Detecting Anomalous Events on Distributed Systems Using Convolutional Neural Networks

2019 IEEE 10th International Conference on Awareness Science and Technology (iCAST) Pub Date : 2019-10-01 DOI:10.1109/ICAwST.2019.8923357

Purimpat Cheansunan, P. Phunchongharn

{"title":"Detecting Anomalous Events on Distributed Systems Using Convolutional Neural Networks","authors":"Purimpat Cheansunan, P. Phunchongharn","doi":"10.1109/ICAwST.2019.8923357","DOIUrl":null,"url":null,"abstract":"Detection of anomalous events is very crucial for the maintenance and performance tuning in long-running distributed systems. System logs contain the complete information of system operation that can be used for describing the situations of the computing nodes. However, log messages are unstructured and difficult to utilize. In this work, we propose a novel anomaly detection framework in a Hadoop Distributed File System (HDFS) that transforms the log messages to structured data and automatically monitors the system operation logs using Convolutional Neural Networks (CNN). We evaluate the performance of anomaly detection in terms of precision, recall, and f-measure. The proposed framework can provide with precision = 94.76 ± 0.81%, recall = 99.53 ± 0.23%, and f-measure = 97.09 ± 0.49%. To apply the proposed framework in the practical application, we also concern about the training time and prediction productivity. From our experimental results, our proposed framework outperforms the existing models (i.e., LSTM and Bi-LSTM) with higher recall, lower training time, and higher prediction productivity.","PeriodicalId":156538,"journal":{"name":"2019 IEEE 10th International Conference on Awareness Science and Technology (iCAST)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE 10th International Conference on Awareness Science and Technology (iCAST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICAwST.2019.8923357","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

Detection of anomalous events is very crucial for the maintenance and performance tuning in long-running distributed systems. System logs contain the complete information of system operation that can be used for describing the situations of the computing nodes. However, log messages are unstructured and difficult to utilize. In this work, we propose a novel anomaly detection framework in a Hadoop Distributed File System (HDFS) that transforms the log messages to structured data and automatically monitors the system operation logs using Convolutional Neural Networks (CNN). We evaluate the performance of anomaly detection in terms of precision, recall, and f-measure. The proposed framework can provide with precision = 94.76 ± 0.81%, recall = 99.53 ± 0.23%, and f-measure = 97.09 ± 0.49%. To apply the proposed framework in the practical application, we also concern about the training time and prediction productivity. From our experimental results, our proposed framework outperforms the existing models (i.e., LSTM and Bi-LSTM) with higher recall, lower training time, and higher prediction productivity.

查看原文本刊更多论文

基于卷积神经网络的分布式系统异常事件检测

异常事件的检测对于长时间运行的分布式系统的维护和性能调优至关重要。系统日志记录了系统操作的完整信息，可用于描述计算节点的运行状况。然而，日志消息是非结构化的，难以利用。在这项工作中，我们在Hadoop分布式文件系统(HDFS)中提出了一种新的异常检测框架，该框架将日志消息转换为结构化数据，并使用卷积神经网络(CNN)自动监控系统操作日志。我们从精度、召回率和f-measure三个方面来评估异常检测的性能。该框架的准确率为94.76±0.81%，召回率为99.53±0.23%，f-measure值为97.09±0.49%。为了将所提出的框架应用于实际应用，我们还关注了训练时间和预测生产率。从实验结果来看，我们提出的框架优于现有的LSTM和Bi-LSTM模型，具有更高的召回率、更低的训练时间和更高的预测效率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2019 IEEE 10th International Conference on Awareness Science and Technology (iCAST)

自引率

0.00%

发文量