{"id":"https://openalex.org/W4352981539","doi":"https://doi.org/10.1109/icsrs56243.2022.10067856","title":"Learning-Based Anomaly Detection Using Log Files with Sequential Relationships","display_name":"Learning-Based Anomaly Detection Using Log Files with Sequential Relationships","publication_year":2022,"publication_date":"2022-11-23","ids":{"openalex":"https://openalex.org/W4352981539","doi":"https://doi.org/10.1109/icsrs56243.2022.10067856"},"language":"en","primary_location":{"id":"doi:10.1109/icsrs56243.2022.10067856","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/icsrs56243.2022.10067856","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 6th International Conference on System Reliability and Safety (ICSRS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5045390735","display_name":"Markus F\u00e4lt","orcid":null},"institutions":[{"id":"https://openalex.org/I56475706","display_name":"Mid Sweden University","ror":"https://ror.org/019k1pd13","country_code":"SE","type":"education","lineage":["https://openalex.org/I56475706"]}],"countries":["SE"],"is_corresponding":true,"raw_author_name":"Markus F\u00e4lt","raw_affiliation_strings":["Mid Sweden University,Department of Information Systems and Technology,Sundsvall,852 30"],"affiliations":[{"raw_affiliation_string":"Mid Sweden University,Department of Information Systems and Technology,Sundsvall,852 30","institution_ids":["https://openalex.org/I56475706"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044064820","display_name":"Stefan Forsstr\u00f6m","orcid":"https://orcid.org/0000-0002-1797-1095"},"institutions":[{"id":"https://openalex.org/I56475706","display_name":"Mid Sweden University","ror":"https://ror.org/019k1pd13","country_code":"SE","type":"education","lineage":["https://openalex.org/I56475706"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Stefan Forsstr\u00f6m","raw_affiliation_strings":["Mid Sweden University,Department of Information Systems and Technology,Sundsvall,852 30"],"affiliations":[{"raw_affiliation_string":"Mid Sweden University,Department of Information Systems and Technology,Sundsvall,852 30","institution_ids":["https://openalex.org/I56475706"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072795169","display_name":"Qing He","orcid":null},"institutions":[{"id":"https://openalex.org/I56475706","display_name":"Mid Sweden University","ror":"https://ror.org/019k1pd13","country_code":"SE","type":"education","lineage":["https://openalex.org/I56475706"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Qing He","raw_affiliation_strings":["Mid Sweden University,Department of Information Systems and Technology,Sundsvall,852 30"],"affiliations":[{"raw_affiliation_string":"Mid Sweden University,Department of Information Systems and Technology,Sundsvall,852 30","institution_ids":["https://openalex.org/I56475706"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100329627","display_name":"Tingting Zhang","orcid":"https://orcid.org/0000-0002-3548-6106"},"institutions":[{"id":"https://openalex.org/I56475706","display_name":"Mid Sweden University","ror":"https://ror.org/019k1pd13","country_code":"SE","type":"education","lineage":["https://openalex.org/I56475706"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Tingting Zhang","raw_affiliation_strings":["Mid Sweden University,Department of Information Systems and Technology,Sundsvall,852 30"],"affiliations":[{"raw_affiliation_string":"Mid Sweden University,Department of Information Systems and Technology,Sundsvall,852 30","institution_ids":["https://openalex.org/I56475706"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5045390735"],"corresponding_institution_ids":["https://openalex.org/I56475706"],"apc_list":null,"apc_paid":null,"fwci":0.2763,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.59129278,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"337","last_page":"342"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9927999973297119,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9799000024795532,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.7748394012451172},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7192659378051758},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.6874628067016602},{"id":"https://openalex.org/keywords/system-call","display_name":"System call","score":0.5837628245353699},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.5834022164344788},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.5504716634750366},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5336801409721375},{"id":"https://openalex.org/keywords/anomaly","display_name":"Anomaly (physics)","score":0.5232937932014465},{"id":"https://openalex.org/keywords/sequence","display_name":"Sequence (biology)","score":0.512222945690155},{"id":"https://openalex.org/keywords/software-system","display_name":"Software system","score":0.49487608671188354},{"id":"https://openalex.org/keywords/web-log-analysis-software","display_name":"Web log analysis software","score":0.48420074582099915},{"id":"https://openalex.org/keywords/anomaly-based-intrusion-detection-system","display_name":"Anomaly-based intrusion detection system","score":0.41315340995788574},{"id":"https://openalex.org/keywords/web-server","display_name":"Web server","score":0.21712231636047363},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.14821857213974}],"concepts":[{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.7748394012451172},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7192659378051758},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.6874628067016602},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.5837628245353699},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.5834022164344788},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.5504716634750366},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5336801409721375},{"id":"https://openalex.org/C12997251","wikidata":"https://www.wikidata.org/wiki/Q567560","display_name":"Anomaly (physics)","level":2,"score":0.5232937932014465},{"id":"https://openalex.org/C2778112365","wikidata":"https://www.wikidata.org/wiki/Q3511065","display_name":"Sequence (biology)","level":2,"score":0.512222945690155},{"id":"https://openalex.org/C149091818","wikidata":"https://www.wikidata.org/wiki/Q2429814","display_name":"Software system","level":3,"score":0.49487608671188354},{"id":"https://openalex.org/C104352257","wikidata":"https://www.wikidata.org/wiki/Q1238961","display_name":"Web log analysis software","level":5,"score":0.48420074582099915},{"id":"https://openalex.org/C137524506","wikidata":"https://www.wikidata.org/wiki/Q2247688","display_name":"Anomaly-based intrusion detection system","level":3,"score":0.41315340995788574},{"id":"https://openalex.org/C11392498","wikidata":"https://www.wikidata.org/wiki/Q11288","display_name":"Web server","level":3,"score":0.21712231636047363},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.14821857213974},{"id":"https://openalex.org/C173576120","wikidata":"https://www.wikidata.org/wiki/Q2641220","display_name":"Static web page","level":4,"score":0.0},{"id":"https://openalex.org/C26873012","wikidata":"https://www.wikidata.org/wiki/Q214781","display_name":"Condensed matter physics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C54355233","wikidata":"https://www.wikidata.org/wiki/Q7162","display_name":"Genetics","level":1,"score":0.0},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icsrs56243.2022.10067856","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/icsrs56243.2022.10067856","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 6th International Conference on System Reliability and Safety (ICSRS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Decent work and economic growth","score":0.5,"id":"https://metadata.un.org/sdg/8"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":20,"referenced_works":["https://openalex.org/W168564468","https://openalex.org/W1614298861","https://openalex.org/W1661413208","https://openalex.org/W2022661645","https://openalex.org/W2064675550","https://openalex.org/W2115056012","https://openalex.org/W2208211896","https://openalex.org/W2583874385","https://openalex.org/W2585367509","https://openalex.org/W2754665629","https://openalex.org/W2767094836","https://openalex.org/W2999825877","https://openalex.org/W3040197085","https://openalex.org/W3095840026","https://openalex.org/W3127712067","https://openalex.org/W4206134478","https://openalex.org/W4234955166","https://openalex.org/W4385245566","https://openalex.org/W6636510571","https://openalex.org/W6749336956"],"related_works":["https://openalex.org/W2337148208","https://openalex.org/W1971929717","https://openalex.org/W3036013726","https://openalex.org/W1724519426","https://openalex.org/W2351051591","https://openalex.org/W2183313954","https://openalex.org/W1969635302","https://openalex.org/W3004832009","https://openalex.org/W3146948916","https://openalex.org/W2148459958"],"abstract_inverted_index":{"Modern":[0],"IT":[1,49,111],"systems":[2,29,42],"have":[3],"been":[4,101],"transitioning":[5],"from":[6],"traditional":[7],"on-premises":[8,15],"solutions":[9],"to":[10,26,45,152,174],"a":[11,24,66,92,155,175],"dynamic":[12],"mixture":[13],"of":[14,35,57,68,71,80,141,168],"and":[16,41,83,90,121,129,158],"off-premises":[17],"solutions.":[18],"This":[19],"transition":[20],"has":[21,43,64,100],"also":[22],"included":[23],"trend":[25],"run":[27],"more":[28],"on":[30],"software-defined":[31,39],"resources.":[32],"The":[33,98,131],"ease":[34],"setting":[36],"up":[37],"new":[38],"servers":[40],"led":[44],"an":[46],"increase":[47],"in":[48,78,103],"system":[50,114],"complexity":[51],"as":[52,54],"well":[53],"the":[55,72,106,166,169],"amount":[56],"log":[58,62,76,115,133],"data":[59,116,134],"generated.":[60],"Automatic":[61],"analysis":[63,77],"become":[65],"subject":[67],"interest":[69],"because":[70],"problems":[73],"with":[74,105,117,137],"manual":[75],"case":[79],"intrusion":[81],"detection":[82,96,147],"root-cause":[84],"analysis.":[85],"Therefore,":[86],"this":[87],"paper":[88],"proposes":[89],"tests":[91],"sequence":[93],"based":[94],"anomaly":[95,146],"method.":[97],"work":[99],"done":[102],"collaboration":[104],"Swedish":[107],"Social":[108],"Insurance":[109],"Agency\u2019s":[110],"department.":[112],"Real":[113],"high":[118],"privacy":[119],"requirements":[120],"limited":[122],"available":[123],"information":[124],"was":[125,135,149],"generated":[126,132],"for":[127],"training":[128],"testing.":[130],"produced":[136],"expected":[138],"time":[139],"regions":[140],"anomalous":[142],"behavior.":[143],"Our":[144],"proposed":[145],"model":[148],"then":[150],"able":[151],"perform":[153],"at":[154],"state-of-the-art":[156],"level":[157],"could":[159],"accurately":[160],"detect":[161],"certain":[162],"error":[163],"types.":[164],"Showing":[165],"potential":[167],"approach":[170],"when":[171],"applied":[172],"directly":[173],"real-world":[176],"system.":[177]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1}],"updated_date":"2025-12-24T23:09:58.560324","created_date":"2025-10-10T00:00:00"}