基于改进时间卷积网络的日志序列异常检测  被引量:10

Anomaly Detection for Log Sequence Based on Improved Temporal Convolutional Network

在线阅读下载全文

作  者:杨瑞朋 屈丹 朱少卫 钱叶魁 唐永旺 YANG Ruipeng;QU Dan;ZHU Shaowei;QIAN Yekui;TANG Yongwang(School of Information System Engineering,PLA Strategic Support Force Information Engineering University,Zhengzhou 450002,China;PLA Army Academy of Artillery and Air Defense(Zhengzhou Campus),Zhengzhou 450002,China)

机构地区:[1]中国人民解放军战略支援部队信息工程大学信息系统工程学院,郑州450002 [2]中国人民解放军陆军炮兵防空兵学院(郑州校区),郑州450002

出  处:《计算机工程》2020年第8期50-57,共8页Computer Engineering

基  金:国家自然科学基金面上项目(61673395)。

摘  要:基于循环神经网络的日志序列异常检测模型对短序列有较好的检测能力,但对长序列的检测准确性较差。为此,提出一种基于时间卷积网络的通用日志序列异常检测框架。将日志模板序列建模为自然语言序列,把基于神经网络训练的词嵌入作为模型的输入,以表示目标词在当前日志序列中的语义规则,并通过降维提高整个框架的运算效率。此外,提出用带参数的ReLU替换ReLU,用自适应平均池化层替换全连接层,将日志序列的异常检测问题建模成自然语言序列生成问题。实验结果表明,该检测框架的总体准确率高于TCN+Linear、TCN+AAP等方法。Existing anomaly detection models for log sequence based on recurrent neural network perform well for shorter sequences,but underperform for long sequences.To address the problem,this paper proposes a general anomaly detection framework for log sequences based on temporal convolutional networks.By modeling the log template sequence as a natural language sequence and using word embedding based on neural network training as the input of the model,the semantic rules of the target words in the current log sequence can be represented,and the computing efficiency of the whole framework can be improved by dimension reduction.In addition,which uses ReLU with parameters to replaces ReLU and uses adaptive average pooling layer to replace fully connected layer.The anomaly detection problem of log sequence is modeled as the natural language sequence generation problem.Experimental results show that the overall accuracy of the detection framework is higher than that of TCN+Linear,TCN+AAP and other methods.

关 键 词:异常检测 日志 时间卷积网络 激活函数 自适应平均池化 

分 类 号:TP183[自动化与计算机技术—控制理论与控制工程]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象