Anomaly Transformer Ensemble Model for Cloud Data Anomaly Detection

IF 5.3 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Cloud Computing Pub Date : 2024-09-23 DOI:10.1109/TCC.2024.3466174

Won Sakong;Jongyeop Kwon;Kyungha Min;Suyeon Wang;Wooju Kim

{"title":"Anomaly Transformer Ensemble Model for Cloud Data Anomaly Detection","authors":"Won Sakong;Jongyeop Kwon;Kyungha Min;Suyeon Wang;Wooju Kim","doi":"10.1109/TCC.2024.3466174","DOIUrl":null,"url":null,"abstract":"The stability and user trust in cloud services depends on prompt detection and response to diverse anomalies. This study focuses on an Ensemble-based anomaly detection methodology that integrates log data with computing resource metrics, aiming to overcome the limitations of traditional single-data models. To process the unstructured nature of log data, we use the Drain Parser to transform it into a structured format, and Doc2Vec embeds it. The study adheres to a reconstruction-based approach for anomaly detection, specifically building upon the Anomaly Transformer model. The proposed model leverages the concept of an Anomaly Transformer based on the Attention mechanism. It integrates preprocessed metric data with log data for effective anomaly detection. Experiments were conducted using metric and log data collected from real-world cloud environments. The model’s performance was evaluated based on accuracy, recall, precision, f1 score, and AUROC. The results demonstrate that our proposed Ensemble-based model outperforms traditional models such as LSTM, VAR, and deeplog.","PeriodicalId":13202,"journal":{"name":"IEEE Transactions on Cloud Computing","volume":"12 4","pages":"1305-1313"},"PeriodicalIF":5.3000,"publicationDate":"2024-09-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Cloud Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10689389/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The stability and user trust in cloud services depends on prompt detection and response to diverse anomalies. This study focuses on an Ensemble-based anomaly detection methodology that integrates log data with computing resource metrics, aiming to overcome the limitations of traditional single-data models. To process the unstructured nature of log data, we use the Drain Parser to transform it into a structured format, and Doc2Vec embeds it. The study adheres to a reconstruction-based approach for anomaly detection, specifically building upon the Anomaly Transformer model. The proposed model leverages the concept of an Anomaly Transformer based on the Attention mechanism. It integrates preprocessed metric data with log data for effective anomaly detection. Experiments were conducted using metric and log data collected from real-world cloud environments. The model’s performance was evaluated based on accuracy, recall, precision, f1 score, and AUROC. The results demonstrate that our proposed Ensemble-based model outperforms traditional models such as LSTM, VAR, and deeplog.

查看原文本刊更多论文

云数据异常检测的异常变压器集成模型

云服务的稳定性和用户信任度取决于对各种异常的及时检测和响应。本研究的重点是基于集成的异常检测方法，该方法将测井数据与计算资源指标相结合，旨在克服传统单一数据模型的局限性。为了处理日志数据的非结构化特性，我们使用Drain Parser将其转换为结构化格式，然后Doc2Vec将其嵌入。该研究坚持基于重构的异常检测方法，特别是建立在异常变压器模型之上。提出的模型利用了基于注意力机制的异常转换器的概念。它将预处理的度量数据与日志数据相结合，有效地进行异常检测。实验使用从真实的云环境中收集的度量和日志数据进行。模型的性能根据准确率、召回率、精度、f1分数和AUROC进行评估。结果表明，我们提出的基于集成的模型优于LSTM、VAR和deeplog等传统模型。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Cloud Computing Computer Science-Software

CiteScore

9.40

自引率

6.20%

发文量

167

期刊介绍： The IEEE Transactions on Cloud Computing (TCC) is dedicated to the multidisciplinary field of cloud computing. It is committed to the publication of articles that present innovative research ideas, application results, and case studies in cloud computing, focusing on key technical issues related to theory, algorithms, systems, applications, and performance.