On Improving Deep Learning Trace Analysis with System Call Arguments

• URL: http://arxiv.org/abs/2103.06915v1
• Date: Thu, 11 Mar 2021 19:26:34 GMT
• Title: On Improving Deep Learning Trace Analysis with System Call Arguments
• Authors: Quentin Fournier, Daniel Aloise, Seyed Vahid Azhari, and Fran\c{c}ois Tetreault
• Abstract summary: Kernel traces are sequences of low-level events comprising a name and multiple arguments. We introduce a general approach to learning a representation of the event names along with their arguments using both embedding and encoding.
• Score: 1.3299507495084417
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Kernel traces are sequences of low-level events comprising a name and multiple arguments, including a timestamp, a process id, and a return value, depending on the event. Their analysis helps uncover intrusions, identify bugs, and find latency causes. However, their effectiveness is hindered by omitting the event arguments. To remedy this limitation, we introduce a general approach to learning a representation of the event names along with their arguments using both embedding and encoding. The proposed method is readily applicable to most neural networks and is task-agnostic. The benefit is quantified by conducting an ablation study on three groups of arguments: call-related, process-related, and time-related. Experiments were conducted on a novel web request dataset and validated on a second dataset collected on pre-production servers by Ciena, our partnering company. By leveraging additional information, we were able to increase the performance of two widely-used neural networks, an LSTM and a Transformer, by up to 11.3% on two unsupervised language modelling tasks. Such tasks may be used to detect anomalies, pre-train neural networks to improve their performance, and extract a contextual representation of the events.

Related papers

• Predicting Infant Brain Connectivity with Federated Multi-Trajectory GNNs using Scarce Data [54.55126643084341]
  Existing deep learning solutions suffer from three major limitations. We introduce FedGmTE-Net++, a federated graph-based multi-trajectory evolution network. Using the power of federation, we aggregate local learnings among diverse hospitals with limited datasets.
  arXiv  Detail & Related papers  (2024-01-01T10:20:01Z)
• Deception Detection from Linguistic and Physiological Data Streams Using Bimodal Convolutional Neural Networks [19.639533220155965]
  This paper explores the application of convolutional neural networks for the purpose of multimodal deception detection. We use a dataset built by interviewing 104 subjects about two topics, with one truthful and one falsified response from each subject about each topic.
  arXiv  Detail & Related papers  (2023-11-18T02:44:33Z)
• Provable Multi-Task Representation Learning by Two-Layer ReLU Neural Networks [69.38572074372392]
  We present the first results proving that feature learning occurs during training with a nonlinear model on multiple tasks. Our key insight is that multi-task pretraining induces a pseudo-contrastive loss that favors representations that align points that typically have the same label across tasks.
  arXiv  Detail & Related papers  (2023-07-13T16:39:08Z)
• Spatial-Temporal Graph Enhanced DETR Towards Multi-Frame 3D Object Detection [54.041049052843604]
  We present STEMD, a novel end-to-end framework that enhances the DETR-like paradigm for multi-frame 3D object detection. First, to model the inter-object spatial interaction and complex temporal dependencies, we introduce the spatial-temporal graph attention network. Finally, it poses a challenge for the network to distinguish between the positive query and other highly similar queries that are not the best match.
  arXiv  Detail & Related papers  (2023-07-01T13:53:14Z)
• Learning to Learn with Generative Models of Neural Network Checkpoints [71.06722933442956]
  We construct a dataset of neural network checkpoints and train a generative model on the parameters. We find that our approach successfully generates parameters for a wide range of loss prompts. We apply our method to different neural network architectures and tasks in supervised and reinforcement learning.
  arXiv  Detail & Related papers  (2022-09-26T17:59:58Z)
• Dissecting U-net for Seismic Application: An In-Depth Study on Deep Learning Multiple Removal [3.058685580689605]
  Seismic processing often requires suppressing multiples that appear when collecting data. We present a deep learning-based alternative that provides competitive results, while reducing its usage's complexity.
  arXiv  Detail & Related papers  (2022-06-24T07:16:27Z)
• Convolutional generative adversarial imputation networks for spatio-temporal missing data in storm surge simulations [86.5302150777089]
  Generative Adversarial Imputation Nets (GANs) and GAN-based techniques have attracted attention as unsupervised machine learning methods. We name our proposed method as Con Conval Generative Adversarial Imputation Nets (Conv-GAIN)
  arXiv  Detail & Related papers  (2021-11-03T03:50:48Z)
• Learning Constraints and Descriptive Segmentation for Subevent Detection [74.48201657623218]
  We propose an approach to learning and enforcing constraints that capture dependencies between subevent detection and EventSeg prediction. We adopt Rectifier Networks for constraint learning and then convert the learned constraints to a regularization term in the loss function of the neural model.
  arXiv  Detail & Related papers  (2021-09-13T20:50:37Z)
• Total Recall: a Customized Continual Learning Method for Neural Semantic Parsers [38.035925090154024]
  A neural semantic learns tasks sequentially without accessing full training data from previous tasks. We propose TotalRecall, a continual learning method designed for neural semantics from two aspects. We demonstrate that a neural semantic trained with TotalRecall achieves superior performance than the one trained directly with the SOTA continual learning algorithms and achieve a 3-6 times speedup compared to re-training from scratch.
  arXiv  Detail & Related papers  (2021-09-11T04:33:28Z)
• Leveraging Multi-domain, Heterogeneous Data using Deep Multitask Learning for Hate Speech Detection [21.410160004193916]
  We propose a Convolution Neural Network based multi-task learning models (MTLs)footnotecode to leverage information from multiple sources. Empirical analysis performed on three benchmark datasets shows the efficacy of the proposed approach.
  arXiv  Detail & Related papers  (2021-03-23T09:31:01Z)
• Joint Event Extraction along Shortest Dependency Paths using Graph Convolutional Networks [18.983377030545128]
  Event extraction may be beneficial to several domains such as knowledge bases, question answering, information retrieval and summarization. The problem of extracting event information from texts is longstanding and usually relies on elaborately designed lexical and syntactic features. We propose a novel joint event extraction framework that aims to extract multiple event triggers and arguments simultaneously.
  arXiv  Detail & Related papers  (2020-03-19T07:48:38Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.