Log Sequence Anomaly Detection Method Based on Contrastive Adversarial Training and Dual Feature Extraction
The log messages generated in the system reflect the state of the system at all times. The realization of autonomous detection of abnormalities in log messages can help operators find abnormalities in time and provide a basis for analyzing the causes of abnormalities. First, this paper proposes a lo...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2021-12-01
|
| Series: | Entropy |
| Subjects: | |
| Online Access: | https://www.mdpi.com/1099-4300/24/1/69 |
| _version_ | 1827665625978241024 |
|---|---|
| author | Qiaozheng Wang Xiuguo Zhang Xuejie Wang Zhiying Cao |
| author_facet | Qiaozheng Wang Xiuguo Zhang Xuejie Wang Zhiying Cao |
| author_sort | Qiaozheng Wang |
| collection | DOAJ |
| description | The log messages generated in the system reflect the state of the system at all times. The realization of autonomous detection of abnormalities in log messages can help operators find abnormalities in time and provide a basis for analyzing the causes of abnormalities. First, this paper proposes a log sequence anomaly detection method based on contrastive adversarial training and dual feature extraction. This method uses BERT (Bidirectional Encoder Representations from Transformers) and VAE (Variational Auto-Encoder) to extract the semantic features and statistical features of the log sequence, respectively, and the dual features are combined to perform anomaly detection on the log sequence, with a novel contrastive adversarial training method also used to train the model. In addition, this paper introduces the method of obtaining statistical features of log sequence and the method of combining semantic features with statistical features. Furthermore, the specific process of contrastive adversarial training is described. Finally, an experimental comparison is carried out, and the experimental results show that the method in this paper is better than the contrasted log sequence anomaly detection method. |
| first_indexed | 2024-03-10T01:31:47Z |
| format | Article |
| id | doaj.art-936c631a07c84dc28c55c9a1b0f0fdcb |
| institution | Directory Open Access Journal |
| issn | 1099-4300 |
| language | English |
| last_indexed | 2024-03-10T01:31:47Z |
| publishDate | 2021-12-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Entropy |
| spelling | doaj.art-936c631a07c84dc28c55c9a1b0f0fdcb2023-11-23T13:41:24ZengMDPI AGEntropy1099-43002021-12-012416910.3390/e24010069Log Sequence Anomaly Detection Method Based on Contrastive Adversarial Training and Dual Feature ExtractionQiaozheng Wang0Xiuguo Zhang1Xuejie Wang2Zhiying Cao3School of Information Science and Technology, Dalian Maritime University, Dalian 116026, ChinaSchool of Information Science and Technology, Dalian Maritime University, Dalian 116026, ChinaSchool of Information Science and Technology, Dalian Maritime University, Dalian 116026, ChinaSchool of Information Science and Technology, Dalian Maritime University, Dalian 116026, ChinaThe log messages generated in the system reflect the state of the system at all times. The realization of autonomous detection of abnormalities in log messages can help operators find abnormalities in time and provide a basis for analyzing the causes of abnormalities. First, this paper proposes a log sequence anomaly detection method based on contrastive adversarial training and dual feature extraction. This method uses BERT (Bidirectional Encoder Representations from Transformers) and VAE (Variational Auto-Encoder) to extract the semantic features and statistical features of the log sequence, respectively, and the dual features are combined to perform anomaly detection on the log sequence, with a novel contrastive adversarial training method also used to train the model. In addition, this paper introduces the method of obtaining statistical features of log sequence and the method of combining semantic features with statistical features. Furthermore, the specific process of contrastive adversarial training is described. Finally, an experimental comparison is carried out, and the experimental results show that the method in this paper is better than the contrasted log sequence anomaly detection method.https://www.mdpi.com/1099-4300/24/1/69adversarial trainingcontrastive learningstatistical featuresVAEBERT |
| spellingShingle | Qiaozheng Wang Xiuguo Zhang Xuejie Wang Zhiying Cao Log Sequence Anomaly Detection Method Based on Contrastive Adversarial Training and Dual Feature Extraction Entropy adversarial training contrastive learning statistical features VAE BERT |
| title | Log Sequence Anomaly Detection Method Based on Contrastive Adversarial Training and Dual Feature Extraction |
| title_full | Log Sequence Anomaly Detection Method Based on Contrastive Adversarial Training and Dual Feature Extraction |
| title_fullStr | Log Sequence Anomaly Detection Method Based on Contrastive Adversarial Training and Dual Feature Extraction |
| title_full_unstemmed | Log Sequence Anomaly Detection Method Based on Contrastive Adversarial Training and Dual Feature Extraction |
| title_short | Log Sequence Anomaly Detection Method Based on Contrastive Adversarial Training and Dual Feature Extraction |
| title_sort | log sequence anomaly detection method based on contrastive adversarial training and dual feature extraction |
| topic | adversarial training contrastive learning statistical features VAE BERT |
| url | https://www.mdpi.com/1099-4300/24/1/69 |
| work_keys_str_mv | AT qiaozhengwang logsequenceanomalydetectionmethodbasedoncontrastiveadversarialtraininganddualfeatureextraction AT xiuguozhang logsequenceanomalydetectionmethodbasedoncontrastiveadversarialtraininganddualfeatureextraction AT xuejiewang logsequenceanomalydetectionmethodbasedoncontrastiveadversarialtraininganddualfeatureextraction AT zhiyingcao logsequenceanomalydetectionmethodbasedoncontrastiveadversarialtraininganddualfeatureextraction |