Paper Info
Title
LogNADS: Network anomaly detection scheme based on log semantics representation
Abstract
Semantics-aware anomaly detection based on log has attracted much attention. However, the existing methods based on the weighted aggregation of all word vectors might lose the semantic relationship of word order and cannot maintain the unique representation, and the methods based on word order-preserving by concatenating all word vectors might lead to a high computation time cost. To solve these issues and further improve the sequential anomaly detection, this paper proposes a network anomaly detection scheme LogNADS by designing a novel log semantics representation method and an adaptive sequence data construction method. It first discards the useless words and then selects theme words to hold the log abstraction and maintain a low time cost as well. Subsequently, it concatenates theme words’ vectors based on the original word order to maintain the unique representation and avoid the word order loss. Furthermore, to better detect the sequential anomalies, we utilize the sliding window scheme and design a method to compute the optimal window size for constructing the log sequence self-adaptively, and then LSTM is built to extract timing characteristics of the log sequences. Experimental results conducted on the public benchmark HDFS dataset and BGL dataset demonstrate the effectiveness of LogNADS through comparing with other state-of-the-art methods in the detection accuracy and time cost. Moreover, the statistical significance tests prove the superior performance.
Year
DOI
Venue
2021
10.1016/j.future.2021.05.024
Future Generation Computer Systems
Keywords
DocType
Volume
Anomaly detection,Log,Semantics representation,LSTM
Journal
124
ISSN
Citations 
PageRank 
0167-739X
0
0.34
References 
Authors
0
7
Name
Order
Citations
PageRank
Xu Liu152.81
Weiyou Liu201.01
Xiaoqiang Di304.39
Jinqing Li435.81
Binbin Cai500.34
Weiwu Ren611.03
Huamin Yang71917.29