 Anomaly Detection Using System Logs: A Deep Learning ApproachRohit Sinha,
Rittika Sur,
Ruchi Sharma and
Avinash K. Shrivastava
International Journal of Information Security and Privacy (IJISP), 2022, vol. 16, issue 1, 1-15 Abstract: Anomaly detection is a very important step in building a secure and trustworthy system. Manually it is daunting to analyze and detect failures and anomalies. In this paper, we proposed an approach that leverages the pattern matching capabilities of Convolution Neural Network (CNN) for anomaly detection in system logs. Features from log files are extracted using a windowing technique. Based on this feature, a one-dimensional image (1×n dimension) is generated where the pixel values of an image correlate with the features of the logs. On these images, the 1D Convolution operation is applied followed by max pooling. Followed by Convolution layers, a multi-layer feed-forward neural network is used as a classifier that learns to classify the logs as normal or abnormal from the representation created by the convolution layers. The model learns the variation in log pattern for normal and abnormal behavior. The proposed approach achieved improved accuracy compared to existing approaches for anomaly detection in Hadoop Distributed File System (HDFS) logs. Date: 2022 Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:igg:jisp00:v:16:y:2022:i:1:p:1-15 Access Statistics for this article International Journal of Information Security and Privacy (IJISP) is currently edited by Yassine Maleh More articles in International Journal of Information Security and Privacy (IJISP) from IGI Global |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.