nach oben

Erschienen in:

2020 | OriginalPaper | Buchkapitel

Boosted Ensemble Learning for Anomaly Detection in 5G RAN

verfasst von : Tobias Sundqvist, Monowar H. Bhuyan, Johan Forsman, Erik Elmroth

Erschienen in: Artificial Intelligence Applications and Innovations

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The emerging 5G networks promises more throughput, faster, and more reliable services, but as the network complexity and dynamics increases, it becomes more difficult to troubleshoot the systems. Vendors are spending a lot of time and effort on early anomaly detection in their development cycle and majority of the time is spent on manually analyzing system logs. While main research in anomaly detection uses performance metrics, anomaly detection using functional behaviour is still lacking in depth analysis. In this paper we show how a boosted ensemble of Long Short Term Memory classifiers can detect anomalies in the 5G Radio Access Network system logs. Acquiring system logs from a live 5G network is difficult due to confidentiality issues, live network disturbance, and problems to repeat scenarios. Therefore, we perform our evaluation on logs from a 5G test bed that simulate realistic traffic in a city. Our ensemble learns the functional behaviour of an application by training on logs from normal execution time. It can then detect deviations from normal behaviour and also be retrained on false positive cases found during validation. Anomaly detection in RAN shows that our ensemble called BoostLog, outperforms a single LSTM classifier and further testing on HDFS logs confirms that BoostLog also can be used in other domains. Instead of using domain experts to manually analyse system logs, BoostLog can be used by less experienced trouble shooters to automatically detect anomalies faster and more reliable.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel An Adaptive Approach on Credit Card Fraud Detection Using Transaction Aggregation and Word Embeddings

Nächstes Kapitel Machine Learning for Cognitive Load Classification – A Case Study on Contact-Free Approach

Ajith, D.: A survey on anomaly detection methods for system log data. Int. J. Sci. Res. (IJSR) 8, 23 (2019)

Al Mamun, S.M.A., Valimaki, J.: Anomaly detection and classification in cellular networks using automatic labeling technique for applying supervised learning. Procedia Comput. Sci. 140, 186–195 (2018). https://doi.org/10.1016/j.procs.2018.10.328

Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: Network Traffic Anomaly Detection and Prevention: Concepts, Techniques, and Tools, 1st edn. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-65188-0

Bian, G., Liu, J., Lin, W.: Internet traffic forecasting using boosting LSTM method. In: 2017 International Conference on Computer Science and Application Engineering (CSAE 2017). DEStech Transactions on Computer Science and Engineering (2018). https://doi.org/10.12783/dtcse/csae2017/17517

Chalapathy, R., Chawla, S.: Deep learning for anomaly detection: a survey. CoRR abs/1901.03407 (2019). http://arxiv.org/abs/1901.03407

Chniti, G., Bakir, H., Zaher, H.: E-commerce time series forecasting using LSTM neural network and support vector regression. In: Proceedings of the International Conference on Big Data and Internet of Things, BDIOT 2017, pp. 80–84. ACM, New York (2017)

Chollet, F., et al.: Keras (2015). https://keras.io

Damm, L.O.: Early and cost-effective software fault detection: measurement and implementation in an industrial setting. Ph.D. thesis (2007)

Du, M., Li, F., Zheng, G., Srikumar, V.: DeepLog: anomaly detection and diagnosis from system logs through deep learning. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications, pp. 1285–1298 (2017). https://doi.org/10.1145/3133956.3134015

10.

Prewett, J.E.: Analyzing cluster log files using Logsurfer. In: Proceedings of Annual Conference on Linux Clusters (2003)

11.

Fernández Maimó, L., Perales Gómez, L., García Clemente, F.J., Gil Pérez, M., Martínez Pérez, G.: A self-adaptive deep learning-based system for anomaly detection in 5G networks. IEEE Access 6, 7700–7712 (2018). https://doi.org/10.1109/ACCESS.2018.2803446

12.

Freund, Y., Schapire, R.E.: A decision-theoretic generalization of on-line learning and an application to boosting. J. Comput. Syst. Sci. 55(1), 119–139 (1997)MathSciNetMATH

13.

Hansen, S.E., Atkins, E.T.: Automated system monitoring and notification with swatch. In: Proceedings of the 7th USENIX Conference on System Administration, LISA 1993, pp. 145–152. USENIX Association, Berkeley (1993)

14.

Hochreiter, S., Schmidhuber, J.: Long short-term memory. Neural Comput. 9(8), 1735–1780 (1997)

15.

Ibidunmoye, O., Rezaie, A., Elmroth, E.: Adaptive anomaly detection in performance metric streams. IEEE Trans. Netw. Serv. Manag. 15(1), 217–231 (2018). https://doi.org/10.1109/TNSM.2017.2750906

16.

Iyer, A.P., Li, L.E., Stoica, I.: Automating diagnosis of cellular radio access network problems. In: Proceedings of the 23rd Annual International Conference on Mobile Computing and Networking. MobiCom 2017, pp. 79–87. ACM, New York (2017). https://doi.org/10.1145/3117811.3117813

17.

Karevan, Z., Suykens, J.A.: Transductive LSTM for time-series prediction: an application to weather forecasting. Neural Netw. 125, 1–9 (2020)

18.

Malhotra, P., Ramakrishnan, A., Anand, G., Vig, L., Agarwal, P., Shroff, G.: LSTM-based encoder-decoder for multi-sensor anomaly detection. CoRR abs/1607.00148 (2016). http://arxiv.org/abs/1607.00148

19.

Rouillard, J.P.: Real-time log file analysis using the simple event correlator (SEC). In: Proceedings of LISA XVIII, pp. 133–150 (2004)

20.

Polikar, R.: Ensemble based systems in decision making. IEEE Circuit Syst. Mag. 6, 21–45 (2006). https://doi.org/10.1109/MCAS.2006.1688199

21.

Salvador, S., Chan, P.: Toward accurate dynamic time warping in linear time and space. Intell. Data Anal. 11(5), 561–580 (2007)

22.

Sun, S., Wei, Y., Wang, S.: AdaBoost-LSTM ensemble learning for financial time series forecasting. In: Shi, Y., et al. (eds.) ICCS 2018. LNCS, vol. 10862, pp. 590–597. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-93713-7_55

23.

Szilagyi, P., Novaczki, S.: An automatic detection and diagnosis framework for mobile communication systems. IEEE Trans. Netw. Serv. Manag. 9(2), 184–197 (2012). https://doi.org/10.1109/TNSM.2012.031912.110155

24.

Xiao, C., Chen, N., Hu, C., Wang, K., Gong, J., Chen, Z.: Short and mid-term sea surface temperature prediction using time-series satellite data and LSTM-AdaBoost combination approach. Remote Sens. Environ. 233, 111358 (2019)

25.

Xu, W., Huang, L., Fox, A., Patterson, D., Jordan, M.I.: Detecting large-scale system problems by mining console logs. In: Proceedings of the ACM SIGOPS 22nd Symposium on Operating Systems Principles, SOSP 2009, pp. 117–132. ACM, New York (2009)

26.

Yu, X., Joshi, P., Xu, J., Jin, G., Zhang, H., Jiang, G.: CloudSeer: workflow monitoring of cloud infrastructures via interleaved logs. In: ASPLOS 2016 (2016)

27.

Zhang, K., Xu, J., Min, M.R., Jiang, G., Pelechrinis, K., Zhang, H.: Automated IT system failure prediction: a deep learning approach. In: 2016 IEEE International Conference on Big Data (Big Data), pp. 1291–1300 (2016). https://doi.org/10.1109/BigData.2016.7840733

28.

Zhu, J., et al.: Tools and benchmarks for automated log parsing. CoRR abs/1811.03509 (2018). http://arxiv.org/abs/1811.03509

Titel: Boosted Ensemble Learning for Anomaly Detection in 5G RAN
verfasst von: Tobias Sundqvist
Monowar H. Bhuyan
Johan Forsman
Erik Elmroth
Verlag: Springer International Publishing
Buch: Artificial Intelligence Applications and Innovations
Print ISBN: 978-3-030-49160-4

Electronic ISBN: 978-3-030-49161-1

Copyright-Jahr: 2020
DOI: https://doi.org/10.1007/978-3-030-49161-1_2

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner