On Improving Deep Learning Trace Analysis with System Call Arguments
- URL: http://arxiv.org/abs/2103.06915v1
- Date: Thu, 11 Mar 2021 19:26:34 GMT
- Title: On Improving Deep Learning Trace Analysis with System Call Arguments
- Authors: Quentin Fournier, Daniel Aloise, Seyed Vahid Azhari, and Fran\c{c}ois
Tetreault
- Abstract summary: Kernel traces are sequences of low-level events comprising a name and multiple arguments.
We introduce a general approach to learning a representation of the event names along with their arguments using both embedding and encoding.
- Score: 1.3299507495084417
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Kernel traces are sequences of low-level events comprising a name and
multiple arguments, including a timestamp, a process id, and a return value,
depending on the event. Their analysis helps uncover intrusions, identify bugs,
and find latency causes. However, their effectiveness is hindered by omitting
the event arguments. To remedy this limitation, we introduce a general approach
to learning a representation of the event names along with their arguments
using both embedding and encoding. The proposed method is readily applicable to
most neural networks and is task-agnostic. The benefit is quantified by
conducting an ablation study on three groups of arguments: call-related,
process-related, and time-related. Experiments were conducted on a novel web
request dataset and validated on a second dataset collected on pre-production
servers by Ciena, our partnering company. By leveraging additional information,
we were able to increase the performance of two widely-used neural networks, an
LSTM and a Transformer, by up to 11.3% on two unsupervised language modelling
tasks. Such tasks may be used to detect anomalies, pre-train neural networks to
improve their performance, and extract a contextual representation of the
events.
Related papers
- Feature Selection for Network Intrusion Detection [3.7414804164475983]
We present a novel information-theoretic method that facilitates the exclusion of non-informative features when detecting network intrusions.
The proposed method is based on function approximation using a neural network, which enables a version of our approach that incorporates a recurrent layer.
arXiv Detail & Related papers (2024-11-18T14:25:55Z) - Predicting Infant Brain Connectivity with Federated Multi-Trajectory
GNNs using Scarce Data [54.55126643084341]
Existing deep learning solutions suffer from three major limitations.
We introduce FedGmTE-Net++, a federated graph-based multi-trajectory evolution network.
Using the power of federation, we aggregate local learnings among diverse hospitals with limited datasets.
arXiv Detail & Related papers (2024-01-01T10:20:01Z) - Deception Detection from Linguistic and Physiological Data Streams Using Bimodal Convolutional Neural Networks [19.639533220155965]
This paper explores the application of convolutional neural networks for the purpose of multimodal deception detection.
We use a dataset built by interviewing 104 subjects about two topics, with one truthful and one falsified response from each subject about each topic.
arXiv Detail & Related papers (2023-11-18T02:44:33Z) - Provable Multi-Task Representation Learning by Two-Layer ReLU Neural Networks [69.38572074372392]
We present the first results proving that feature learning occurs during training with a nonlinear model on multiple tasks.
Our key insight is that multi-task pretraining induces a pseudo-contrastive loss that favors representations that align points that typically have the same label across tasks.
arXiv Detail & Related papers (2023-07-13T16:39:08Z) - Spatial-Temporal Graph Enhanced DETR Towards Multi-Frame 3D Object Detection [54.041049052843604]
We present STEMD, a novel end-to-end framework that enhances the DETR-like paradigm for multi-frame 3D object detection.
First, to model the inter-object spatial interaction and complex temporal dependencies, we introduce the spatial-temporal graph attention network.
Finally, it poses a challenge for the network to distinguish between the positive query and other highly similar queries that are not the best match.
arXiv Detail & Related papers (2023-07-01T13:53:14Z) - Learning to Learn with Generative Models of Neural Network Checkpoints [71.06722933442956]
We construct a dataset of neural network checkpoints and train a generative model on the parameters.
We find that our approach successfully generates parameters for a wide range of loss prompts.
We apply our method to different neural network architectures and tasks in supervised and reinforcement learning.
arXiv Detail & Related papers (2022-09-26T17:59:58Z) - Convolutional generative adversarial imputation networks for
spatio-temporal missing data in storm surge simulations [86.5302150777089]
Generative Adversarial Imputation Nets (GANs) and GAN-based techniques have attracted attention as unsupervised machine learning methods.
We name our proposed method as Con Conval Generative Adversarial Imputation Nets (Conv-GAIN)
arXiv Detail & Related papers (2021-11-03T03:50:48Z) - Learning Constraints and Descriptive Segmentation for Subevent Detection [74.48201657623218]
We propose an approach to learning and enforcing constraints that capture dependencies between subevent detection and EventSeg prediction.
We adopt Rectifier Networks for constraint learning and then convert the learned constraints to a regularization term in the loss function of the neural model.
arXiv Detail & Related papers (2021-09-13T20:50:37Z) - Total Recall: a Customized Continual Learning Method for Neural Semantic
Parsers [38.035925090154024]
A neural semantic learns tasks sequentially without accessing full training data from previous tasks.
We propose TotalRecall, a continual learning method designed for neural semantics from two aspects.
We demonstrate that a neural semantic trained with TotalRecall achieves superior performance than the one trained directly with the SOTA continual learning algorithms and achieve a 3-6 times speedup compared to re-training from scratch.
arXiv Detail & Related papers (2021-09-11T04:33:28Z) - Leveraging Multi-domain, Heterogeneous Data using Deep Multitask
Learning for Hate Speech Detection [21.410160004193916]
We propose a Convolution Neural Network based multi-task learning models (MTLs)footnotecode to leverage information from multiple sources.
Empirical analysis performed on three benchmark datasets shows the efficacy of the proposed approach.
arXiv Detail & Related papers (2021-03-23T09:31:01Z) - Joint Event Extraction along Shortest Dependency Paths using Graph
Convolutional Networks [18.983377030545128]
Event extraction may be beneficial to several domains such as knowledge bases, question answering, information retrieval and summarization.
The problem of extracting event information from texts is longstanding and usually relies on elaborately designed lexical and syntactic features.
We propose a novel joint event extraction framework that aims to extract multiple event triggers and arguments simultaneously.
arXiv Detail & Related papers (2020-03-19T07:48:38Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.