Online Anomaly Detection by Improved Grammar Compression of Log Sequences

Gao, Yun; Zhou, Wei; Zhang, Zhang; Han, Jizhong; Meng, Dan; Xu, Zhiyong

doi:10.1137/1.9781611973440.104

Cited by 2 publications

(3 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Researchers have been trying several different techniques, such as deep learning and NLP ( Du et al, 2017 ; Bertero et al, 2017 ; Meng et al, 2019 ; Zhang et al, 2019 ), data mining, statistical learning methods, and machine learning ( Lu et al, 2017 ; He et al, 2016b ; Ghanbari, Hashemi & Amza, 2014 ; Tang & Iyer, 1992 ; Lim, Singh & Yajnik, 2008 ; Xu et al, 2009b , Xu et al, 2009a ) control flow graph mining from execution logs ( Nandi et al, 2016 ), finite state machines ( Fu et al, 2009 ; Debnath et al, 2018 ), frequent itemset mining ( Lim, Singh & Yajnik, 2008 ), dimensionality reduction techniques ( Juvonen, Sipola & Hämäläinen, 2015 ), grammar compression of log sequences ( Gao et al, 2014 ), and probabilistic suffix trees ( Bao et al, 2018 ).…”

Section: Resultsmentioning

confidence: 99%

Log-based software monitoring: a systematic mapping study

Cândido

Aniche

Deursen

2021

PeerJ Computer Science

View full text Add to dashboard Cite

Modern software development and operations rely on monitoring to understand how systems behave in production. The data provided by application logs and runtime environment are essential to detect and diagnose undesired behavior and improve system reliability. However, despite the rich ecosystem around industry-ready log solutions, monitoring complex systems and getting insights from log data remains a challenge. Researchers and practitioners have been actively working to address several challenges related to logs, e.g., how to effectively provide better tooling support for logging decisions to developers, how to effectively process and store log data, and how to extract insights from log data. A holistic view of the research effort on logging practices and automated log analysis is key to provide directions and disseminate the state-of-the-art for technology transfer. In this paper, we study 108 papers (72 research track papers, 24 journals, and 12 industry track papers) from different communities (e.g., machine learning, software engineering, and systems) and structure the research field in light of the life-cycle of log data. Our analysis shows that (1) logging is challenging not only in open-source projects but also in industry, (2) machine learning is a promising approach to enable a contextual analysis of source code for log recommendation but further investigation is required to assess the usability of those tools in practice, (3) few studies approached efficient persistence of log data, and (4) there are open opportunities to analyze application logs and to evaluate state-of-the-art log analysis techniques in a DevOps context.

show abstract

Section: Resultsmentioning

confidence: 99%

Log-based software monitoring: a systematic mapping study

Cândido

Aniche

Deursen

2021

PeerJ Computer Science

View full text Add to dashboard Cite

show abstract

“…We use the method in [7] and the standard HMM for Markov methods, the method in [8] for statistical methods, the T-STDIE [4] method for window based methods and CADM [1] for compression based methods. As the Figure 3 shows, PADM is better than the other methods, demonstrated by the ROC of PADM which is very close to 1.…”

Section: B Performance Of Datanode Logsmentioning

confidence: 99%

“…Paper [4] and [5] review the existing discrete sequence of anomaly detection methods, and they concluded three different methods of discrete sequence anomaly detection. The anomaly detection work CADM is our previous work [1], which uses the relative entropy between normal logs and testing logs as an identity of anomaly degree. CADM bases on the convergence of the estimation of the divergence, for short sequences, this convergence may not be fully achieved.…”

Section: Performance Of Scalabilitymentioning

confidence: 99%

PADM: Page Rank-Based Anomaly Detection Method of Log Sequences by Graph Computing

Yan

Zhou

Gao

et al. 2014

2014 IEEE 6th International Conference on Cloud Computing Technology and Science

Self Cite

View full text Add to dashboard Cite

With the popularity of various software applications in cloud computing, software exception becomes an important issue. How to detect the exceptions more quickly seems to be crucial for the software service company. To solve the above problem, this paper presents an efficient log anomaly detection method named PADM(PageRank-based Anomaly Detection Method) based on the graph computing algorithm. In this method, the logs are transformed into a graph to represent the complex relationship between the log records, then we design an extended PageRank algorithm based on the graph to get the importance score for each log. After that, we compare the scores to that of the training logs to determine whether they are abnormal or not. Finally, we compare PADM with other anomaly detection methods on the real logs, and the results show that it outperforms the currently widely used mechanisms with higher accuracy, lower time complexity and better scalability.

show abstract

Online Anomaly Detection by Improved Grammar Compression of Log Sequences

Cited by 2 publications

References 20 publications

Log-based software monitoring: a systematic mapping study

Log-based software monitoring: a systematic mapping study

PADM: Page Rank-Based Anomaly Detection Method of Log Sequences by Graph Computing

Contact Info

Product

Resources

About