sBiLSAN: Stacked Bidirectional Self-attention LSTM Network for Anomaly Detection and Diagnosis from System Logs

  title={sBiLSAN: Stacked Bidirectional Self-attention LSTM Network for Anomaly Detection and Diagnosis from System Logs},
  author={Chen You and Qiwen Wang and Chao Sun},
High service availability is crucial for computer systems. Monitoring computing systems has become increasingly difficult as researcher and system analysts face the challenge of analysis a wide range of monitoring information. Thus, the anomaly detection system along with firewalls and intrusion prevention systems are the must-have tools. The primary purpose of a system log is to record system states and significant events for enhanced system reliability. Such system logs are universally… 
MEGAN: Memory Enhanced Graph Attention Network for Space-Time Video Super-Resolution
This work proposes a novel one-stage memory enhanced graph attention network (MEGAN) for space-time video super-resolution and builds a novel long-range memory graph aggregation (LMGA) module to dynamically capture correlations along the channel dimensions of the feature maps and adaptively aggregate channel features to enhance the feature representations.
EMVLight: a Multi-agent Reinforcement Learning Framework for an Emergency Vehicle Decentralized Routing and Traffic Signal Control System
The proposed EMVLight framework addresses the coupling between EMV navigation and traffic signal control via an innovative design of multi-class RL agents and a novel pressure-based reward function that enables EMV light to learn network-level cooperative traf flow signal phasing strategies that not only reduce EMV travel time but also shortens the travel time of non-EMVs.
Momentum Contrastive Voxel-wise Representation Learning for Semi-supervised Volumetric Medical Image Segmentation
A novel Contrastive Voxel-wise Representation Distillation (CVRD) method with geometric constraints to learn global-local visual representations for volumetric medical image segmentation with limited annotations and results on the Atrial Segmentation Challenge dataset demonstrate superiority of the proposed scheme.


Automated IT system failure prediction: A deep learning approach
This work presents a novel system that automatically parses streamed console logs and detects early warning signals for IT system failure prediction using a recurrent neural network, namely, Long Short-Term Memory (LSTM), that is able to capture the long-range dependency across sequences and outperforms traditional supervised learning methods in the application domain.
DeepLog: Anomaly Detection and Diagnosis from System Logs through Deep Learning
DeepLog, a deep neural network model utilizing Long Short-Term Memory (LSTM), is proposed, to model a system log as a natural language sequence, which allows DeepLog to automatically learn log patterns from normal execution, and detect anomalies when log patterns deviate from the model trained from log data under normal execution.
Collective Anomaly Detection Based on Long Short-Term Memory Recurrent Neural Networks
This paper proposes a real time collective anomaly detection model based on neural network learning that is built on a time series version of the KDD 1999 dataset and demonstrates that it is possible to offer reliable and efficient collective anomalies detection.
Long Short Term Memory Networks for Anomaly Detection in Time Series
The efficacy of stacked LSTM networks for anomaly/fault detection in time series on ECG, space shuttle, power demand, and multi-sensor engine dataset is demonstrated.
Robust Deep Learning Methods for Anomaly Detection
The tutorial will revisit well known unsupervised learning techniques in deep learning including autoencoders and generative adversarial networks (GANs) from the perspective of anomaly detection to give the audience a more grounded perspective on un supervised deep learning methods.
Detecting large-scale system problems by mining console logs
This work first parse console logs by combining source code analysis with information retrieval to create composite features, and then analyzes these features using machine learning to detect operational problems to automatically detect system runtime problems.
Robust log-based anomaly detection on unstable log data
The experimental results show that the proposed log-based anomaly detection approach, LogRobust, can well address the problem of log instability and achieve accurate and robust results on real-world, ever-changing log data.
PerfAugur: Robust diagnostics for performance anomalies in cloud services
PerfAugur, an automated system for mining service logs to identify anomalies and help formulate data-driven hypotheses, includes a suite of efficient mining algorithms for detecting significant anomalies in system behavior, along with potential explanations for such anomalies, without the need for an explicit supervision signal.
Beehive: large-scale log analysis for detecting suspicious activity in enterprise networks
A novel system, Beehive, that attacks the problem of automatically mining and extracting knowledge from the dirty log data produced by a wide variety of security products in a large enterprise, and is able to identify malicious events and policy violations which would otherwise go undetected.
Malware classification with recurrent networks
This work proposes a different approach, which, similar to natural language modeling, learns the language of malware spoken through the executed instructions and extracts robust, time domain features.