Fatemeh Seifishahpar
-
BSc (Bu-Ali Sina University, 2003)
-
MSc (Institute for Advanced Studies in Basic Sciences, 2009)
Topic
Log Message Anomaly Detection using Positive and Unlabeled Learning
Department of Electrical and Computer Engineering
Date & location
-
Friday, January 19, 2024
-
1:00 P.M.
-
Virtual Defence
Reviewers
Supervisory Committee
-
Dr. T. Aaron Gulliver, Department of Electrical and Computer Engineering, University of Victoria (Supervisor)
-
Dr. Kin Fun Li, Department of Electrical and Computer Engineering, UVic (Unit Member)
External Examiner
-
Dr. Alex Thomo, Department of Computer Science, University of Victoria
Chair of Oral Examination
-
Ms. Ann Elliott-Goldschmid, School of Music, UVic
Abstract
Log messages are widely used in cloud servers and software systems. Anomaly detection of log messages is important as millions of logs are generated each day. However, besides having a complex and unstructured form, log messages create large unlabeled data sets which makes classification very difficult. In this thesis, a hybrid log message anomaly detection technique is proposed which employs positive and un- labeled learning (PU learning) to detect anomalies. Aggregated reliable negative logs are selected using the Isolation Forest, PU learning and Random Forest algorithms. Then, anomaly detection is conducted using a deep learning long short-term memory network. The proposed model is evaluated using the commonly employed Openstack, BGL, and Thunderbird data sets and the results obtained indicate that the proposed model performs better than several well-known approaches in the literature.