Geodesic
Deep learning method for identifying anomalies in operating computer systems
Itogi nauki i tehniki. Sovremennaâ matematika i eë priloženiâ. Tematičeskie obzory, Proceedings of the Voronezh international spring mathematical school "Modern methods of the theory of boundary-value problems. Pontryagin readings—XXXIV", Voronezh, May 3-9, 2023, Part 3, Tome 232 (2024), pp. 140-152.

Voir la notice de l'article provenant de la source Math-Net.Ru

The problem of detecting anomalous behavior in large software systems can be reduced to the problem of detecting anomalies in text data streams. In this paper, we propose an approach based on a combination of deep learning (an autoencoder using convolutional neural networks and a single-layer fully connected decoder) and approaches based on the fuzzy clustering method. The solution proposed allows one to construct vector representations of groups of sequential events and identify outliers in the data using a developed layer based on fuzzy clustering and radial basis functions methods.
Mots-clés : anomaly detection, system log analysis, deep learning, neural networks 
@article{INTO_2024_232_a10,
     author = {O. E. Gorokhov and M. I. Petrovskii and I. V. Mashechkin},
     title = {Deep learning method for identifying anomalies in operating computer systems},
     journal = {Itogi nauki i tehniki. Sovremenna\^a matematika i e\"e prilo\v{z}eni\^a. Temati\v{c}eskie obzory},
     pages = {140--152},
     publisher = {mathdoc},
     volume = {232},
     year = {2024},
     language = {ru},
     url = {https://geodesic-test.mathdoc.fr/item/INTO_2024_232_a10/}
}
TY  - JOUR
AU  - O. E. Gorokhov
AU  - M. I. Petrovskii
AU  - I. V. Mashechkin
TI  - Deep learning method for identifying anomalies in operating computer systems
JO  - Itogi nauki i tehniki. Sovremennaâ matematika i eë priloženiâ. Tematičeskie obzory
PY  - 2024
SP  - 140
EP  - 152
VL  - 232
PB  - mathdoc
UR  - https://geodesic-test.mathdoc.fr/item/INTO_2024_232_a10/
LA  - ru
ID  - INTO_2024_232_a10
ER  - 
%0 Journal Article
%A O. E. Gorokhov
%A M. I. Petrovskii
%A I. V. Mashechkin
%T Deep learning method for identifying anomalies in operating computer systems
%J Itogi nauki i tehniki. Sovremennaâ matematika i eë priloženiâ. Tematičeskie obzory
%D 2024
%P 140-152
%V 232
%I mathdoc
%U https://geodesic-test.mathdoc.fr/item/INTO_2024_232_a10/
%G ru
%F INTO_2024_232_a10
O. E. Gorokhov; M. I. Petrovskii; I. V. Mashechkin. Deep learning method for identifying anomalies in operating computer systems. Itogi nauki i tehniki. Sovremennaâ matematika i eë priloženiâ. Tematičeskie obzory, Proceedings of the Voronezh international spring mathematical school "Modern methods of the theory of boundary-value problems. Pontryagin readings—XXXIV", Voronezh, May 3-9, 2023, Part 3, Tome 232 (2024), pp. 140-152. https://geodesic-test.mathdoc.fr/item/INTO_2024_232_a10/

[1] Chandola V., Banerjee A., Kumar V., “Anomaly detection: A survey”, ACM Comp. Surv. (CSUR)., 41:3 (2009), 1–58 | DOI

[2] Chollet F., Deep Learning with Python, Simon and Schuster, 2021 | MR

[3] Girolami M., “Mercer kernel-based clustering in feature space”, IEEE Trans. Neural Networks., 13:3 (2002), 780–784 | DOI

[4] Gorokhov O., Petrovskiy M., Mashechkin I., “Convolutional neural networks for unsupervised anomaly detection in text data”, Int. Conf. on Intelligent Data Engineering and Automated Learning, Springer, Cham, 2017, 500–507

[5] Guo H., Yuan S., Wu X., “Logbert: Log anomaly detection via bert”, Proc. 2021 International Joint Conf. on Neural Networks, IEEE, 2021, 1–8

[6] He S. et al., “Experience report: System log analysis for anomaly detection”, Proc. 2016 IEEE 27th Int. Symp. on Software Reliability Engineering, IEEE, 2016, 207–218

[7] Hotho A., Nurnberger A., Paas G., “A brief survey of text mining”, J. Language Techn. Comput. Linguistics., 20:1 (2005), 19–62 | DOI

[8] Kazachuk M. et al., “Novelty detection using elliptical fuzzy clustering in a reproducing kernel Hilbert space”, Proc. 19th Int. Conf. "Intelligent Data Engineering and Automated Learning (IDEAL-2018). Part 2 (Madrid, Spain, November 21–23, 2018), Springer, 2018, 221–232

[9] Kim Y., Convolutional neural networks for sentence classification, arXiv: 1408.5882 [cs.CL]

[10] Klambauer G. et al., “Self-normalizing neural networks”, Adv. Neural Inform. Process. Syst., 30 (2017), 971–980

[11] Le V. H., Zhang H., “Log-based anomaly detection with deep learning: How far are we?”, Proc. 44th Int. Conf. on Software Engineering, 2022, 1356–1367

[12] Ma J. et al., “Automatic parsing and utilization of system log features in log analysis: A Survey”, Appl. Sci., 13:8 (2023), 4930 | DOI

[13] Manevitz L. M., Yousef M., “One-class SVMs for document classification”, J. Machine Learn. Res., 2 (2001), 139–154

[14] Mi H. et al., “Toward fine-grained, unsupervised, scalable performance diagnosis for production cloud computing systems”, IEEE Trans. Paral. Distr. Syst., 24:6 (2013), 1245–1255 | DOI

[15] Micikevicius P. et al., Mixed precision training, arXiv: 1710.03740 [cs.AI]

[16] Oliner A., Stearley J., “What supercomputers say: A study of five system logs”, Proc. 37th Annual IEEE/IFIP Int. Conf. on Dependable Systems and Networks, IEEE, 2007, 575–584

[17] Petrovskiy M. I., “Outlier detection algorithms in data mining systems”, Program. Comput. Software., 29 (2003), 228–237 | DOI | MR

[18] Ryciak P., Wasielewska K., Janicki A., “Anomaly detection in log files using selected natural language processing methods”, Appl. Sci., 12:10 (2022), 5089 | DOI

[19] Vaswani A. et al., “Attention is all you need”, Adv. Neural Inform. Process. Syst., 30 (2017), 5998–6008

[20] Xu W. et al., “Detecting large-scale system problems by mining console logs”, Proc. ACM SIGOPS 22nd Symp. on Operating Systems Principles, 2009, 117–132