Predictive diagnostics of computer systems logs using natural language processing techniques

Мұқаба

Дәйексөз келтіру

Толық мәтін

Аннотация

This study aims to develop and validate a method for predictive diagnostics and anomaly detection in computer system logs, using the Vertica database as a case study. The proposed approach is based on semisupervised learning combined with natural language processing techniques. A specialized parser utilizing a semantic graph was developed for data preprocessing. Vectorization was performed using the fastText NLP library and TF-IDF weighting. Empirical validation was conducted on real Vertica log files from a large IT company, containing periods of normal operation and anomalies leading to failures. A comparative assessment of various anomaly detection algorithms was performed, including k-nearest neighbors, autoencoders, One Class SVM, Isolation Forest, Local Outlier Factor, and Elliptic Envelope. Results are visualized through anomaly graphs depicting time intervals exceeding the threshold level. The findings demonstrate high efficacy of the proposed approach in identifying anomalies preceding system failures and delineate promising directions for further research.

Авторлар туралы

Vladislav Kiriachek

RUDN University

Email: w.a.kiryachok@mail.ru
ORCID iD: 0009-0002-9692-0225
Scopus Author ID: 57220041155

PhD student of Department of Computational Mathematics and Artificial Intelligence

6, Miklukho-Maklaya St, Moscow, 117198, Russian Federation

Soltan Salpagarov

RUDN University

Хат алмасуға жауапты Автор.
Email: salpagarov-si@rudn.ru
ORCID iD: 0000-0002-5321-9650
Scopus Author ID: 57201380251

Candidate of Physical and Mathematical Sciences, associate Professor of Department of Computational Mathematics and Artificial Intelligence

6, Miklukho-Maklaya St, Moscow, 117198, Russian Federation

Әдебиет тізімі

  1. He, P., Zhu, J., Zheng, Z. & Lyu, M. R. Drain: An online log parsing approach with fixed depth tree. IEEE International Conference on Web Services (ICWS), 33-40. doi: 10.1109/ICWS.2017.13 (2017).
  2. Du, M. & Li, F. Spell: Streaming parsing of system event logs. 2016 IEEE 16th International Conference on Data Mining (ICDM), 859-864. doi: 10.1109/ICDM.2016.0103 (2016).
  3. Bojanowski, P., Grave, E., Joulin, A. & Mikolov, T. Enriching Word Vectors with Subword Information. Transactions of the Association for Computational Linguistics 5, 135-146. doi:10. 1162/tacl_a_00051 (2017).
  4. Zhang, X. et al. Robust log-based anomaly detection on unstable log data. ESEC/FSE, 807-817. doi: 10.1145/3338906.3338931 (2019).
  5. Lu, S., Wei, X., Li, Y. & Wang, L. Detecting anomaly in big data system logs using convolutional neural network. In 2018 IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing, 16th Intl Conf on Pervasive Intelligence and Computing, 4th Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech), 151 doi: 10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00037 (2018).
  6. Du, M., Li, F., Zheng, G. & Srikumar, V. DeepLog: Anomaly detection and diagnosis from system logs through deep learning. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 1285-1298. doi: 10.1145/3133956.3134015 (2017).
  7. Meng, W. et al. LogAnomaly: Unsupervised Detection of Sequential and Quantitative Anomalies in Unstructured Logs. In IJCAI 7, 4739-4745. doi: 10.24963/ijcai.2019/658 (2019).
  8. Guo, H., Yuan, S. & Wu, X. LogBERT: Log Anomaly Detection via BERT. In 2021 international joint conference on neural networks, 1-8. doi: 10.48550/arXiv.2103.04475 (Mar. 2021).
  9. Yang, L., Chen, J., Wang, Z., Wang, W., Jiang, J., Dong, X. & Zhang, W. Semi-Supervised Log-Based Anomaly Detection via Probabilistic Label Estimation. 2021 IEEE/ACM 43rd International Conference on Software Engineering (ICSE), 1448-1460. doi: 10.1109/ICSE43902.2021.00130 (2021).
  10. Nedelkoski, S., Bogatinovski, J., Acke, A., Cardoso, J. & Kao, O. Self-attentive classification-based anomaly detection in unstructured logs. In 2020 IEEE international conference on data mining, 1196-1201. doi: 10.1109/ICDM50108.2020.00148 (2020).
  11. Farzad, A. & Gulliver, T. A. Unsupervised log message anomaly detection. ICT Express, 229-237. doi: 10.1016/j.icte.2020.06.003 (2020).
  12. Wang, Q., Zhang, X., Wang, X. & Cao, Z. Log Sequence Anomaly Detection Method Based on Contrastive Adversarial Training and Dual Feature Extraction. Entropy 24, 69. doi: 10.3390/e24010069 (Dec. 2021).
  13. Wan, Y., Liu, Y., Wang, D. & Wen, Y. GLAD-PAW: Graph-Based Log Anomaly Detection by Position Aware Weighted Graph Attention Network in (May 2021). doi: 10.1007/978-3-030-75762-5_6.
  14. Catillo, M., Pecchia, A. & Villano, U. AutoLog: Anomaly detection by deep autoencoding of system logs. Expert Systems with Applications 191. doi: 10.1016/j.eswa.2021.116263 (2022).
  15. Schölkopf, B., Platt, J. C., Shawe-Taylor, J., Smola, A. J. & Williamson, R. C. Estimating the support of a high-dimensional distribution. Neural Computation 13(7), 1443-1471. doi: 10.1162/089976601750264965 (2001).
  16. Liu, F. T., Ting, K. M. & Zhou, Z. H. Isolation Forest. 2008 Eighth IEEE International Conference on Data Mining, Pisa, Italy, 413-422. doi: 10.1109/ICDM.2008.17 (2008).
  17. Breunig, M., Kröger, P., Ng, R. & Sander, J. LOF: Identifying Density-Based Local Outliers. ACM Sigmod Record 29, 93-104. doi: 10.1145/342009.335388 (June 2000).
  18. Rousseeuw, P. J. & Van Driessen, K. A fast algorithm for the minimum covariance determinant estimator. Technometrics 41(3), 212. doi: 10.1080/00401706.1999.10485670 (1999).
  19. Mikolov, T., Chen, K., Corrado, G. & Dean, J. Efficient estimation of word representations in vector space. doi: 10.48550/arXiv.1301.3781 (2013).
  20. Pennington, J., Socher, R. & Manning, C. D. Glove: Global vectors for word representation. In Proceedings of the 2014 conference on empirical methods in natural language processing, 1532-1543. doi: 10.3115/v1/D14-1162 (2014).

Қосымша файлдар

Қосымша файлдар
Әрекет
1. JATS XML
Жүктеу