Microservice Anomaly Detection Based on Tracing Data Using Semi-supervised Learning

Li, Min; Tang, Dingyong; Wen, Zepeng; Cheng, Yunchang

doi:10.1109/icaibd51990.2021.9459100

Cited by 6 publications

(2 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Another study utilizing a semi-supervised anomaly detection model for insider threat detection in website cluster systems is proposed in [24]. The model combines agglomerative hierarchical clustering and heuristic-based log parsing techniques and utilizes user behavior, system, and time-based features for classification.…”

Section: Learning-based Insider Detection Techniquesmentioning

confidence: 99%

A Review of Recent Advances, Challenges, and Opportunities in Malicious Insider Threat Detection Using Machine Learning Methods

Alzaabi,

Mehmood

2024

IEEE Access

View full text Add to dashboard Cite

Insider threat detection has become a paramount concern in modern times where organizations strive to safeguard their sensitive information and critical assets from malicious actions by individuals with privileged access. This survey paper provides a comprehensive overview of insider threat detection, highlighting its significance in the current landscape of cybersecurity. The review encompasses a broad spectrum of methodologies and techniques, with a particular focus on classical machine-learning approaches and their limitations in effectively addressing the intricacies of insider threats. Furthermore, the survey explores the utilization of modern deep learning and natural language processing (NLP) based methods as promising alternatives, shedding light on their advantages over traditional methods. This analysis underscores the need for sophisticated solutions that can adapt to evolving threat landscapes and accommodate the intricacies of human behavior. In the conclusion section, the paper offers valuable insights into the future directions of insider threat detection. It advocates for the integration of more sophisticated time-series-based techniques, recognizing the importance of temporal patterns in insider threat behaviors. Additionally, the survey underscores the potential of NLP and large language model-based approaches, which can enhance threat detection by deciphering textual and contextual information. These recommendations reflect the evolving nature of insider threats and emphasize the need for proactive, datadriven strategies to safeguard organizations against internal security breaches. In conclusion, this survey not only underscores the urgency of addressing insider threats but also provides a roadmap for the adoption of advanced methodologies to enhance detection and mitigation capabilities in contemporary cybersecurity paradigms.

show abstract

Section: Learning-based Insider Detection Techniquesmentioning

confidence: 99%

A Review of Recent Advances, Challenges, and Opportunities in Malicious Insider Threat Detection Using Machine Learning Methods

Alzaabi,

Mehmood

2024

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Service granularity location. Researchers have proposed different approaches to pinpoint root cause services, including graph-based approaches, machine learning-based approaches, and time series-based methods [9].…”

Section: Related Workmentioning

confidence: 99%

MicroState: An Anomaly Localization Method in Heterogeneous Microservice Systems

Yang

Guo

CHEN

2023

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

Microservice architecture has been widely adopted for large-scale applications because of its benefits of scalability, flexibility, and reliability. However, microservice architecture also proposes new challenges in diagnosing root causes of performance degradation. Existing methods rely on labeled data and suffer a high computation burden. This paper proposes MicroState, an unsupervised and lightweight method to pinpoint the root cause with detailed descriptions. We decompose root cause diagnosis into element location and detailed reason identification. To mitigate the impact of element heterogeneity and dynamic invocations, MicroState generates elements' invoked states, quantifies elements' abnormality by warping-based state comparison, and infers the anomalous group. MicroState locates the root cause element with the consideration of anomaly frequency and persistency. To locate the anomalous metric from diverse metrics, MicroState extracts metrics' trend features and evaluates metrics' abnormality based on their trend feature variation, which reduces the reliance on anomaly detectors. Our experimental evaluation based on public data of the Artificial intelligence for IT Operations Challenge (AIOps Challenge 2020) shows that MicroState locates root cause elements with 87% precision and diagnoses anomaly reasons accurately.

show abstract

Unsupervised Microservice Log Anomaly Detection Method Based on Graph Neural Network

Liang,

Li,

Peng

2024

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Microservice Anomaly Detection Based on Tracing Data Using Semi-supervised Learning

Cited by 6 publications

References 5 publications

A Review of Recent Advances, Challenges, and Opportunities in Malicious Insider Threat Detection Using Machine Learning Methods

A Review of Recent Advances, Challenges, and Opportunities in Malicious Insider Threat Detection Using Machine Learning Methods

MicroState: An Anomaly Localization Method in Heterogeneous Microservice Systems

Unsupervised Microservice Log Anomaly Detection Method Based on Graph Neural Network

Contact Info

Product

Resources

About