Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Anomaly Detection in ConsoleLogs
Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology.
2016 (English)Independent thesis Advanced level (professional degree), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

The overall purpose of this project was to find anomalies inunstructured console logs. Logs were generated from system componentsin a contact center, specifically components in an email chain. Ananomaly is behaviour that can be described as abnormal. Suchbehaviour was found by creating features of the data that later oncould be analyzed by a data mining model. The mining model involvedthe usage of normalisation methods together with different distancefunctions. The algorithms that were used in order to generate resultson the prepared data were DBSCAN, Local Outlier Factor, and k-NNGlobal Anomaly Score. Every algorithm was combined with two differentnormalisation technologies, namely Min-Max- and Z-transformationnormalisation. The six different experiments yielded three datapoints that could be considered anomalies. Further inspection on thedata showed that the anomalies could be divided into two differenttypes of anomalies; system- or user behavioural related. Two out ofthree algorithms gave an anomaly score to a data point, whereas thethird gave a binary anomaly value to a data point. All the sixexperiments in this project had a common denominator; two data pointscould be classified as anomalies in all the six experiments.

Place, publisher, year, edition, pages
2016. , p. 42
Series
UPTEC IT, ISSN 1401-5749 ; 16012
National Category
Engineering and Technology
Identifiers
URN: urn:nbn:se:uu:diva-314514OAI: oai:DiVA.org:uu-314514DiVA, id: diva2:1070987
Supervisors
Examiners
Available from: 2017-02-02 Created: 2017-02-02Bibliographically approved

Open Access in DiVA

fulltext(858 kB)152 downloads
File information
File name FULLTEXT01.pdfFile size 858 kBChecksum SHA-512
159b40650100f80e7aca57158cf55d7e8350178aec8a3a137ce5368818753f8022774f2a8bf7a779120932c917a74fcc91d6d41f02f0955b8b3c11ebeeded44d
Type fulltextMimetype application/pdf

By organisation
Department of Information Technology
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar
Total: 152 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 522 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf