Research Article
Anomaly Detection Using One-Class SVM for Logs of Juniper Router Devices
@INPROCEEDINGS{10.1007/978-3-030-30149-1_24, author={Tat-Bao-Thien Nguyen and Teh-Lu Liao and Tuan-Anh Vu}, title={Anomaly Detection Using One-Class SVM for Logs of Juniper Router Devices}, proceedings={Industrial Networks and Intelligent Systems. 5th EAI International Conference, INISCOM 2019, Ho Chi Minh City, Vietnam, August 19, 2019, Proceedings}, proceedings_a={INISCOM}, year={2019}, month={9}, keywords={Anomaly detection Juniper devices One-Class SVM Log feature extraction}, doi={10.1007/978-3-030-30149-1_24} }- Tat-Bao-Thien Nguyen
Teh-Lu Liao
Tuan-Anh Vu
Year: 2019
Anomaly Detection Using One-Class SVM for Logs of Juniper Router Devices
INISCOM
Springer
DOI: 10.1007/978-3-030-30149-1_24
Abstract
The article deals with anomaly detection of Juniper router logs. Abnormal Juniper router logs include logs that are usually different from the normal operation, and they often reflect the abnormal operation of router devices. To prevent router devices from being damaged and help administrator to grasp the situation of error quickly, detecting abnormal operation soon is very important. In this work, we present a new way to get important features from log data of Juniper router devices and use machine learning method (basing on One-Class SVM model) for anomaly detection. One-Class SVM model requires some knowledge and comprehension about logs of Juniper router devices so that it can analyze, interpret, and test the knowledge acquired. We collect log data from a lot of real Juniper router devices and classify them based on our knowledge. Before these logs are used for training and testing the One-Class SVM model, the feature extraction phase for these data was carried out. Finally, with the proposed method, the system errors of the routers were detected quickly and accurately. This may help our company to reduce the operation cost for the router systems.