Container Anomaly Detection System Based on Rule Mining and Matching

Huachao Long,Yulai Xie,Daisong Yu,Minpeng Jin,Xuan Li
DOI: https://doi.org/10.1109/ICBCTIS55569.2022.00034
2022-07-01
Abstract:Compared with virtual machine technology, container technology is more and more popular by virtue of its excellent convenience and reliable security isolation. Containers will encounter various anomalies during operation. For maintenance personnel, a large number of abnormal logs makes the work of anomaly analysis very difficult, so anomaly detection technology is needed. In this paper, a container anomaly detection system based on rule mining and matching is proposed, which collects and simplifies the container's logs generated in the abnormal time period, then delivers them to association rule mining algorithm for rule mining and display rules to the maintainer who makes a decision after a simple analysis. The experimental results show that the rule mining algorithm can process log entries in less time consumption compared with traditional association rule mining algorithm, and container anomaly detection system can effectively help system administrator to locate anomalies.
Computer Science
What problem does this paper attempt to address?