Detecting anomalous events in online computer systems is crucial to protect the systems from malicious attacks or malfunctions. System logs, which record detailed information of computational events, are widely used for system status analysis. In this paper, we propose LogBERT, a self-supervised framework for log anomaly detection based on Bidirectional Encoder Representations from Transformers (BERT). LogBERT learns the patterns of normal log sequences by two novel self-supervised training tasks and is able to detect anomalies where the underlying patterns deviate from normal log sequences. The experimental results on three log datasets show that LogBERT outperforms state-of-the-art approaches for anomaly detection.
翻译:在线计算机系统中的异常事件检测对于保护系统不受恶意攻击或故障影响至关重要。记录计算事件详细信息的系统日志被广泛用于系统状态分析。在本文中,我们提议LogBERT(一个基于来自变换器的双向编码器表示法的日志异常检测自监督框架),LogBERT通过两项新的自我监督培训任务了解正常日志序列的模式,并能够发现与正常日志序列不同的基本模式偏差的异常。三个日志数据集的实验结果表明,LogBERT(LogBERT)超越了异常检测的最新方法。
相关内容
微信扫码咨询专知VIP会员