网络安全与数据治理2025,Vol.44Issue(12):16-25,10.DOI:10.19358/j.issn.2097-1788.2025.12.003
基于自编码器的日志异常检测方法研究
Research on log anomaly detection method based on autoencoder
Yang Guang 1Lei Yufang 2Wang Peng 2Sun Qiang 2Yan Kaixin 1Zhu Yan 1Pan Haolong 1Wang Xuren3
作者信息
- 1. Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100085,China
- 2. SinoRail(Beijing)Information Technology Service Co.,Ltd.,Beijing 100055,China
- 3. Capital Normal University,Beijing 100048,China
- 折叠
摘要
Abstract
System logs contain key operational information and problem clues.However,as the system scale expands,log data becomes increasingly large and complex,making automated anomaly detection a research focus.Current studies face challenges such as imbalanced log data and insufficient labeled data,which lead to low detection accuracy.To address these challenges,a log anomaly detection method based on Multi-Window Long Short-Term Memory(LSTM)Autoencoder is proposed,focusing on three aspects:log data processing,autoencoder model,and log event classification.This method combines the advantages of LSTM and autoencoder,and uses a multi-window strategy to capture contextual information at different time scales,providing a more effective anomaly detection solution for time-sensitive logs.Experimental results show that this method achieves high F1-scores on two public datasets,Hadoop Distributed File System(HDFS)and Blue Gene/L(BGL),and exhibits better anomaly detection performance compared with other methods.关键词
系统日志/异常检测/深度学习/自编码器Key words
system logs/anomaly detection/deep learning/autoencoder分类
信息技术与安全科学引用本文复制引用
Yang Guang,Lei Yufang,Wang Peng,Sun Qiang,Yan Kaixin,Zhu Yan,Pan Haolong,Wang Xuren..基于自编码器的日志异常检测方法研究[J].网络安全与数据治理,2025,44(12):16-25,10.
