GenGLAD: a Generated Graph Based Log Anomaly Detection Framework

Haolei Wang; Yong Chen; Chao Zhang; Jian Li; Chun Gan; Yinxian Zhang; Xiao Chen

Download PDF Open PDF in browser

GenGLAD: a Generated Graph Based Log Anomaly Detection Framework

EasyChair Preprint no. 9842

12 pages•Date: March 7, 2023

Haolei Wang, Yong Chen, Chao Zhang, Jian Li, Chun Gan, Yinxian Zhang and Xiao Chen

Abstract

Information systems record the current states and the access records in logs, so logs become the data basis for detecting anomalies of system security. To realize log anomaly detection, frameworks based on text, sequence, and graph are applied. However, the existing frameworks could not extract the complex associations in logs, which leads to low accuracy. To meet the requirements of the hyperautomation framework for log analysis, this paper proposes GenGLAD, a generated graph based log anomaly detection framework. The generated graph is used to express the log associations, and the node embedding of the generated graph is obtained based on random walk and word2vec. Finally, we use clustering to realize unsupervised anomaly detection. Experiments verify the detection effect of GenGLAD. Compared with the existing detection frameworks, GenGLAD achieves the highest accuracy and improves the comprehensive detection effect.

Keyphrases: graph learning, Hyperautomation, Log anomaly detection

Links:

https://easychair.org/publications/preprint/T6d4

BibTeX entry

BibTeX does not have the right entry for preprints. This is a hack for producing the correct reference:

@Booklet{EasyChair:9842,
  author = {Haolei Wang and Yong Chen and Chao Zhang and Jian Li and Chun Gan and Yinxian Zhang and Xiao Chen},
  title = {GenGLAD: a Generated Graph Based Log Anomaly Detection Framework},
  howpublished = {EasyChair Preprint no. 9842},

  year = {EasyChair, 2023}}

Download PDF Open PDF in browser