| 摘 要: 针对现有日志特征提取不充分且存在噪音等问题,提出一种基于门控循环单元(Gate Recurrent Unit, GRU)的日志异常检测方法。该方法使用BERT(Bidirectional Encoder Representations from Transfomers)提取日志的语 义特征,然后利用事件逆频率加权对特征进行优化。采用基于注意力和门控循环单元的模型进行日志异常检测,以减 少日志噪声对检测结果的影响。在2个真实的数据集上的实验结果表明,该方法在异常检测任务中表现出色,F1值 平均达到0.98,与基准方法DeepLog(Deep Log Anomaly Detection)相比,分别提高了3.36%和11.0%。 |
| 关键词: 日志异常检测;门控循环单元;注意力机制;双向编码语义解析 |
|
中图分类号: TP391.1
文献标识码: A
|
|
| Log Anomaly Detection Method Based on Gate Recurrent Uni |
|
YANG Wenxin, CHEN Wei, WU Yuxin
|
(College of Computer Science and Technology, Nanjing University of Posts and Telecommunications, Nanjing 210000, China)
njupt_ywx@163.com; chenwei@njupt.edu.cn; 3307387236@qq.com
|
| Abstract: To address the problems of insufficient feature extraction and noise in log data, this paper proposes a log anomaly detection method based on Gate Recurrent Unit (GRU). This method utilizes BERT (Bidirectional Encoder Representations from Transformers) to extract the semantic features of logs, followed by event inverse frequency weighting to optimize these features. A model based on attention mechanisms and GRU is adopted for log anomaly detection, which can reduce the impact of log noise on the detection results. Results of experiments on two real datasets show that the average F1 value of the proposed model in the anomaly detection task reaches 0.98, which is 3.36% and 11.0% higher than the baseline method DeepLog(Deep Log Anomaly Detection) respectively. |
| Keywords: log anomaly detection; GRU; attention mechanism; bidirectional encoder semantic representation |
