Anomaly Detection Using One-Class SVM for Logs of Juniper Router Devices

The article deals with anomaly detection of Juniper router logs. Abnormal Juniper router logs include logs that are usually different from the normal operation, and they often reflect the abnormal operation of router devices. To prevent router devices from being damaged and help administrator to grasp the situation of error quickly, detecting abnormal operation soon is very important. In this work, we present a new way to get important features from log data of Juniper router devices and use machine learning method (basing on One-Class SVM model) for anomaly detection. One-Class SVM model requires some knowledge and comprehension about logs of Juniper router devices so that it can analyze, interpret, and test the knowledge acquired. We collect log data from a lot of real Juniper router devices and classify them based on our knowledge. Before these logs are used for training and testing the One-Class SVM model, the feature extraction phase for these data was carried out. Finally, with the proposed method, the system errors of the routers were detected quickly and accurately. This may help our company to reduce the operation cost for the router systems.

[1]  Guy Lapalme,et al.  A systematic analysis of performance measures for classification tasks , 2009, Inf. Process. Manag..

[2]  Arash Joorabchi,et al.  A new text representation scheme combining Bag-of-Words and Bag-of-Concepts approaches for automatic text classification , 2013, 2013 7th IEEE GCC Conference and Exhibition (GCC).

[3]  Ta Minh Thanh,et al.  Vietnamese news classification based on BoW with keywords extraction and neural network , 2017, 2017 21st Asia Pacific Symposium on Intelligent and Evolutionary Systems (IES).

[4]  Nenghai Yu,et al.  Semantics-Preserving Bag-of-Words Models and Applications , 2010, IEEE Transactions on Image Processing.

[5]  Jun Li,et al.  A Method of Feature Selection Based on Word2Vec in Text Categorization , 2018, 2018 37th Chinese Control Conference (CCC).

[6]  Bernhard Schölkopf,et al.  Estimating the Support of a High-Dimensional Distribution , 2001, Neural Computation.

[7]  Qing Wu,et al.  Micro-blog commercial word extraction based on improved TF-IDF algorithm , 2013, 2013 IEEE International Conference of IEEE Region 10 (TENCON 2013).

[8]  Kush R. Varshney,et al.  Dataflow representation of data analyses: Toward a platform for collaborative data science , 2017, IBM J. Res. Dev..

[9]  Chih-Chin Lai,et al.  Weighted word2vec based on the distance of words , 2017, 2017 International Conference on Machine Learning and Cybernetics (ICMLC).

[10]  Mu-Song Chen,et al.  Apply Scikit-Learn in Python to Analyze Driver Behavior Based on OBD Data , 2018, 2018 32nd International Conference on Advanced Information Networking and Applications Workshops (WAINA).

[11]  Stefano Bromuri,et al.  A Python Framework for Exhaustive Machine Learning Algorithms and Features Evaluations , 2016, 2016 IEEE 30th International Conference on Advanced Information Networking and Applications (AINA).

[12]  Yu Zhang,et al.  Log Clustering Based Problem Identification for Online Service Systems , 2016, 2016 IEEE/ACM 38th International Conference on Software Engineering Companion (ICSE-C).

[13]  Tao Yang,et al.  Research and improvement of feature words weight based on TFIDF algorithm , 2016, 2016 IEEE Information Technology, Networking, Electronic and Automation Control Conference.

[14]  Yan Ma,et al.  Anomaly detection of malicious users' behaviors for web applications based on web logs , 2017, 2017 IEEE 17th International Conference on Communication Technology (ICCT).

[15]  Tevfik Aytekin,et al.  Real time distributed analysis of MPLS network logs for anomaly detection , 2016, NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium.

[16]  Rui Zhao,et al.  Fuzzy Bag-of-Words Model for Document Representation , 2018, IEEE Transactions on Fuzzy Systems.

[17]  Seyyed Mohammad Hossein Dadgar,et al.  A novel text mining approach based on TF-IDF and Support Vector Machine for news classification , 2016, 2016 IEEE International Conference on Engineering and Technology (ICETECH).