Log Anomaly Detection in Application Servers Using Deep Learning


Alagöz E., Şahin Y. M., Özdem Karaca K., Gedik A. O., Akcayol M. A.

Innovative Methods in Computer Science and Computational Applications in the Era of Industry 5.0. , D. Jude Hemanth,Utku Kose,Bogdan Patrut,Mevlut Ersoy, Editör, Springer Nature Switzerland Ag, Zug, ss.258-268, 2024

  • Yayın Türü: Kitapta Bölüm / Mesleki Kitap
  • Basım Tarihi: 2024
  • Yayınevi: Springer Nature Switzerland Ag
  • Basıldığı Şehir: Zug
  • Sayfa Sayıları: ss.258-268
  • Editörler: D. Jude Hemanth,Utku Kose,Bogdan Patrut,Mevlut Ersoy, Editör
  • Gazi Üniversitesi Adresli: Evet

Özet

Log anomaly detection is vital in managing large-scale and distributed systems used today. Log analysis must be done in a short time and with high accuracy to be beneficial. As attacks on systems become more and more complex, traditional log anomaly detection methods have become more cumbersome, unsuccessful, and unuseful. In this study, a deep learning-based model has been developed for anomaly detection using log data from application servers in large-scale systems. First, pre-processing was carried out on the log data, and then parsing and grouping were carried out. The Drain method was used to parse the log files. The obtained data were divided into two groups, and the training and testing of the deep learning model developed were carried out. In the feature extraction phase, log data were converted into vectors and used as input for the developed model. The developed model learns normal and abnormal behavior in the data set and then detects abnormal behavior. The results obtained from the experimental studies showed that the developed model successfully detected 93% of the anomaly data. It has been observed that the level of success at the data labeling stage is very effective in training the model and detecting anomalies.