Abstract:Computer network anomaly detection and log analysis, as an important topic in the field of network security, has been a key task to ensure network security and system reliability. First, existing network anomaly detection and log analysis methods are often challenged by high-dimensional data and complex network topologies, resulting in unstable performance and high false-positive rates. In addition, traditional methods are usually difficult to handle time-series data, which is crucial for anomaly detection and log analysis. Therefore, we need a more efficient and accurate method to cope with these problems. To compensate for the shortcomings of current methods, we propose an innovative fusion model that integrates Isolation Forest, GAN (Generative Adversarial Network), and Transformer with each other, and each of them plays a unique role. Isolation Forest is used to quickly identify anomalous data points, and GAN is used to generate synthetic data with the real data distribution characteristics to augment the training dataset, while the Transformer is used for modeling and context extraction on time series data. The synergy of these three components makes our model more accurate and robust in anomaly detection and log analysis tasks. We validate the effectiveness of this fusion model in an extensive experimental evaluation. Experimental results show that our model significantly improves the accuracy of anomaly detection while reducing the false alarm rate, which helps to detect potential network problems in advance. The model also performs well in the log analysis task and is able to quickly identify anomalous behaviors, which helps to improve the stability of the system. The significance of this study is that it introduces advanced deep learning techniques, which work anomaly detection and log analysis.

What problem does this paper attempt to address?

The problems that this paper attempts to solve are several key challenges in computer network anomaly detection and log analysis. Specifically: 1. **High - dimensional data and complex network topology**: The existing network anomaly detection and log analysis methods have unstable performance and a high false - alarm rate when dealing with high - dimensional data and complex network structures. 2. **Time - series data processing**: Traditional methods are difficult to effectively handle time - series data, while time - series data is crucial for anomaly detection and log analysis. 3. **Data imbalance and noise interference**: There is a large amount of normal data and a small amount of abnormal data in network data, which leads to the data imbalance problem. At the same time, there may be noise in the data, affecting the detection effect. To solve these problems, the paper proposes an innovative fusion model that combines three techniques: Isolation Forest, GAN (Generative Adversarial Network) and Transformer, and each technique plays a unique role in the model: - **Isolation Forest**: It is used to quickly identify abnormal data points by constructing random binary trees to isolate abnormal data. - **GAN**: It is used to generate synthetic data similar to the distribution characteristics of real data to expand the training data set and improve the robustness of the model. - **Transformer**: It is used to model time - series data and extract context, capturing long - term dependencies in time - series. Through the synergy of these techniques, the model shows higher accuracy and robustness in anomaly detection and log analysis tasks. The experimental results show that this model significantly improves the accuracy of anomaly detection, reduces the false - alarm rate at the same time, and helps to discover potential network problems in advance. In addition, the model also performs well in log analysis tasks, can quickly identify abnormal behaviors, and thus improve the stability of the system.

Deep Learning-based Anomaly Detection and Log Analysis for Computer Networks

Data anomaly detection for structural health monitoring using a combination network of GANomaly and CNN

A novel fusion feature imageization with improved extreme learning machine for network anomaly detection

Experience Report: Deep Learning-based System Log Analysis for Anomaly Detection

Distributed system anomaly detection using deep learning‐based log analysis

TFD-Net: Transformer Deviation Network for Weakly Supervised Anomaly Detection

TransLog: A Unified Transformer-based Framework for Log Anomaly Detection.

A Survey of Deep Anomaly Detection for System Logs

Log Anomaly Detection Based on Parallel Fusion of CNN and GRU

Deep Learning-Based Log Anomaly Detection for 5G Core Network.

Big-data Analysis of Multi-Source Logs for Anomaly Detection on Network-Based System.

LogFormer: A Pre-train and Tuning Pipeline for Log Anomaly Detection

A Hybrid Deep Learning Anomaly Detection Framework for Intrusion Detection

Deep learning anomaly detection in AI-powered intelligent power distribution systems

The Detection of Abnormal Behavior by Artificial Intelligence Algorithms Under Network Security

Network Anomaly Detection Using Federated Learning

Deep Learning-Based Cyber–Physical Feature Fusion for Anomaly Detection in Industrial Control Systems

An Anomaly Detection Approach Based on Integrated LSTM for IoT Big Data

A Generative Adversarial Networks for Log Anomaly Detection

Neural Network-Based Log Anomaly Detection Algorithm for 6G Wireless Integrated Cyber-Physical System

Anomaly Detection Mechanism Based on Hierarchical Weights Through Large-Scale Log Data