EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

LogGAN: a Log-level Generative Adversarial Network for Anomaly Detection using Permutation Event Modeling

Bin Xia (), Yuxuan Bai, Junjie Yin, Yun Li () and Jian Xu ()
Additional contact information
Bin Xia: Nanjing University of Posts and Telecommunications
Yuxuan Bai: Nanjing University of Posts and Telecommunications
Junjie Yin: Nanjing University of Posts and Telecommunications
Yun Li: Nanjing University of Posts and Telecommunications
Jian Xu: Nanjing University of Science and Technology

Information Systems Frontiers, No 0, 14 pages

Abstract: Abstract System logs that trace system states and record valuable events comprise a significant component of any computer system in our daily life. Each log contains sufficient information (i.e., normal and abnormal instances) that assist administrators in diagnosing and maintaining the operation of systems. If administrators cannot detect and eliminate diverse and complex anomalies (i.e., bugs and failures) efficiently, running workflows and transactions, even systems, would break down. Therefore, the technique of anomaly detection has become increasingly significant and attracted a lot of research attention. However, current approaches concentrate on the anomaly detection analyzing a high-level granularity of logs (i.e., session) instead of detecting log-level anomalies which weakens the efficiency of responding anomalies and the diagnosis of system failures. To overcome the limitation, we propose an LSTM-based generative adversarial network for anomaly detection based on system logs using permutation event modeling named LogGAN, which detects log-level anomalies based on patterns (i.e., combinations of latest logs). On the one hand, the permutation event modeling mitigates the strong sequential characteristics of LSTM for solving the out-of-order problem caused by the arrival delays of logs. On the other hand, the generative adversarial network-based model mitigates the impact of imbalance between normal and abnormal instances to improve the performance of detecting anomalies. To evaluate LogGAN, we conduct extensive experiments on two real-world datasets, and the experimental results show the effectiveness of our proposed approach on the task of log-level anomaly detection.

Keywords: Anomaly detection; Generative adversarial network; Log-level anomaly; Permutation event modeling (search for similar items in EconPapers)
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (1)

Downloads: (external link)
http://link.springer.com/10.1007/s10796-020-10026-3 Abstract (text/html)
Access to the full text of the articles in this series is restricted.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:spr:infosf:v::y::i::d:10.1007_s10796-020-10026-3

Ordering information: This journal article can be ordered from
http://www.springer.com/journal/10796

DOI: 10.1007/s10796-020-10026-3

Access Statistics for this article

Information Systems Frontiers is currently edited by Ram Ramesh and Raghav Rao

More articles in Information Systems Frontiers from Springer
Bibliographic data for series maintained by Sonal Shukla () and Springer Nature Abstracting and Indexing ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-20
Handle: RePEc:spr:infosf:v::y::i::d:10.1007_s10796-020-10026-3