• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

Computer Engineering & Science ›› 2024, Vol. 46 ›› Issue (09): 1587-1597.

• Computer Network and Znformation Security • Previous Articles     Next Articles

Multi-feature-based log event anomaly detectionYU Jia-ni,HU Zhao-xia,JIANG Cong-feng

(School of Computer Science,Hangzhou Dianzi University,Hangzhou 310018,China)   

  1. As computer systems grow in scale, complexity, and user demands for higher quality of service, the importance of logging systems has increased significantly. Logs are records of data or events generated during the operation of computer systems, and abnormal data in log entries often indicate performance fluctuations, anomalies, or failures within the system. Existing research on log anomaly detection mostly relies on a single feature, leading to issues such as inefficiency, incompleteness, and high misjudgment rates. This paper proposes a multi-feature-based approach for detecting anomalies in log events. Firstly, we define the multi-dimensional features of logs, including sequential, quantitative, semantic, and temporal features. Secondly, we utilize BERT combined with TF-IDF to obtain semantic feature vectors and integrate these features to form the input for our model. Finally, we establish a Bi-LSTM anomaly detection model based on an attention mechanism. Experiments show that the proposed anomaly detection model achieves a certain improvement in accuracy, providing a valuable reference for assisting in the discovery of log anomalies.

  • Received:2024-01-24 Revised:2024-03-27 Accepted:2024-09-25 Online:2024-09-25 Published:2024-09-19

PDF

26

Abstract: anomaly detection;log event;multi-features;attention mechanism 

湘公网安备 43010502000083号

湘ICP备10006030号

Copyright © Computer Engineering & Science, All Rights Reserved.

Address:109 Deya Rd,Changsha,hunan(410073) Tel: 0731-87002567 Email: jsjgcykx@vip.163.com

Powered by Beijing Magtech Co., Ltd.