计算机应用研究2024,Vol.41Issue(7):2110-2117,8.DOI:10.19734/j.issn.1001-3695.2023.10.0507
基于双向时间卷积网络的半监督日志异常检测
Semi-supervised log anomaly detection based on bidirectional temporal convolution network
摘要
Abstract
Because the accuracy of log parsing is not high and the lack of tag samples reduces the accuracy of anomaly detec-tion,this paper proposed a new semi-supervised anomaly detection method based on logs.Firstly,the method enhanced the log parsing method of the dictionary to retain parameter information in log events,improving the utilization and accuracy of log resolution.Next,the method utilized BERT to encode semantic information in the template,obtaining the semantic vector of the log.Then,the method employed the clustering method to estimate the tag,which effectively alleviated the problem of in-sufficient data labeling and enhanced the model's ability of detecting unstable data.Finally,the method captured context in-formation from two directions based on the bidirectional temporal convolution network(Bi-TCN)with residual blocks,which enhanced the accuracy and efficiency of anomaly detection.To evaluate the method's performance,it conducted extensive ex-periments on two datasets.The results demonstrate that the proposed method achieves an average improvement of 7%,14.1%and 8.04%in F1 value compared to the latest three benchmark models,LogBERT,PLELog and LogEncoder,enabling effi-cient and accurate log parsing and log anomaly detection.关键词
日志解析/异常检测/半监督学习/双向时间卷积网络/上下文相关性Key words
log parsing/anomaly detection/semi-supervised learning/bidirectional temporal convolution network/contextual correlation分类
信息技术与安全科学引用本文复制引用
尹春勇,孔娴..基于双向时间卷积网络的半监督日志异常检测[J].计算机应用研究,2024,41(7):2110-2117,8.基金项目
国家自然科学基金面上项目(6177282) (6177282)
