Rapid log anomaly detection method and device based on low-dimensional multi-level features

An anomaly detection, multi-level technology, applied in the direction of security communication devices, neural learning methods, instruments, etc., can solve the problems of reduced efficiency, increased cost, excessive log quantity, etc., and achieve the effect of simple, effective detection and flexible means

Inactive Publication Date: 2022-06-24
杭州环木信息科技有限责任公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, due to the large number of logs and inconsistent log formats, the cost of the method of rule matching or manual detection is increasing, and the efficiency is gradually decreasing.
However, the existing log detection algorithm uses high-dimensional log features for detection, which will make it difficult for the unsupervised model to converge and increase the detection time
In addition, these models often suffer from concept drift problems that cause model failure

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Rapid log anomaly detection method and device based on low-dimensional multi-level features
  • Rapid log anomaly detection method and device based on low-dimensional multi-level features
  • Rapid log anomaly detection method and device based on low-dimensional multi-level features

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative efforts shall fall within the protection scope of the present invention.

[0026] The invention provides a fast log anomaly detection method based on low-dimensional multi-level features, such as figure 1 It includes the following steps:

[0027] Model building phase:

[0028] Step 1. Log data collection

[0029] To satisfy online training and testing, the training log data does not need labels, but it needs to satisfy that the number of normal data is far more than the abnormal data. This step collects the original log data of the current period of time.

[0030] Step 2. Log parsing

[0031] Log data itself is unstructured text, and the pur...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a quick log anomaly detection method and device based on low-dimensional multi-level features. The method comprises a log feature extraction step and a log anomaly detection step. In the log feature extraction step, a natural language processing technology is utilized to convert an unstructured log stream into a structured log, feature extraction is carried out, a dimension reduction technology is utilized to reduce feature dimensions, and the detection speed is improved; in the log anomaly detection step, anomaly detection is carried out according to the extracted features, wherein a detection model is obtained through online training according to the current to-be-detected log flow and an anomaly detection algorithm; according to the method, anomaly detection is carried out on the log stream, a periodic retraining strategy is designed to overcome the concept drift problem in log anomaly detection, the detection rate and the detection speed are improved by utilizing low-dimensional multi-level features, detection of network faults and network attacks is realized, and the security of a network environment is improved.

Description

technical field [0001] The present invention relates to the technical field of computer network security, in particular to a method and device for fast log anomaly detection based on low-dimensional and multi-level features. Background technique [0002] With the development of 5G technology, modern communication networks are becoming more and more complex, and network devices generate massive amounts of log data every day. These logs can be used to analyze the operating status of devices and realize fault detection or prediction. However, due to the large number of logs and inconsistent log formats, the cost of rule matching or manual detection methods continues to increase, and the efficiency gradually decreases. However, the existing log detection algorithms use high-dimensional log features for detection, which will make the unsupervised model difficult to converge and increase the detection time. In addition, these models often suffer from concept drift problems that l...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L41/06H04L41/069H04L41/142H04L41/147H04L9/40G06F40/216G06K9/62G06N3/04G06N3/08
CPCH04L41/06H04L41/069H04L41/142H04L41/147H04L63/1425G06F40/216G06N3/08G06N3/047G06N3/044G06F18/24323
Inventor 林峰张斌许文曜李勤黄名畯
Owner 杭州环木信息科技有限责任公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap