Cargando…
Log Sequence Anomaly Detection Method Based on Contrastive Adversarial Training and Dual Feature Extraction
The log messages generated in the system reflect the state of the system at all times. The realization of autonomous detection of abnormalities in log messages can help operators find abnormalities in time and provide a basis for analyzing the causes of abnormalities. First, this paper proposes a lo...
| Autores principales: | , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2021
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8774910/ https://www.ncbi.nlm.nih.gov/pubmed/35052095 http://dx.doi.org/10.3390/e24010069 |
| _version_ | 1784636456371748864 |
|---|---|
| author | Wang, Qiaozheng Zhang, Xiuguo Wang, Xuejie Cao, Zhiying |
| author_facet | Wang, Qiaozheng Zhang, Xiuguo Wang, Xuejie Cao, Zhiying |
| author_sort | Wang, Qiaozheng |
| collection | PubMed |
| description | The log messages generated in the system reflect the state of the system at all times. The realization of autonomous detection of abnormalities in log messages can help operators find abnormalities in time and provide a basis for analyzing the causes of abnormalities. First, this paper proposes a log sequence anomaly detection method based on contrastive adversarial training and dual feature extraction. This method uses BERT (Bidirectional Encoder Representations from Transformers) and VAE (Variational Auto-Encoder) to extract the semantic features and statistical features of the log sequence, respectively, and the dual features are combined to perform anomaly detection on the log sequence, with a novel contrastive adversarial training method also used to train the model. In addition, this paper introduces the method of obtaining statistical features of log sequence and the method of combining semantic features with statistical features. Furthermore, the specific process of contrastive adversarial training is described. Finally, an experimental comparison is carried out, and the experimental results show that the method in this paper is better than the contrasted log sequence anomaly detection method. |
| format | Online Article Text |
| id | pubmed-8774910 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2021 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-87749102022-01-21 Log Sequence Anomaly Detection Method Based on Contrastive Adversarial Training and Dual Feature Extraction Wang, Qiaozheng Zhang, Xiuguo Wang, Xuejie Cao, Zhiying Entropy (Basel) Article The log messages generated in the system reflect the state of the system at all times. The realization of autonomous detection of abnormalities in log messages can help operators find abnormalities in time and provide a basis for analyzing the causes of abnormalities. First, this paper proposes a log sequence anomaly detection method based on contrastive adversarial training and dual feature extraction. This method uses BERT (Bidirectional Encoder Representations from Transformers) and VAE (Variational Auto-Encoder) to extract the semantic features and statistical features of the log sequence, respectively, and the dual features are combined to perform anomaly detection on the log sequence, with a novel contrastive adversarial training method also used to train the model. In addition, this paper introduces the method of obtaining statistical features of log sequence and the method of combining semantic features with statistical features. Furthermore, the specific process of contrastive adversarial training is described. Finally, an experimental comparison is carried out, and the experimental results show that the method in this paper is better than the contrasted log sequence anomaly detection method. MDPI 2021-12-30 /pmc/articles/PMC8774910/ /pubmed/35052095 http://dx.doi.org/10.3390/e24010069 Text en © 2021 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Wang, Qiaozheng Zhang, Xiuguo Wang, Xuejie Cao, Zhiying Log Sequence Anomaly Detection Method Based on Contrastive Adversarial Training and Dual Feature Extraction |
| title | Log Sequence Anomaly Detection Method Based on Contrastive Adversarial Training and Dual Feature Extraction |
| title_full | Log Sequence Anomaly Detection Method Based on Contrastive Adversarial Training and Dual Feature Extraction |
| title_fullStr | Log Sequence Anomaly Detection Method Based on Contrastive Adversarial Training and Dual Feature Extraction |
| title_full_unstemmed | Log Sequence Anomaly Detection Method Based on Contrastive Adversarial Training and Dual Feature Extraction |
| title_short | Log Sequence Anomaly Detection Method Based on Contrastive Adversarial Training and Dual Feature Extraction |
| title_sort | log sequence anomaly detection method based on contrastive adversarial training and dual feature extraction |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8774910/ https://www.ncbi.nlm.nih.gov/pubmed/35052095 http://dx.doi.org/10.3390/e24010069 |
| work_keys_str_mv | AT wangqiaozheng logsequenceanomalydetectionmethodbasedoncontrastiveadversarialtraininganddualfeatureextraction AT zhangxiuguo logsequenceanomalydetectionmethodbasedoncontrastiveadversarialtraininganddualfeatureextraction AT wangxuejie logsequenceanomalydetectionmethodbasedoncontrastiveadversarialtraininganddualfeatureextraction AT caozhiying logsequenceanomalydetectionmethodbasedoncontrastiveadversarialtraininganddualfeatureextraction |