QLLog: A log anomaly detection method based on Q-learning algorithm

作者:

Highlights:

• For all we know, this paper is the first successful application of the Q-learning algorithm in the field of log anomaly detection and has achieved good detection results.

• QLLog can detect multiple types of log anomalies to reduce the false negative rate.

• QLLog provides a feedback mechanism to update the detection model and the abnormal level of abnormal logs.

• We summarize the existing log anomaly detection methods, compare and analyze the advantages and disadvantages of them. The experimental result proves the superiority of QLLog.

摘要

•For all we know, this paper is the first successful application of the Q-learning algorithm in the field of log anomaly detection and has achieved good detection results.•QLLog can detect multiple types of log anomalies to reduce the false negative rate.•QLLog provides a feedback mechanism to update the detection model and the abnormal level of abnormal logs.•We summarize the existing log anomaly detection methods, compare and analyze the advantages and disadvantages of them. The experimental result proves the superiority of QLLog.

论文关键词:Log anomaly detection,Q-learning,Reinforcement learning,Data analysis

论文评审过程:Received 23 March 2020, Revised 16 December 2020, Accepted 29 January 2021, Available online 9 February 2021, Version of Record 9 February 2021.

论文官网地址:https://doi.org/10.1016/j.ipm.2021.102540