Please use this identifier to cite or link to this item:
http://hdl.handle.net/11375/28756
Full metadata record
DC Field | Value | Language |
---|---|---|
dc.contributor.advisor | Chen, Jun | - |
dc.contributor.author | Liu, Si Tong | - |
dc.date.accessioned | 2023-07-28T17:33:30Z | - |
dc.date.available | 2023-07-28T17:33:30Z | - |
dc.date.issued | 2023 | - |
dc.identifier.uri | http://hdl.handle.net/11375/28756 | - |
dc.description.abstract | Maintaining the stability and performance of software and computer system has always been an ongoing question. As system logs are present in almost all computer systems and software, log anomaly detection has become a major method towards troubleshooting system failures and conducting in-depth analysis to identify the underlying causes. In recent years, even though there has been lots of research done on log anomaly detection, most of them ignored two major problems: the presence of noise when acquiring and processing logs, and the cold-start problem when handling a newly onboarded system. These are two practical problems that usually coexist in a real-world scenario and hasn’t been addressed together effectively yet. There were a few works proposed to apply transfer learning in log anomaly detection so that knowledge from a source log dataset can be transferred to a target log dataset, thus alleviating the cold-start problem when handling new systems being onboarded. However, without first solving the noise issue within the log dataset, these methods become impractical in real-world settings. The existence of noise within the source system can greatly impair feature extraction process from the log dataset, leading to a decreased performance of model when detecting anomalies in the target system dataset which might contain noise as well. In this paper, we propose a novel robust and transfer-learning-based method, called LogRT. LogRT utilizes an Attention-based Bidirectional-Long-Short-Term-Memory model during the feature extraction process to extract the contextual information in log sequences where importance of different log events can be learned by the model automatically even if there are noises present in the dataset. Through combining this robust module with a state-of-the-art transfer learning method, domain adaptation, LogRT can apply the valuable information learned from a noisy source system into a target system and provide high performance on detecting anomalies in logs even with the presence of multiple types of noise in both source and target systems. Extensive experimental evaluations demonstrate that LogRT has competitive performance in real-world scenarios. | en_US |
dc.language.iso | en | en_US |
dc.title | Robust and Transferable Log Anomaly Detection | en_US |
dc.type | Thesis | en_US |
dc.contributor.department | Electrical and Computer Engineering | en_US |
dc.description.degreetype | Thesis | en_US |
dc.description.degree | Master of Applied Science (MASc) | en_US |
Appears in Collections: | Open Access Dissertations and Theses |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
Liu_Si_Tong_2023July_Master_of_Applied_Science.pdf | 2.29 MB | Adobe PDF | View/Open |
Items in MacSphere are protected by copyright, with all rights reserved, unless otherwise indicated.