Boot Log Anomaly Detection with K-Seen-Before
2020 (English)In: Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020, IEEE, 2020, p. 1005-1010Conference paper, Published paper (Refereed)
Abstract [en]
Software development for embedded systems, in particular code which interacts with boot-up procedures, can pose considerable challenges. In this work we propose the K-Seen-Before (KSB) approach to detect and highlight anomalous boot log messages, thus relieving developers from repeatedly having to manually examine boot log files of 1000+ lines. We describe the KSB instance based anomaly detection system and its relation to KNN. An industrial data set related to development of high-speed networking equipment is utilized to examine the effects of the KSB parameters on the amount of detected anomalies. The obtained results highlight the utility of KSB and provide indications of suitable KSB parameter settings for obtaining an appropriate trade-off for the cognitive workload of the developer with regards to log file analysis.
Place, publisher, year, edition, pages
IEEE, 2020. p. 1005-1010
Keywords [en]
coincidentally correct, ensemble learning, Fault localization, random forests, Application programs, Economic and social effects, Embedded systems, Software design, Anomaly detection systems, Cognitive workloads, High-speed networking, Industrial datum, Log file, Log-file analysis, Parameter setting, Trade off, Anomaly detection
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:kau:diva-83079DOI: 10.1109/COMPSAC48688.2020.0-140ISI: 000629086600129Scopus ID: 2-s2.0-85094136599ISBN: 9781728173030 (print)OAI: oai:DiVA.org:kau-83079DiVA, id: diva2:1530071
Conference
44th IEEE Annual Computers, Software, and Applications Conference, COMPSAC 2020, 13 July 2020 through 17 July 2020
2021-02-212021-02-212021-04-30Bibliographically approved