An Autonomic Approach to Enhance Web Application Availability

Autonomic computing is one of the fascinating features that enable the system to automatically manage itself, diagnose itself, detect the error that cause the failure, then recover and recongure the system. The concept of software, systems and web self healing is widely used in many software such as windows operating system which restores and recover tools. Since of the aim of the self healing software feature is to fast recover the application and keep running it and available for 24/7 as optimal as possible then it will a suitable to apply this capability to the web applications to fast recover from any unexpected change that may happen. This paper proposes a self-healing system that monitor, diagnose, check and heal web applications automatically and immediately with unnoticeable recovery time. To test the practical applicability of the proposed methodology, an application has been developed to demonstrate the methodology and apply it for real time web applications. The results of experiments performed on different scenarios demonstrated the ability of the proposed approach to heal web applications and to increase its availability.


1-Introduction
The fast and recent web spread motivated large numbers of companies to offer their services and business through the World Wide Web (WWW). This wide spread of web business applications require more research to develop web applications that has autonomic features such as self healing. Self healing includes the ability of the application to recover itself by detecting any fault or unexpected unauthorized change that happened to the web application les. Self healing of web application require a 24/7 auto monitoring of the web application and a fast mechanism of recovery that can keep the online functionality and service offering to the customer available all the time. The importance of developing fast automated self-healing web applications was generated from the effect that may be caused if the web application for a business or a company is stopped to run for few hours. For example, an online business such as a bank may lose customer trust and lose nancially if it is not functioning for a few hours. Many factors may affect a web application and cause it to stop. These factors may be either internal or external. The internal factor includes viruses, worms that may affect the server that hosts the web application. The external factors include attackers that attack the website and change the content of web pages for a web application for different reasons including the use of different methods such as xss, sql injection. You need to have references for this information?! After publishing the web application on the hosting server many problems rise including deletion of a component, replacing of a component or modifying a component. The risk of having one of these three factors is very high. For example, replacing a web application checkout component by an attacker that function the same way as the main component but with minor changes would allow the attacker to steal credit card information which will cause a major problem and loss to the web application owner and customers. Most of web application owner do not perform tests to check if the component has been changed or not and that is because of the complex architecture of the web application and lack of knowledge at the owner level. This paper will propose a solution for such problems and many others by proposing an approach for applying external self healing that has the functionality of self healing, self monitoring, self diagnosis and self recovering to keep the web application in good health.
In this research, we mainly focus on techniques for web applications healing from functional failures (self-healing) by automatically detecting failures, diagnose faults, and heal the web application to behave and run as supposed to before the failure happen.
In the self-healing mechanism we perform a black box testing for the software considering the whole web application page as one component and our aim is to ensure that this component run and it has not changed from its origin. Self-healing insures that a component stays the same as it was distributed by the system without any modi cations or changes by any other external unauthorized effect and to ensure that this component have not been omitted or deleted from the server and that the web application directory does not contain any injected or added les to it.
Our research suggest the existence of an approach that analyze the content of the released web component, a mechanism for monitoring the web application, a mechanism for diagnosing and detecting of failure and a healing mechanism that bring back the software to its healthy status.
The major research contribution is de ning a mechanism for web application fault recovery despite the cause of the fault. The mechanism is automatic and relay on the diagnosis of the web application component. In summary this research de ne a mechanism for healing software application by external self healing approach and recover from failure. Design an approach that can monitor, diagnose and detect failure automatically, e ciently. Develop an implementation of the framework for any web application regardless of the language used in the web application development and provide an experimental results that demonstrate the e cacy of the approach.
The reset of this paper is organized as follows: section two presents related work on self-healing mechanisms, and the mechanisms that are used for healing the different application; section three presents a full description of the proposed approach and the gures that illustrate it; section four contains the experimental results; and nally section ve provides the conclusion and future work.

2-Related Work
Many researchers dedicated their efforts to the eld of self healing and here we drop a light over some of those researchers and mention their methodology used in self healing software or systems. (Azim, et.al., 2014) presented an Android apps approach that uses patch construction and automatic error detection for providing a certain degree of self-healing. (Michael E. Shin, 2005)  mechanism that diagnose, heal and monitor its internal error by contextual information and selfawareness. (Naftaly M., 2003) worked in complex systems and mainly for heterogeneous distributed software. And he put the conditions of self-repair and self-healing for those systems.
(Diaconescu A., 2003) worked a system for component-based software systems to have selfoptimization, and self-healing and to enable dynamic adaptation in those systems. (PARK, et.al, 2008) introduced the code generation in an automated way for self healing using design level productions and he made software architecture to support generation of automatic code for self-healing in the internal and external system environment. (Brumley et.al., 2007) introduced software systems self-healing architecture where programs detect exploits, self-diagnose and self-monitor the main cause of the vulnerability, self-recover from attacks and self-harden against future attacks. (Dinkel et.al., 2008) presented a novel approach for distributed embedded systems self-healing that contain black-box  (Dabrowski et.al., 2002) during communication failure he used architectural models to characterize how architecture, consistency-maintenance mechanism, topology, and failure-recovery strategy each contribute to self-healing. (Elkorobarrutia et.al., 2006) in cases such as forcing the component to some state and rolling back one transition , he described an approach of inserting a selfhealing mechanism in components that are speci ed according to a state chart and whose implementations also offer the possibility to act in terms of state (Fakhouri et al, 2019).

3-Proposed Approach: Autonomic Approach To Enhance Web Application Availability ( Aaeaa)
Our approach consist of automatic exterior healing approach that monitor the website les and try to keep it in good health 24/7 working time. The proposed approach is concerned with black box testing of the web application les. Our main concern is the nally compiled web application component. We do not check the internal code of the web le or the ow of its internal functions, rather we check the le itself as one component and test its features such as existence of the component, size, hash key, manufacturer and its correct place. The approach will monitor, diagnose, and heal the web application immediately at the time of the external or internal effect that could cause the web application to change unexpectedly. The proposed system will have a life cycle run to guarantee the full time running of the web. Figure 1 shows the three main phases of the approach which consist of phase 1: pre-healing, phase 2: healing process and phase 3: post healing. A full details for the description of the main components of each phase and the procedure in each phase is illustrated in sections 3.1 to 3.3.

3.1-Pre-healing phase:
Pre healing phase is the phase of preparing the system for the healing phase and it start by Initializing the system and goes throw building the database and get to identify the website les and after that creating the backup copy of the website; the initializing process consist of running the implemented approach settings for the rst time to determine and choosing the speci c folder for the web application to monitor and set the initial parameters needed., the Analysis: in this step the approach will gather information about the chosen web application including le size, date of creation, manufacturer of the le and the hash key. The output of the released application is the input of the self healing approach. The output component is mainly the web applications les and other les such as the assemblies of the bin folder. The approach is programming language independent. This means that the system can analyze any type of web application les for any language such as PHP, ASP, HTML etc., Building database: this step is done by storing all of the information about the web application that result from the analysis phase in a database that contains the major and necessary information for the diagnosis process. The aim of using a database is to keep a fast and organized method for diagnosis and a reference for all the web application component for any time access for review or diagnosis. Creating a copy of original components: to reuse and x the web application later in the healing process we need rst to have a copy of the original components and this copy will be stored as a compressed folder on a speci c directory determined by the implemented approach and not on the published web directory.

Main processes
The main process of the proposed approach are listed in gure 3.
Monitoring: which keeps a 24/7 monitoring status for any change that may happen to the folder of the web application components ( les). It keeps track of all the web application component as well as the web application folder directory for any change that may cause any changes that will be detected and monitored includes deletion of the component, replacing the component, modi cation of the component and addition of any le to the web directory folder.
Comparing: this process provide the diagnosis process with the results of comparing the monitored component with record stored on the database by the analysis phase. The database contain a full details of all components of the web application that are required for the diagnosis.
Diagnosis: decide wither the system needs to be healed or it is in good health. In this step a solution to the system will be required and suggested if the system is infected or faulty state or in good health.
Healing: it is the process of reusing the original component of the system and replacing or compensating the affected component in order for the system to be in good health. In this step the solution to the problem is applied; when a fault is detected during the diagnosis phase, the latest application saved copy will be restored to the web application directory. The restoration is triggered by detecting a change. This process is in the order of seconds. The changes along with the healing event will be stored in the database for further analysis and the process is automated.
The full details for the steps for the proposed approach and the owchart is shown in gure 4.

3.3-Phase 3 post process:
This phase contain many steps a full description of these steps are listed in gure 5, the rst step is Storing change in the database, this step aims to record all the information that has been done in the healing process including storing the date and time of healing and the component that has been restored. Storing this information will give the administrator a clear summary about the history of the application after releasing it.
The second step is Storing affected component and analyzing reasons; if the healing process resulted from a change in the component itself either for any of the mentioned reason then keeping this le will give us indicator about the reason that caused the fault and this will help us avoid such situations and to enhance or develop mechanisms to update the software or the server so that it can face such cases. For example if the reason of change was illegal access to the server then certain policy could be taken into consideration or if the change to the component has been done by a virus then the server itself should be treated by clearing the virus.
The nal step is the Update of All Web Application Components: The analysis process is an important step to get a future enhanced healthy web application because of the previously mentioned reasons and because of the fact that the analysis process results can be used to enhance and update the web application itself and in case that the application has been distributed to may servers then the updated component can be distributed to other servers as a precaution to avoid been infected by the same way. AAEAA dynamically modi es the website to correct the failure. The changes that has happen will be stored to be analyzed in the future by the admin and if this error happened often then the recorded information will guide the admin for the reason by analyzing the stored information or the affected component.
Analyzing the changes, the result of checking, diagnosis and monitoring give us indicator about the reasons that cause the system to fail. It also gives a brief overview about the main causes and its indicators. By de ning the reason the system administrator can nd a suitable solution for the reason that caused the problem.

4-Evaluation
In this section, we evaluate the ability of AAEAA to recover from different factors in web applications.
More speci cally, through an experimental study, we try to nd answers to the following main questions and then we make different scenarios to illustrate each case: What advantages can we get when using AAEAA heal websites that are affected by different performance scenarios?
What is the time to heal using AAEAA when compared with other healing approaches?
To evaluate our approach we need to evaluate the effectiveness and the ability of the proposed approach.
Three experiments scenarios will be presented: deletion of a component, replacing of a component and modifying a component. We initialized the implemented self healing approach and selected the web application directory to be monitored, analyzed the testing website directory and built the database. The second phase of the experiments start for testing the effectiveness of the approach to heal the deletion case by executing the application and after that we deleted a le from the web directory. To test the effectiveness and performance of the approach in detecting the problem of replacing a component we have created a le name with the same name and extension of a speci c le on the web application directory. For testing the nal case of modifying a component we considered manual modi cation of the component and this is the human modi cation.

First scenario deletion of component:
AAEAA responded to this case by restoring the deleted page from the original copy that has been prepared in the initialization stage.
AAEAA recorded the problem in the database including the dime, date, type of problem and the name of the le that was deleted and replaced.
AAEAA was very e cient to recover different web application component extension that were tested including PHP, HTML, ASPX, DLL, and CSS.

Second scenario Replacement with similar component
AAEAA responded to this case by deleting the full directory of the web application and restoring the original copy of the website that has been prepared in the initialization stage.
AAEAA recorded the problem in the database including the dime, date, and type of problem and the name of the le that was replaced and recovered.
AAEAA was very e cient to recover different web application component extension that were tested including PHP, HTML, ASPX, DLL, and CSS.

Third scenario modifying a component
AAEAA responded to this case by deleting the full directory of the web application and restoring the original copy of the website that has been prepared in the initialization stage.
AAEAA recorded the problem in the database including the dime, date, and type of problem and the name of the le that was recovered AAEAA was very e cient to recover different web application component extension that were tested including PHP, HTML, ASPX, DLL, and CSS. We added website les of size 10 g and then we deleted 5 m of the le as shown in table 1. The aim of the experiment is to measure the time needed to heal for both systems, windows server system restore and AAEAA. Since the AAEAA heals by recovering the website les (components) and not the full system restore or recovery we can notice that windows system restoration work by restoring all les in windows server 2012. This took about 2400 second while in AAEAA took only 5 seconds. Table 2 shows the comparison between our healing approach and Microsoft Windows healing approach.

Conclusion
Integrating self healing approaches into websites introduce a very e cient improvement for the website performance. Different methods and approaches aims at reducing the cost and time needed for the rerun of the websites after failure and to try to have a software system that run and has the ability to heal itself.
This research introduced an approach for self-healing for websites that monitor the software 24/7 and it has the ability to capture information about the speci c website components that are monitored. It has the ability to diagnose and heal the software. The experimental results have shown the e ciency of the proposed approach to detect the failure or error and heal it.

Future work
Our future work is inspired from biological software engineering processes and this aims to improve the self learning of the proposed approach and to generalize the concept of healing so that the healing of website will have the features of self-learning and self-adaptation.

Declarations
Hussam n. FAKHOURI declare no competing interests 6-References  The main process of the proposed approach  AAEAA post process main components