Utility Analysis about Log Data Anomaly Detection Based on Federated Learning
-
Published:2023-04-01
Issue:7
Volume:13
Page:4495
-
ISSN:2076-3417
-
Container-title:Applied Sciences
-
language:en
-
Short-container-title:Applied Sciences
Author:
Shin Tae-Ho1ORCID, Kim Soo-Hyung1ORCID
Affiliation:
1. Interdisciplinary Program of Information Security, Chonnam National University, Gwangju 61186, Republic of Korea
Abstract
Logs that record system information are managed in anomaly detection, and more efficient anomaly detection methods have been proposed due to their increase in complexity and scale. Accordingly, deep learning models that automatically detect system anomalies through log data learning have been proposed. However, in existing log anomaly detection models, user logs are collected from the central server system, exposing the data collection process to the risk of leaking sensitive information. A distributed learning method, federated learning, is a trend proposed for artificial intelligence learning regarding sensitive information because it guarantees the anonymity of the collected user data and collects only weights learned from each local server in the central server. In this paper, we executed an experiment regarding system log anomaly detection using federated learning. The results demonstrate the feasibility of applying federated learning in deep-learning-based system-log anomaly detection compared to the existing centralized learning method. Moreover, we present an efficient deep-learning model based on federated learning for system log anomaly detection.
Funder
Institute for Information and Communications Technology Promotion
Subject
Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science
Reference25 articles.
1. Toward Fine-Grained, Unsupervised, Scalable Performance Diagnosis for Production Cloud Computing Systems;Mi;IEEE Trans. Parallel Distrib. Syst. (TPDS),2013 2. (2022, September 13). Anticipating the Unknowns: 2019 Cisco CIISO Benchmark Study. Available online: https://blogs.cisco.com/security/anticipating-the-unknowns-2019-cisco-ciso-benchmark-study. 3. Amershi, S., Lee, B., Kapoor, A., Mahajan, R., and Christian, B. (2011, January 16). Human-guided machine learning for fast and accurate network alarm triage. Proceedings of the Twenty-Second International Joint Conference on Artificial Intelligence-Volume Volume Three (IJCAI’11), Catalonia, Spain. 4. Le, V.-H., and Zhang, H. (2022, January 22–27). Log-based anomaly detection with deep learning: How far are we?. Proceedings of the 44th International Conference on Software Engineering (ICSE ’22), New York, NY, USA. 5. He, S., Zhu, J., He, P., and Lyu, M.R. (2016, January 23–27). Experience Report: System Log Analysis for Anomaly Detection. Proceedings of the 2016 IEEE 27th International Symposium on Software Reliability Engineering (ISSRE), Ottawa, ON, Canada.
|
|