Open Access iconOpen Access

ARTICLE

crossmark

LogUAD: Log Unsupervised Anomaly Detection Based on Word2Vec

by Jin Wang1, Changqing Zhao1, Shiming He1,*, Yu Gu2, Osama Alfarraj3, Ahed Abugabah4

1 School of Computer and Communication Engineering, Changsha University of Science & Technology, Changsha, 410114, China
2 Department of Chemistry, Institute of Inorganic and Analytical Chemistry, Goethe-University, Frankfurt, 60438, Germany
3 Computer Science Department, Community College, King Saud University, Riyadh, 11437, Saudi Arabia
4 Zayed University, CTI, Abu Dhabi, 144534, United Arab Emirates

* Corresponding Author: Shiming He. Email: email

Computer Systems Science and Engineering 2022, 41(3), 1207-1222. https://doi.org/10.32604/csse.2022.022365

Abstract

System logs record detailed information about system operation and are important for analyzing the system's operational status and performance. Rapid and accurate detection of system anomalies is of great significance to ensure system stability. However, large-scale distributed systems are becoming more and more complex, and the number of system logs gradually increases, which brings challenges to analyze system logs. Some recent studies show that logs can be unstable due to the evolution of log statements and noise introduced by log collection and parsing. Moreover, deep learning-based detection methods take a long time to train models. Therefore, to reduce the computational cost and avoid log instability we propose a new Word2Vec-based log unsupervised anomaly detection method (LogUAD). LogUAD does not require a log parsing step and takes original log messages as input to avoid the noise. LogUAD uses Word2Vec to generate word vectors and generates weighted log sequence feature vectors with TF-IDF to handle the evolution of log statements. At last, a computationally efficient unsupervised clustering is exploited to detect the anomaly. We conducted extensive experiments on the public dataset from Blue Gene/L (BGL). Experimental results show that the F1-score of LogUAD can be improved by 67.25% compared to LogCluster.

Keywords


Cite This Article

APA Style
Wang, J., Zhao, C., He, S., Gu, Y., Alfarraj, O. et al. (2022). Loguad: log unsupervised anomaly detection based on word2vec. Computer Systems Science and Engineering, 41(3), 1207-1222. https://doi.org/10.32604/csse.2022.022365
Vancouver Style
Wang J, Zhao C, He S, Gu Y, Alfarraj O, Abugabah A. Loguad: log unsupervised anomaly detection based on word2vec. Comput Syst Sci Eng. 2022;41(3):1207-1222 https://doi.org/10.32604/csse.2022.022365
IEEE Style
J. Wang, C. Zhao, S. He, Y. Gu, O. Alfarraj, and A. Abugabah, “LogUAD: Log Unsupervised Anomaly Detection Based on Word2Vec,” Comput. Syst. Sci. Eng., vol. 41, no. 3, pp. 1207-1222, 2022. https://doi.org/10.32604/csse.2022.022365

Citations




cc Copyright © 2022 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 3369

    View

  • 1858

    Download

  • 2

    Like

Share Link