A Confidence-Guided Evaluation for Log Parsers Inner Quality

Xie, Xuhui; Zhi, Wang; Xiao, Xuhang; Lu, Ye; Huang, Shenwei; Li, Tao

doi:10.1007/s11036-019-01501-6

Cited by 5 publications

(1 citation statement)

References 37 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the above operations, noise is inevitably introduced, mainly for the following reasons: First, human or computer errors occur during log collection. Second, the log parser itself is not accurate [15]. For example, He et al [16] and Zhu et al [17] find that existing log parsers are not accurate enough.…”

Section: Noise In Log Collectionmentioning

confidence: 99%

LogCAD: An Efficient and Robust Model for Log-Based Conformal Anomaly Detection

Liu

Liang

Hou

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

Log files are usually semistructured files that record the historical operation information of systems or devices. Researchers often find anomalies by analyzing logs, so as to identify system operation faults and cyberattacks. Traditional classification-based methods, especially deep learning methods, can effectively solve the problem of static log anomaly detection. However, when addressing dynamic unstable logs caused by concept drift and noise, the performance of those methods decreased significantly, and false positives are prone to occur. Retraining model is a choice to solve the log instability problem, but this will greatly increase the computational complexity for deep learning models. The log-based conformal anomaly detection (LogCAD) builds a confidence evaluation mechanism for multiple labels, which can achieve good detection results by making collaborative decisions based on multiple weak classifiers without deep learning. Moreover, LogCAD can be easily extended to dynamic unstable logs. It incrementally updates the trained model with conformal detection results of new samples. Experimental results show that LogCAD can achieve excellent detection results for both dynamic unstable logs and static stable logs. Compared with LogRobust and other deep learning models, it has higher efficiency and wider application scope.

show abstract

Section: Noise In Log Collectionmentioning

confidence: 99%