AI based Log Analyser: A Practical Approach
- URL: http://arxiv.org/abs/2203.10960v2
- Date: Thu, 20 Apr 2023 05:45:42 GMT
- Title: AI based Log Analyser: A Practical Approach
- Authors: Jonathan Pan
- Abstract summary: The analysis of logs is a vital activity undertaken for fault or cyber forensics incident detection, investigation and technical analysis for system and cyber resilience.
The potential application of AI algorithms for Log analysis could augment such complex and laborious tasks.
This research seeks to address these challenges with the use of Transformer construct to train a new model with only normal log entries.
- Score: 0.0
- License: http://creativecommons.org/licenses/by-nc-sa/4.0/
- Abstract: The analysis of logs is a vital activity undertaken for fault or cyber
incident detection, investigation and technical forensics analysis for system
and cyber resilience. The potential application of AI algorithms for Log
analysis could augment such complex and laborious tasks. However, such solution
has its constraints the heterogeneity of log sources and limited to no labels
for training a classifier. When such labels become available, the need for the
classifier to be updated. This practice-based research seeks to address these
challenges with the use of Transformer construct to train a new model with only
normal log entries. Log augmentation through multiple forms of perturbation is
applied as a form of self-supervised training for feature learning. The model
is further finetuned using a form of reinforcement learning with a limited set
of label samples to mimic real-world situation with the availability of labels.
The experimental results of our model construct show promise with comparative
evaluation measurements paving the way for future practical applications.
Related papers
- Geospatial Trajectory Generation via Efficient Abduction: Deployment for Independent Testing [1.8877926393541125]
We show that we can abduce movement trajectories efficiently through an informed (i.e., A*) search.
We also report on our own experiments showing that we not only provide exact results but also scale to very large scenarios.
arXiv Detail & Related papers (2024-07-08T23:11:47Z) - RAGLog: Log Anomaly Detection using Retrieval Augmented Generation [0.0]
We explore the use of a Retrieval Augmented Large Language Model that leverages a vector database to detect anomalies from logs.
To the best of our knowledge, our experiment which we called RAGLog is a novel one and the experimental results show much promise.
arXiv Detail & Related papers (2023-11-09T10:40:04Z) - Enhancing Multiple Reliability Measures via Nuisance-extended
Information Bottleneck [77.37409441129995]
In practical scenarios where training data is limited, many predictive signals in the data can be rather from some biases in data acquisition.
We consider an adversarial threat model under a mutual information constraint to cover a wider class of perturbations in training.
We propose an autoencoder-based training to implement the objective, as well as practical encoder designs to facilitate the proposed hybrid discriminative-generative training.
arXiv Detail & Related papers (2023-03-24T16:03:21Z) - Leveraging Log Instructions in Log-based Anomaly Detection [0.5949779668853554]
We propose a method for reliable and practical anomaly detection from system logs.
It overcomes the common disadvantage of related works by building an anomaly detection model with log instructions from the source code of 1000+ GitHub projects.
The proposed method, named ADLILog, combines the log instructions and the data from the system of interest (target system) to learn a deep neural network model.
arXiv Detail & Related papers (2022-07-07T10:22:10Z) - Process Discovery Using Graph Neural Networks [2.6381163133447836]
We introduce a technique for training an ML-based model D using graphal neural networks.
D translates a given input event log into a sound Petri net.
We show that training D on synthetically generated pairs of input logs and output models allows D to translate previously unseen synthetic and several real-life event logs into sound.
arXiv Detail & Related papers (2021-09-13T10:04:34Z) - Gone Fishing: Neural Active Learning with Fisher Embeddings [55.08537975896764]
There is an increasing need for active learning algorithms that are compatible with deep neural networks.
This article introduces BAIT, a practical representation of tractable, and high-performing active learning algorithm for neural networks.
arXiv Detail & Related papers (2021-06-17T17:26:31Z) - Goal-directed Generation of Discrete Structures with Conditional
Generative Models [85.51463588099556]
We introduce a novel approach to directly optimize a reinforcement learning objective, maximizing an expected reward.
We test our methodology on two tasks: generating molecules with user-defined properties and identifying short python expressions which evaluate to a given target value.
arXiv Detail & Related papers (2020-10-05T20:03:13Z) - Self-Attentive Classification-Based Anomaly Detection in Unstructured
Logs [59.04636530383049]
We propose Logsy, a classification-based method to learn log representations.
We show an average improvement of 0.25 in the F1 score, compared to the previous methods.
arXiv Detail & Related papers (2020-08-21T07:26:55Z) - Belief Propagation Reloaded: Learning BP-Layers for Labeling Problems [83.98774574197613]
We take one of the simplest inference methods, a truncated max-product Belief propagation, and add what is necessary to make it a proper component of a deep learning model.
This BP-Layer can be used as the final or an intermediate block in convolutional neural networks (CNNs)
The model is applicable to a range of dense prediction problems, is well-trainable and provides parameter-efficient and robust solutions in stereo, optical flow and semantic segmentation.
arXiv Detail & Related papers (2020-03-13T13:11:35Z) - Progressive Identification of True Labels for Partial-Label Learning [112.94467491335611]
Partial-label learning (PLL) is a typical weakly supervised learning problem, where each training instance is equipped with a set of candidate labels among which only one is the true label.
Most existing methods elaborately designed as constrained optimizations that must be solved in specific manners, making their computational complexity a bottleneck for scaling up to big data.
This paper proposes a novel framework of classifier with flexibility on the model and optimization algorithm.
arXiv Detail & Related papers (2020-02-19T08:35:15Z) - Machine Learning to Tackle the Challenges of Transient and Soft Errors
in Complex Circuits [0.16311150636417257]
Machine learning models are used to predict accurate per-instance Functional De-Rating data for the full list of circuit instances.
The presented methodology is applied on a practical example and various machine learning models are evaluated and compared.
arXiv Detail & Related papers (2020-02-18T18:38:54Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.