Lingzhe Zhang, Tong Jia, Kangjin Wang, Mengxi Jia, Yang Yong, Ying Li
{"title":"减少事件以增强基于日志的异常检测模型:实证研究","authors":"Lingzhe Zhang, Tong Jia, Kangjin Wang, Mengxi Jia, Yang Yong, Ying Li","doi":"arxiv-2409.04834","DOIUrl":null,"url":null,"abstract":"As software systems grow increasingly intricate, the precise detection of\nanomalies have become both essential and challenging. Current log-based anomaly\ndetection methods depend heavily on vast amounts of log data leading to\ninefficient inference and potential misguidance by noise logs. However, the\nquantitative effects of log reduction on the effectiveness of anomaly detection\nremain unexplored. Therefore, we first conduct a comprehensive study on six\ndistinct models spanning three datasets. Through the study, the impact of log\nquantity and their effectiveness in representing anomalies is qualifies,\nuncovering three distinctive log event types that differently influence model\nperformance. Drawing from these insights, we propose LogCleaner: an efficient\nmethodology for the automatic reduction of log events in the context of anomaly\ndetection. Serving as middleware between software systems and models,\nLogCleaner continuously updates and filters anti-events and duplicative-events\nin the raw generated logs. Experimental outcomes highlight LogCleaner's\ncapability to reduce over 70% of log events in anomaly detection, accelerating\nthe model's inference speed by approximately 300%, and universally improving\nthe performance of models for anomaly detection.","PeriodicalId":501278,"journal":{"name":"arXiv - CS - Software Engineering","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2024-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Reducing Events to Augment Log-based Anomaly Detection Models: An Empirical Study\",\"authors\":\"Lingzhe Zhang, Tong Jia, Kangjin Wang, Mengxi Jia, Yang Yong, Ying Li\",\"doi\":\"arxiv-2409.04834\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As software systems grow increasingly intricate, the precise detection of\\nanomalies have become both essential and challenging. Current log-based anomaly\\ndetection methods depend heavily on vast amounts of log data leading to\\ninefficient inference and potential misguidance by noise logs. However, the\\nquantitative effects of log reduction on the effectiveness of anomaly detection\\nremain unexplored. Therefore, we first conduct a comprehensive study on six\\ndistinct models spanning three datasets. Through the study, the impact of log\\nquantity and their effectiveness in representing anomalies is qualifies,\\nuncovering three distinctive log event types that differently influence model\\nperformance. Drawing from these insights, we propose LogCleaner: an efficient\\nmethodology for the automatic reduction of log events in the context of anomaly\\ndetection. Serving as middleware between software systems and models,\\nLogCleaner continuously updates and filters anti-events and duplicative-events\\nin the raw generated logs. Experimental outcomes highlight LogCleaner's\\ncapability to reduce over 70% of log events in anomaly detection, accelerating\\nthe model's inference speed by approximately 300%, and universally improving\\nthe performance of models for anomaly detection.\",\"PeriodicalId\":501278,\"journal\":{\"name\":\"arXiv - CS - Software Engineering\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-09-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"arXiv - CS - Software Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/arxiv-2409.04834\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Software Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.04834","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Reducing Events to Augment Log-based Anomaly Detection Models: An Empirical Study
As software systems grow increasingly intricate, the precise detection of
anomalies have become both essential and challenging. Current log-based anomaly
detection methods depend heavily on vast amounts of log data leading to
inefficient inference and potential misguidance by noise logs. However, the
quantitative effects of log reduction on the effectiveness of anomaly detection
remain unexplored. Therefore, we first conduct a comprehensive study on six
distinct models spanning three datasets. Through the study, the impact of log
quantity and their effectiveness in representing anomalies is qualifies,
uncovering three distinctive log event types that differently influence model
performance. Drawing from these insights, we propose LogCleaner: an efficient
methodology for the automatic reduction of log events in the context of anomaly
detection. Serving as middleware between software systems and models,
LogCleaner continuously updates and filters anti-events and duplicative-events
in the raw generated logs. Experimental outcomes highlight LogCleaner's
capability to reduce over 70% of log events in anomaly detection, accelerating
the model's inference speed by approximately 300%, and universally improving
the performance of models for anomaly detection.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
