基于GAT-BiLSTM模型的日志异常检测方法
A Log Anomaly Detection Method Based on GAT-BiLSTM Model
梁华雄 1赵刚 1王兴芬2
作者信息
- 1. 北京信息科技大学信息管理学院,北京 100192
- 2. 北京信息科技大学信息管理学院,北京 100192;北京信息科技大学大数据研究院,北京 100192
- 折叠
摘要
针对当前日志异常检测数据量大和人工构建特征困难的问题,提出一种基于特征融合的GAT-BiLSTM深度学习模型.模型利用图注意网络(GAT)充分提取全局日志间的信息,得到更为全面的日志特征表示;同时利用双向长短期记忆网络(BiLSTM)挖掘日志内容的序列特征信息,最后通过特征的自适应融合实现对日志特征的提取.实验结果表明,GAT-BiLSTM模型有效解决了日志文本数据在异常检测中准确率不足的问题,准确率达到 82.10%,在日志异常检测领域具有一定的研究意义.
Abstract
Aiming at the current problems of large data volume of log anomaly detection and difficulties in con-structing features manually,a deep learning model of GAT-BiLSTM based on feature fusion is proposed.The model makes use of graph attention network(GAT)to fully extract the information among global logs and obtain a more com-prehensive log feature representation;meanwhile,it makes use of bi-directional long and short-term memory network(BiLSTM)to mine the sequence feature information of log contents,and finally achieves the extraction of log features by adaptive fusion of features.The experimental results show that the GAT-BiLSTM model effectively solves the prob-lem of insufficient accuracy of log text data in anomaly detection,with an accuracy rate of 82.10%,which has certain research significance in the field of anomaly log detection.
关键词
图结构/图注意力网络/特征融合/日志异常检测Key words
Graph structure/Graph attention networks/Feature fusion/Log anomaly detection引用本文复制引用
基金项目
国家重点研发计划课题(2019YFB1405003)
出版年
2024
NETL
NSTL
万方数据