An Attention-Based GRU Network for Anomaly Detection from System Logs

被引:10
作者
Xie, Yixi [1 ]
Ji, Lixin [1 ]
Cheng, Xiaotao [1 ]
机构
[1] Informat Engn Univ, Zhengzhou, Peoples R China
来源
IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS | 2020年 / E103D卷 / 08期
基金
中国国家自然科学基金;
关键词
anomaly detection; GRU; attention-based model;
D O I
10.1587/transinf.2020EDL8016
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
System logs record system states and significant events at various critical points to help debug performance issues and failures. Therefore, the rapid and accurate detection of the system log is crucial to the security and stability of the system. In this paper, proposed is a novel attention-based neural network model, which would learn log patterns from normal execution. Concretely, our model adopts a GRU module with attention mechanism to extract the comprehensive and intricate correlations and patterns embedded in a sequence of log entries. Experimental results demonstrate that our proposed approach is effective and achieve better performance than conventional methods.
引用
收藏
页码:1916 / 1919
页数:4
相关论文
共 10 条
[1]   Automatic Speech Recognition System with Output-Gate Projected Gated Recurrent Unit [J].
Cheng, Gaofeng ;
Zhang, Pengyuan ;
Xu, Ji .
IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2019, E102D (02) :355-363
[2]   DeepLog: Anomaly Detection and Diagnosis from System Logs through Deep Learning [J].
Du, Min ;
Li, Feifei ;
Zheng, Guineng ;
Srikumar, Vivek .
CCS'17: PROCEEDINGS OF THE 2017 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2017, :1285-1298
[3]  
Du M, 2016, IEEE DATA MINING, P859, DOI [10.1109/ICDM.2016.160, 10.1109/ICDM.2016.0103]
[4]   Unsupervised Learning Model for Real-Time Anomaly Detection in Computer Networks [J].
Limthong, Kriangkrai ;
Fukuda, Kensuke ;
Ji, Yusheng ;
Yamada, Shigeki .
IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2014, E97D (08) :2084-2094
[5]  
Lin YK, 2016, PROCEEDINGS OF THE 54TH ANNUAL MEETING OF THE ASSOCIATION FOR COMPUTATIONAL LINGUISTICS, VOL 1, P2124
[6]  
Lou J.-G., 2010, P ACM SIGKDD
[7]   HFSTE: Hybrid Feature Selections and Tree-Based Classifiers Ensemble for Intrusion Detection System [J].
Tama, Bayu Adhi ;
Rhee, Kyung-Hyune .
IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2017, E100D (08) :1729-1737
[8]   Application of Virtualization and Software Defined Networking in Satellite Network [J].
Wang, Chunfeng ;
Yu, Xiaosong .
2016 INTERNATIONAL CONFERENCE ON CYBER-ENABLED DISTRIBUTED COMPUTING AND KNOWLEDGE DISCOVERY PROCEEDINGS - CYBERC 2016, 2016, :489-493
[9]  
Xia B., 2019, LECT NOTES COMPUTER
[10]  
Xu W, 2009, SOSP'09: PROCEEDINGS OF THE TWENTY-SECOND ACM SIGOPS SYMPOSIUM ON OPERATING SYSTEMS PRINCIPLES, P117
1