计算机应用研究2024,Vol.41Issue(4):1034-1040,7.DOI:10.19734/j.issn.1001-3695.2023.07.0365
TRGATLog:基于日志时间图注意力网络的日志异常检测方法
TRGATLog:log anomaly detection method based on log time relation graph attention network
摘要
Abstract
In order to solve the problem that the existing log anomaly detection methods tend to focus only on the single feature of the quantitative relationship mode or the sequential mode,ignoring the relationship of the log time structure and the inter-relation between different features,resulting in a high error detection rate and false positive rate,this paper proposed a log anomaly detection method based on the log time graph attention network.Firstly,this paper constructed a log time graph by designing a joint feature extraction module of log semantics and time structure,which effectively integrated the time structure relationship and semantic information of log.Secondly,it constructed the time relationship graph attention network,and used the graph structure to describe the time structure relationship between logs,which could adaptively learn the importance of dif-ferent logs and carry out anomaly detection.Finally,it used three public datasets to verify the effectiveness of the model.Ex-tensive experiments results indicate that the proposed method is able to effectively capture the temporal structure relationships in the logs,thereby improving the accuracy of anomaly detection.关键词
异常检测/日志分析/图注意力网络/网络安全/日志时间图Key words
anomaly detection/log analysis/graph attention network/network security/time relation graph分类
信息技术与安全科学引用本文复制引用
陈旭,张硕,景永俊,王叔洋..TRGATLog:基于日志时间图注意力网络的日志异常检测方法[J].计算机应用研究,2024,41(4):1034-1040,7.基金项目
中央高校基本科研业务费专项资金资助项目(2022PT_S04) (2022PT_S04)
宁夏回族自治区重点研发项目(2023BDE02017) (2023BDE02017)
