[1]任明,宋云奎.基于深度学习的云计算系统异常检测方法[J].计算机技术与发展,2019,29(05):54-57.[doi:10. 3969 / j. issn. 1673-629X. 2019. 05. 011]
 REN Ming,SONG Yun-kui.Anomaly Detection for Cloud Computing Systems Based on Deep Learning[J].,2019,29(05):54-57.[doi:10. 3969 / j. issn. 1673-629X. 2019. 05. 011]
点击复制

基于深度学习的云计算系统异常检测方法()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
29
期数:
2019年05期
页码:
54-57
栏目:
智能、算法、系统工程
出版日期:
2019-05-10

文章信息/Info

Title:
Anomaly Detection for Cloud Computing Systems Based on Deep Learning
文章编号:
1673-629X(2019)05-0054-04
作者:
任明1宋云奎2
1. 中国银联股份有限公司,上海 201201;2. 中国科学院软件研究所,北京 100190
Author(s):
REN Ming1SONG Yun-kui2
1. China UnionPay Co. ,Ltd. ,Shanghai 201201,China;2. Institute of Software,Chinese Academy of Sciences,Beijing 100190,China
关键词:
异常检测日志分析文本挖掘递归神经网络云计算
Keywords:
anomaly detectionlog analysistext miningrecurrent neural networkcloud computing
分类号:
TP301
DOI:
10. 3969 / j. issn. 1673-629X. 2019. 05. 011
摘要:
在云计算服务中,异常检测是防止意外系统停机,并确保终端用户服务可靠性的关键技术。 虽然操作控制台日志记录了云计算系统的运行时状态信息,但现有的云计算系统管理技术主要在出现问题后分析原因,而不能提前检测异常。因此,文中提出了一种基于深度学习的云计算系统异常检测方法。 首先,提取日志模式,使用聚类将相似格式和内容的日志聚集为模式组;然后,将每个模式作为单词,将离散模式集作为文档,从而降低日志维度,得到低维度特征空间;最后,使用递归神经网络,即长短时记忆,处理训练过程中标记数据的“稀缺性冶,捕获跨序列的依赖性,获得系统状态的鲁棒异常信号。 使用 Web 系统日志进行实验的结果表明,与现有方法比较在检测复杂异常时具有更高的检测准确性。
Abstract:
In cloud computing services,anomaly detection is a key technology to avoid system outages and guarantee the service reliability of end users. Although operating consoles record the runtime status of cloud computing systems, existing management technologies locating the root causes of occurred faults cannot detect anomalies in advance. Therefore,we propose a deep learning-based anomaly detection approach for cloud computing systems. First,we cluster logs to groups according to the format and content of logs,and then extract execution patterns from the clusters. Second,we regard a pattern as a word and a pattern set as a set to lower the dimensionality of features in logs. Third,we use a recurrent neural network to address the sparsity of labelled data instances and the dependencies between series,and then define robust anomaly signatures and detect anomalies. We use the logs of a web system to validate the proposed approach,and the experimental results demonstrate that this approach has higher precision than existing ones in detecting complex anomalies.

相似文献/References:

[1]高峥 陈蜀宇 李国勇.混合入侵检测系统的研究[J].计算机技术与发展,2010,(06):148.
 GAO Zheng,CHEN Shu-yu,LI Guo-yong.Research of a Hybrid Intrusion Detection System[J].,2010,(05):148.
[2]李睿 肖维民.基于孤立点挖掘的异常检测研究[J].计算机技术与发展,2009,(06):168.
 LI Rui,XIAO Wei-min.Research on Anomaly Intrusion Detection Based on Outlier Mining[J].,2009,(05):168.
[3]汪慧敏.基于改进负选择算法的异常检测[J].计算机技术与发展,2009,(08):41.
 WANG Hui-min.Anomaly Detection Using Modified Negative Selection Algorithm[J].,2009,(05):41.
[4]赵辉 张鹏.网络异常的主动检测与特征分析[J].计算机技术与发展,2009,(08):159.
 ZHAO Hui,ZHANG Peng.Active Detection and Feature Analysis About Network Anomaly[J].,2009,(05):159.
[5]陈丹伟 黄秀丽 任勋益.基于人工神经网络入侵检测模型的探讨[J].计算机技术与发展,2009,(12):143.
 CHEN Dan-wei,HUANG Xiu-li,REN Xun-yi.An Approach to IDS Model Based on Artificial Neuron Network[J].,2009,(05):143.
[6]柏海滨 李俊.基于支持向量机的入侵检测系统的研究[J].计算机技术与发展,2008,(04):137.
 BAI Hai-bin,LI Jun.Research of Intrusion Detection System Based on Support Vector Machine[J].,2008,(05):137.
[7]宋连涛 庄卫华.基于异常的入侵检测技术在Snort系统中的应用[J].计算机技术与发展,2006,(06):136.
 SONG Lian-tao,ZHUANG Wei-hua.Application of Anomaly Detection Technology in Snort System[J].,2006,(05):136.
[8]阳小兰 钱程 赵海廷.Web日志分析系统研究[J].计算机技术与发展,2011,(09):211.
 YANG Xiao-lan,QIAN Cheng,ZHAO Hai-ting.Research on Web Log Analysis System[J].,2011,(05):211.
[9]陈平 宋玉蓉 蒋国平.基于多维聚类挖掘的异常检测方法研究[J].计算机技术与发展,2012,(07):136.
 CHEN Ping,SONG Yu-rong,JIANG Guo-ping.Multidimensional Clustering Based Anomaly Detection Research[J].,2012,(05):136.
[10]崔锡鑫,苏伟,刘颖.基于熵的流量分析和异常检测技术研究与实现[J].计算机技术与发展,2013,(05):120.
 CUI Xi-xin,SU Wei,LIU Ying.Research and Implementation of Traffic Analysis and Anomaly Detection Technology Based on Entropy[J].,2013,(05):120.

更新日期/Last Update: 2019-05-10