Access the full text.
Sign up today, get DeepDyve free for 14 days.
Loading next page...
/lp/springer-journals/ladders-log-based-anomaly-detection-and-diagnosis-for-enterprise-jcgfSl7FoK
References (28)
-
W. Xu, Ling Huang, A. Fox, D. Patterson, Michael Jordan (2009)
Detecting large-scale system problems by mining console logs -
Ivan Beschastnikh, Yuriy Brun, Michael Ernst, A. Krishnamurthy (2014)
Inferring models of concurrent systems from logs of their behavior with CSightProceedings of the 36th International Conference on Software Engineering
-
T. Le, Lin Liu, Junpeng Zhang, Bing Liu, Jiuyong Li (2015)
From miRNA regulation to miRNA-TF co-regulation: computational approaches and challengesBriefings in bioinformatics, 16 3
-
M Cinque, D Cotroneo, A Pecchia (2012)
Event logs for the analysis of software failures: a rule-based approachIEEE Trans Softw Eng, 39
-
Vrushabh Gada, Madhura Shegaonkar, Madhura Inamdar, S. Dinesh, Darshan Sapariya, Vedant Konde, M. Warang, N. Mehendale (2022)
Data Analysis of COVID-19 Hospital Records Using Contextual Patient Classification SystemAnnals of Data Science, 9
-
Qingwei Lin, Hongyu Zhang, Jian-Guang Lou, Yu Zhang, Xuewei Chen (2016)
Log Clustering Based Problem Identification for Online Service Systems2016 IEEE/ACM 38th International Conference on Software Engineering Companion (ICSE-C)
-
GF Cooper (1997)
A simple constraint-based algorithm for efficiently mining observational databases for causal relationshipsData Min Knowl Discov, 1
-
D Heckerman, D Geiger, DM Chickering (1995)
Learning bayesian networks: the combination of knowledge and statistical dataMach Learn, 20
-
C Silverstein, S Brin, R Motwani, J Ullman (2000)
Scalable techniques for mining causal structuresData Min Knowl Discov, 4
-
Shilin He, Qingwei Lin, Jian-Guang Lou, Hongyu Zhang, Michael Lyu, D. Zhang (2018)
Identifying impactful service system problems via log analysisProceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering
-
J. Tien (2017)
Internet of Things, Real-Time Decision Making, and Artificial IntelligenceAnnals of Data Science, 4
-
C Yuan, N Lao, J-R Wen, J Li, Z Zhang, Y-M Wang, W-Y Ma (2006)
Automated known problem diagnosis with event tracesACM SIGOPS Operat Syst Rev, 40
-
Min Du, Feifei Li, Guineng Zheng, Vivek Srikumar (2017)
DeepLog: Anomaly Detection and Diagnosis from System Logs through Deep LearningProceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
-
Yong Shi (2022)
Advances in Big Data Analytics: Theory, Algorithms and PracticesAdvances in Big Data Analytics
-
JP Rouillard (2004)
Real-time log file analysis using the simple event correlator (sec)LISA, 4
-
Yong Shi, Ying-jie Tian, Gang Kou, Yi Peng, Jianping Li (2011)
Optimization Based Data Mining: Theory and Applications -
A Makanju, AN Zincir-Heywood, EE Milios (2011)
A lightweight algorithm for message type extraction in system application logsIEEE Trans Knowl Data Eng, 24
-
P. Radanliev, D. Roure, Rob Walton, Max Kleek, Omar Santos, L. Maddox (2022)
What Country, University, or Research Institute, Performed the Best on Covid-19 During the First Wave of the Pandemic?Annals of Data Science, 9
-
L. Tang, Tao Li, Chang-Shing Perng (2011)
LogSig: generating system events from raw textual logs -
Alexander Ratner, Stephen Bach, Henry Ehrenberg, Jason Fries, Sen Wu, C. Ré (2017)
Snorkel: Rapid Training Data Creation with Weak SupervisionProceedings of the VLDB Endowment. International Conference on Very Large Data Bases, 11 3
-
M Kalisch, P Bühlman (2007)
Estimating high-dimensional directed acyclic graphs with the pc-algorithmJ Mach Learn Res, 8
-
SE Hansen, ET Atkins (1993)
Automated system monitoring and notification with swatchLISA, 93
-
D. Lo, Hong Cheng, Jiawei Han, Siau-Cheng Khoo, Chengnian Sun (2009)
Classification of software behaviors for failure detection: a discriminative pattern mining approach -
Chun Yuan, N. Lao, Ji-Rong Wen, Jiwei Li, Zheng Zhang, Yi-Min Wang, Wei-Ying Ma (2006)
Automated known problem diagnosis with event tracesProceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
-
T. Yen, Alina Oprea, Kaan Onarlioglu, Todd Leetham, William Robertson, A. Juels, E. Kirda (2013)
Beehive: large-scale log analysis for detecting suspicious activity in enterprise networksProceedings of the 29th Annual Computer Security Applications Conference
-
GF Cooper, E Herskovits (1992)
A bayesian method for the induction of probabilistic networks from dataMach Learn, 9
-
K Pattabiraman, GP Saggese, D Chen, Z Kalbarczyk, R Iyer (2011)
Automated derivation of application-specific error detectors using dynamic analysisIEEE Trans Depend Secure Comput, 8
-
K. Yamanishi, Y. Maruyama (2005)
Dynamic syslog mining for network failure monitoring
- Publisher
- Springer Journals
- Copyright
- Copyright © The Author(s), under exclusive licence to Springer-Verlag GmbH Germany, part of Springer Nature 2023. Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
- ISSN
- 2198-5804
- eISSN
- 2198-5812
- DOI
- 10.1007/s40745-023-00471-7
- Publisher site
- See Article on Publisher Site
Abstract
Enterprise software can fail due to not only malfunction of application servers, but also due to performance degradation or non-availability of other servers or middle layers. Consequently, valuable time and resources are wasted in trying to identify the root cause of software failures. To address this, we have developed a framework called LADDERS. In LADDERS, anomalous incidents are detected from log events generated by various systems and KPIs (Key Performance Indicators) through an ensemble of supervised and unsupervised models. Without transaction identifiers, it is not possible to relate various events from different systems. LADDERS implements Recursive Parallel Causal Discovery (RPCD) to establish causal relationships among log events. The framework builds coresets using BICO to manage high volumes of log data during training and inferencing. An anomaly can cause a number of anomalies throughout the systems. LADDERS makes use of RPCD again to discover causal relationships among these anomalous events. Probable root causes are revealed from the causal graph and anomaly rating of events using a k-shortest path algorithm. We evaluated LADDERS using live logs from an enterprise system. The results demonstrate its effectiveness and efficiency for anomaly detection.
Journal
Annals of Data Science – Springer Journals
Published: Jun 4, 2023
Keywords: Anomaly detection; Causal discovery; Log analysis; Software systems