1 / 19

Why PCs Are Fragile and What We Can Do About It: A Study of Windows Registry Problems

Why PCs Are Fragile and What We Can Do About It: A Study of Windows Registry Problems. Archana Ganapathi (UC Berkeley) Yi-Min Wang (Microsoft Research) Ni Lao (MSR Asia) Ji-Rong Wen (MSR Asia). Outline. Motivation Strider Project Overview Background: Windows Registry Data Sets

jagger
Download Presentation

Why PCs Are Fragile and What We Can Do About It: A Study of Windows Registry Problems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Why PCs Are Fragile and What We Can Do About It:A Study of Windows Registry Problems Archana Ganapathi (UC Berkeley) Yi-Min Wang (Microsoft Research) Ni Lao (MSR Asia) Ji-Rong Wen (MSR Asia)

  2. Outline • Motivation • Strider Project Overview • Background: Windows Registry • Data Sets • Why are PCs Fragile? • What Can We Do About Fragility? • Conclusions

  3. Motivation • Understand why users consider PCs fragile • Gain first-hand experience with • fragility problems • their manifestations • Suggest techniques to • avoid problems • detect problem • simplify troubleshooting

  4. Strider Project Overview http://research.microsoft.com/sm/striderMSR Systems Management Research Group DSN 2003, LISA 2003, IPTPS 2004, LISA 2004 ICAC 2004 LISA 2004 Configuration Troubleshooting Patch Management Spyware Management PC Genomics Database Flight Data Recorder ICAC 2004, DSN 2004, Self-* 2004 LISA 2004

  5. Background: Windows Registry • Repository for configuration data • Hierarchical structure • Shared by OS and App software • Data is named and typed • Binary, string, dword, … • Single most vulnerable component • Too complex for average user

  6. HIVES ITEMS KEYS Registry Structure See my comments in next page. HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\5.0\AdobeViewer

  7. Data Sets • Text-mined PSS case logs • Extract registry-related problems from e-mails • Manually eliminate problems lacking info • Chose top 100 problems (5379 occurrences) • Strider-verified • ~100 problems from peers, helpdesk and Web forums • Inject mis-configuration and verify symptoms/solutions using Strider Troubleshooter

  8. Text-mined Data Distribution Only 100 most common problems graphed

  9. Why Are PCs Fragile? • Problem Manifestation • Understand how users are affected • Multiple symptoms result from single modification • Impact Scope • System-wide vs. user-specific • Single-app vs. Multiple-apps vs. System Level

  10. Case Studies • “double-clicking a folder on the right pane of Explore opens a Search Window when HKCR\Directory\shell\(Default) is changed from ‘none’ to <empty>” • “deleting HKCR\.htc\Content Type prevents System Restore from showing the calendar of restore points”

  11. Category 1: Problem Manifestation

  12. Category 2: Impact Scope

  13. What Can We Do About Fragility? • Monitoring • Post-deployment health checking • Fault Injection • Test robustness of app/system during development • Test monitoring tool robustness • Access Protection • At each new OS version release

  14. Monitoring • Plethora of monitoring tools already exist! • E.g. Registry Mechanic, Registry Healer, … • Key features: • Active and passive monitoring • Distinguish known bad and potential bad entries • Dynamic rule update mechanism

  15. Fault Injection

  16. Fault Injection • Key features • Predicate-based injection • Case-specific bad config vs. global bad config • When does the change become user-visible? • App/explorer restart, re-login, system reboot. • Simple fault injection: • ‘reg’ operation in windows command line.

  17. Access Protection

  18. Access Protection • OS lockdown – few but most critical entries! • Rule checks feasible only for some entries • Not good for user-modifiable configurations • Can check at creation/deletion • Logging changes does not always help • Problems untraceable to Registry entry modification • E.g. Leftover entries from software uninstallation • Ignore if too expensive to protect

  19. Conclusions • Important to develop effective Registry troubleshooters • Simple interface for the average PC user • Reduce likeliness of accidentally introducing errors • Build and maintain a comprehensive knowledge base of problems • Users query for matching problem symptoms • Users & support gurus contribute solutions • Reduce impact of PC fragility on total cost of ownership and user satisfaction.

More Related