent of all messages 150 0.3 tag number 0.25 100 0.2 0.15 50 0.1 0.05 0 0 1.1778 1.1779 1.178 1.1781 1.1782 1.1783 1.1784 1.1785 -50 0 50 100 150 200 time (seconds) 9 tag number x 10 – Need to reduce number of symbols, assume three levels – high ( tag < 10 ), medium ( 10 < tag < 140 ), low ( tag > 140 ) • Given a series of messages M , process using a sliding window – Count the number of occurrences of k -length sequences E. W. Fulp WASL 2008 System Event Prediction 11 Example tag Processing • Let M = { 148 , 148 , 158 , 40 , 158 , 188 , 188 , 88 , 158 , 188 } • Assume b = 3 and k = 5 , then 3 5 = 243 possible features Encoding ( e ) Sequence f (base 10) tag 148 2 2 148 2 22 158 2 222 40 1 2221 158 2 22212 239 188 2 22122 233 188 2 21222 215 88 1 12221 160 158 2 22212 239 188 2 22122 215 mod ( b · f t , b k ) + e • Feature number is f t +1 = • Vector for M would be (160:1, 215:2, 233:1, 239:2) E. W. Fulp WASL 2008

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Predicting Secondary Structure of All-Helical Proteins Using Hidden Markov Support Vector

Predicting Secondary Structure of All-Helical Proteins Using Hidden Markov Support Vector

Predicting Secondary Structure of All-Helical Proteins Using Hidden Markov Support Vector Machines Blaise Gassend, Charles W. O'Donnell, William Thies, Andrew Lee, Marten van Dijk, and Srinivas Devadas Computer Science and Artificial

630 views • 45 slides
Support Vector Machines October 16, 2018 Support Vector Machines October 16, 2018 1 / 31

Support Vector Machines October 16, 2018 Support Vector Machines October 16, 2018 1 / 31

Support Vector Machines October 16, 2018 Support Vector Machines October 16, 2018 1 / 31 Introduction General information support vector machine (SVM) is an approach for classification that was developed in the computer science community in

654 views • 27 slides
Support Vector Machines Marco Chiarandini Department of Mathematics &amp; Computer Science

Support Vector Machines Marco Chiarandini Department of Mathematics &amp; Computer Science

DM825 Introduction to Machine Learning Lecture 9 Support Vector Machines Marco Chiarandini Department of Mathematics &amp; Computer Science University of Southern Denmark Kernels Soft margins Overview SMO Algorithm Support Vector

641 views • 23 slides
? 17.10.2018 3 17.10.2018 4 Support Vector Machines (SVM): Background Support Vector Machines

? 17.10.2018 3 17.10.2018 4 Support Vector Machines (SVM): Background Support Vector Machines

INF3490 - Biologically inspired computing Support Vector Machines Support Vector Machines, Ensemble Learning, and Dimensionality (SVM) Reduction Weria Khaksar October 17, 2018 17.10.2018 2 Support Vector Machines (SVM): Background Support

579 views • 9 slides
Support Vector Machines Preview What is a support vector machine? The perceptron revisited

Support Vector Machines Preview What is a support vector machine? The perceptron revisited

Support Vector Machines Preview What is a support vector machine? The perceptron revisited Kernels Weight optimization Handling noisy data What Is a Support Vector Machine? 1. A subset of the training examples x (the support

971 views • 19 slides
What is a What are Support Vector Machines Support Vector Machine? Used For? An optimally

What is a What are Support Vector Machines Support Vector Machine? Used For? An optimally

What is a What are Support Vector Machines Support Vector Machine? Used For? An optimally defined surface Classification Typically nonlinear in the input space Regression and data-fitting Linear in a higher dimensional

577 views • 8 slides
Using Syslog Message Sequences for Predicting Disk Failures Wes Featherstun and Errin Fulp Wake

Using Syslog Message Sequences for Predicting Disk Failures Wes Featherstun and Errin Fulp Wake

Using Syslog Message Sequences for Predicting Disk Failures Wes Featherstun and Errin Fulp Wake Forest University Department of Computer Science Winston-Salem, NC USA November 11, 2010 Wes Featherstun and Errin Fulp Using Syslog Message

489 views • 20 slides
Support Vector Machine w T x + b = 0 b || w || Support Vector Support Vector w X i y i ( x

Support Vector Machine w T x + b = 0 b || w || Support Vector Support Vector w X i y i ( x

Lecture 2: The SVM classifier C4B Machine Learning Hilary 2011 A. Zisserman Review of linear classifiers Linear separability Perceptron Support Vector Machine (SVM) classifier Wide margin Cost

982 views • 18 slides
Support Vector Machines (Ch. 18.9) SVM Basics Support Vector Machines (SVMs) try to do our

Support Vector Machines (Ch. 18.9) SVM Basics Support Vector Machines (SVMs) try to do our

Support Vector Machines (Ch. 18.9) SVM Basics Support Vector Machines (SVMs) try to do our normal linear classification (last few lectures), but with a couple of twists 1. Find the line in the middle of points with the largest gap (called

454 views • 32 slides
Predicting intermittent network device failures based on network metrics from multiple data

Predicting intermittent network device failures based on network metrics from multiple data

Predicting intermittent network device failures based on network metrics from multiple data sources Supervisors: Authors: P. Boers H.P.M. van Doorn M. Kaat C.H.J. Kuipers SURFnet University of Amsterdam Tuesday 3 juli RP91 1 I

468 views • 30 slides
A Systems Approach to Predicting Healthcare Failures San Diego State University GCorp Health

A Systems Approach to Predicting Healthcare Failures San Diego State University GCorp Health

A Systems Approach to Predicting Healthcare Failures San Diego State University GCorp Health Solutions Melody Schiaffino, PhD John Wood, PhD Assistant Professor, Public Health Director of Systems Engineering mschiaffino@mail.sdsu.edu

543 views • 19 slides
Support Vector and Kernel Methods Thorsten Joachims Cornell University Computer Science

Support Vector and Kernel Methods Thorsten Joachims Cornell University Computer Science

SIGIR 2003 Tutorial Support Vector and Kernel Methods Thorsten Joachims Cornell University Computer Science Department tj@cs.cornell.edu http://www.joachims.org 0 Linear Classifiers Rules of the Form: weight vector , threshold w b N

554 views • 26 slides
Why Deep Learning Is More Natural Questions Efficient than Support Support Vector . . . Support

Why Deep Learning Is More Natural Questions Efficient than Support Support Vector . . . Support

Main Objectives of . . . Need for Machine . . . Support Vector . . . Deep Learning: a Brief . . . Why Deep Learning Is More Natural Questions Efficient than Support Support Vector . . . Support Vector . . . Vector Machines, and How What

556 views • 33 slides
Support Vector Machines 290N, 2014 Support Vector Machines (SVM) Supervised learning

Support Vector Machines 290N, 2014 Support Vector Machines (SVM) Supervised learning

Support Vector Machines 290N, 2014 Support Vector Machines (SVM) Supervised learning methods for classification and regression they can represent non-linear functions and they have an efficient training algorithm derived

1.15k views • 57 slides
Support Vector Machines This set of notes presents the Support Vector Machine (SVM) learning al-

Support Vector Machines This set of notes presents the Support Vector Machine (SVM) learning al-

CS229 Lecture notes Andrew Ng Part V Support Vector Machines This set of notes presents the Support Vector Machine (SVM) learning al- gorithm. SVMs are among the best (and many believe are indeed the best) off-the-shelf supervised

563 views • 25 slides
Support Vector Machines and their Applications Purushottam Kar Department of Computer Science and

Support Vector Machines and their Applications Purushottam Kar Department of Computer Science and

Introduction SVMs Generalization Bounds The Kernel Trick Implementations Applications Support Vector Machines and their Applications Purushottam Kar Department of Computer Science and Engineering, Indian Institute of Technology Kanpur.

1.07k views • 73 slides
volatile unsigned short DMA1SA @ 0x01eau; void iar_buggy_func(unsigned char ch) { DMA1SA =

volatile unsigned short DMA1SA @ 0x01eau; void iar_buggy_func(unsigned char ch) { DMA1SA =

volatile unsigned short DMA1SA @ 0x01eau; void iar_buggy_func(unsigned char ch) { DMA1SA = (uint16_t)&amp;ch; } Compiled to: Compiled to: iar_buggy_func: decd.w SP mov.w SP,&amp;DMA1SA incd.w SP ret Response from compiler

700 views • 45 slides
Toward Highly Available, Intelligent Cloud and ML Systems Chuanxiong Guo Bytedance NetAI 2018

Toward Highly Available, Intelligent Cloud and ML Systems Chuanxiong Guo Bytedance NetAI 2018

Toward Highly Available, Intelligent Cloud and ML Systems Chuanxiong Guo Bytedance NetAI 2018 1 Outline Background: System/networking meets ML Deepview: ML for availability improvement of cloud systems RDMA for scalable ML

614 views • 46 slides
Energy-aware checkpointing of divisible tasks with soft or hard deadlines Guillaume Aupy 1 , Anne

Energy-aware checkpointing of divisible tasks with soft or hard deadlines Guillaume Aupy 1 , Anne

Introduction Framework Single chunk Multiple chunks Simulations Conclusion Energy-aware checkpointing of divisible tasks with soft or hard deadlines Guillaume Aupy 1 , Anne Benoit 1 , 2 , Rami Melhem 3 , Paul Renaud-Goud 1 and Yves Robert 1 ,

320 views • 29 slides
Alpha-Beta Pruning: Algorithm and Analysis Tsan-sheng Hsu tshsu@iis.sinica.edu.tw

Alpha-Beta Pruning: Algorithm and Analysis Tsan-sheng Hsu tshsu@iis.sinica.edu.tw

Alpha-Beta Pruning: Algorithm and Analysis Tsan-sheng Hsu tshsu@iis.sinica.edu.tw http://www.iis.sinica.edu.tw/~tshsu 1 Introduction Alpha-beta pruning is the standard searching procedure used for 2-person perfect-information zero sum games.

581 views • 44 slides
AGENDA TTO follow up Run 11 -12 Goals Efficiency TTO FOLLOW UP P . Krejcik wrote

AGENDA TTO follow up Run 11 -12 Goals Efficiency TTO FOLLOW UP P . Krejcik wrote

AGENDA TTO follow up Run 11 -12 Goals Efficiency TTO FOLLOW UP P . Krejcik wrote a synopsis of the Twin Bunch TTO project. I started a TTO website (with a link to it from the Performance Program site)

315 views • 7 slides
RF Sources Ralph J. Pasquinelli PIP-II Machine Advisory Committee Meeting 15-17 March 2016 High

RF Sources Ralph J. Pasquinelli PIP-II Machine Advisory Committee Meeting 15-17 March 2016 High

RF Sources Ralph J. Pasquinelli PIP-II Machine Advisory Committee Meeting 15-17 March 2016 High Level Amps Requirements Frequency Number Number of RF RF [MHz] of RF amplifiers per amplifier cavities cavity power [kW] RFQ 162.5 1 2

490 views • 11 slides
Software Testing E6891 Lecture 5 2014-02-26 Todays plan Overview of software testing

Software Testing E6891 Lecture 5 2014-02-26 Todays plan Overview of software testing

Software Testing E6891 Lecture 5 2014-02-26 Todays plan Overview of software testing adapted from Software Carpentry Best practices for numerical computation Examples Software testing Automatic failure detection

832 views • 27 slides
ECE590-03 Enterprise Storage Architecture Fall 2016 Failures in hard disks and SSDs Tyler

ECE590-03 Enterprise Storage Architecture Fall 2016 Failures in hard disks and SSDs Tyler

ECE590-03 Enterprise Storage Architecture Fall 2016 Failures in hard disks and SSDs Tyler Bletsch Duke University Slides include material from Vince Freeh (NCSU), some material adapted from Hard-Disk Drives: The Good, the Bad, and the Ugly

238 views • 19 slides

More recommend