Log Anomaly Detection by Adversarial Autoencoders With Graph Feature Fusion

The exponential growth of scale and complexity in distributed systems necessitates significant maintenance efforts. Logs play an indispensable role in system operation and maintenance since they record crucial runtime information. However, recent studies on log anomaly detection have primarily focused on deep learning methods, which entail high computational complexity for learning temporal and semantic features from logs. Moreover, most deep learning-based approaches for log anomaly detection require supervised training, which is labor intensive. To address these challenges, this article proposes a framework called GAE-Log. GAE-Log leverages event graphs and knowledge graphs to model logs comprehensively. By integrating temporal dynamics through event graphs and incorporating contextual information from knowledge graphs, GAE-Log enhances the understanding of the system's status. Moreover, GAE-Log employs adversarial training of autoencoders for anomaly detection on logs. The effectiveness of GAE-Log is evaluated through an ablation study and comprehensive comparisons using both public and synthetic log datasets. The results demonstrate that GAE-Log outperforms state-of-the-art methods in log anomaly detection, achieving significant performance improvements.

Duke Scholars

Author Yuxia Xie