TY - GEN
T1 - Anomaly detection using one-class SVM for logs of juniper router devices
AU - Nguyen, Tat Bao Thien
AU - Liao, Teh Lu
AU - Vu, Tuan Anh
N1 - Publisher Copyright:
© 2019, ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering.
PY - 2019
Y1 - 2019
N2 - The article deals with anomaly detection of Juniper router logs. Abnormal Juniper router logs include logs that are usually different from the normal operation, and they often reflect the abnormal operation of router devices. To prevent router devices from being damaged and help administrator to grasp the situation of error quickly, detecting abnormal operation soon is very important. In this work, we present a new way to get important features from log data of Juniper router devices and use machine learning method (basing on One-Class SVM model) for anomaly detection. One-Class SVM model requires some knowledge and comprehension about logs of Juniper router devices so that it can analyze, interpret, and test the knowledge acquired. We collect log data from a lot of real Juniper router devices and classify them based on our knowledge. Before these logs are used for training and testing the One-Class SVM model, the feature extraction phase for these data was carried out. Finally, with the proposed method, the system errors of the routers were detected quickly and accurately. This may help our company to reduce the operation cost for the router systems.
AB - The article deals with anomaly detection of Juniper router logs. Abnormal Juniper router logs include logs that are usually different from the normal operation, and they often reflect the abnormal operation of router devices. To prevent router devices from being damaged and help administrator to grasp the situation of error quickly, detecting abnormal operation soon is very important. In this work, we present a new way to get important features from log data of Juniper router devices and use machine learning method (basing on One-Class SVM model) for anomaly detection. One-Class SVM model requires some knowledge and comprehension about logs of Juniper router devices so that it can analyze, interpret, and test the knowledge acquired. We collect log data from a lot of real Juniper router devices and classify them based on our knowledge. Before these logs are used for training and testing the One-Class SVM model, the feature extraction phase for these data was carried out. Finally, with the proposed method, the system errors of the routers were detected quickly and accurately. This may help our company to reduce the operation cost for the router systems.
UR - http://www.scopus.com/inward/record.url?scp=85072885471&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85072885471&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-30149-1_24
DO - 10.1007/978-3-030-30149-1_24
M3 - Conference contribution
AN - SCOPUS:85072885471
SN - 9783030301484
T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
SP - 302
EP - 312
BT - Industrial Networks and Intelligent Systems - 5th EAI International Conference, INISCOM 2019, Proceedings
A2 - Duong, Trung Quang
A2 - Vo, Nguyen-Son
A2 - Nguyen, Loi K.
A2 - Vien, Quoc-Tuan
A2 - Nguyen, Van-Dinh
PB - Springer Verlag
T2 - 5th EAI International Conference on Industrial Networks and Intelligent Systems, INISCOM 2019
Y2 - 19 August 2019 through 19 August 2019
ER -