{"id":"https://openalex.org/W4292968359","doi":"https://doi.org/10.1109/tifs.2022.3201379","title":"DeepSyslog: Deep Anomaly Detection on Syslog Using Sentence Embedding and Metadata","display_name":"DeepSyslog: Deep Anomaly Detection on Syslog Using Sentence Embedding and Metadata","publication_year":2022,"publication_date":"2022-01-01","ids":{"openalex":"https://openalex.org/W4292968359","doi":"https://doi.org/10.1109/tifs.2022.3201379"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2022.3201379","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2022.3201379","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5056068917","display_name":"Junwei Zhou","orcid":"https://orcid.org/0000-0002-6094-1203"},"institutions":[{"id":"https://openalex.org/I196699116","display_name":"Wuhan University of Technology","ror":"https://ror.org/03fe7t173","country_code":"CN","type":"education","lineage":["https://openalex.org/I196699116"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Junwei Zhou","raw_affiliation_strings":["School of Computer and Artificial Intelligence, Wuhan University of Technology, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"School of Computer and Artificial Intelligence, Wuhan University of Technology, Wuhan, China","institution_ids":["https://openalex.org/I196699116"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5069256172","display_name":"Yijia Qian","orcid":null},"institutions":[{"id":"https://openalex.org/I196699116","display_name":"Wuhan University of Technology","ror":"https://ror.org/03fe7t173","country_code":"CN","type":"education","lineage":["https://openalex.org/I196699116"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yijia Qian","raw_affiliation_strings":["School of Computer and Artificial Intelligence, Wuhan University of Technology, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"School of Computer and Artificial Intelligence, Wuhan University of Technology, Wuhan, China","institution_ids":["https://openalex.org/I196699116"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5058926362","display_name":"Qingtian Zou","orcid":"https://orcid.org/0000-0002-1412-4800"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Qingtian Zou","raw_affiliation_strings":["College of Information Sciences and Technology, Pennsylvania State University, University Park, PA, USA"],"affiliations":[{"raw_affiliation_string":"College of Information Sciences and Technology, Pennsylvania State University, University Park, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100346828","display_name":"Peng Liu","orcid":"https://orcid.org/0000-0002-5091-8464"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Peng Liu","raw_affiliation_strings":["College of Information Sciences and Technology, Pennsylvania State University, University Park, PA, USA"],"affiliations":[{"raw_affiliation_string":"College of Information Sciences and Technology, Pennsylvania State University, University Park, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5016677170","display_name":"Jianwen Xiang","orcid":"https://orcid.org/0000-0001-8440-4181"},"institutions":[{"id":"https://openalex.org/I196699116","display_name":"Wuhan University of Technology","ror":"https://ror.org/03fe7t173","country_code":"CN","type":"education","lineage":["https://openalex.org/I196699116"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jianwen Xiang","raw_affiliation_strings":["School of Computer and Artificial Intelligence, Wuhan University of Technology, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"School of Computer and Artificial Intelligence, Wuhan University of Technology, Wuhan, China","institution_ids":["https://openalex.org/I196699116"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5056068917"],"corresponding_institution_ids":["https://openalex.org/I196699116"],"apc_list":null,"apc_paid":null,"fwci":6.7058,"has_fulltext":false,"cited_by_count":52,"citation_normalized_percentile":{"value":0.97263145,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":100},"biblio":{"volume":"17","issue":null,"first_page":"3051","last_page":"3061"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.988099992275238,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9850999712944031,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7654601335525513},{"id":"https://openalex.org/keywords/metadata","display_name":"Metadata","score":0.7097029685974121},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.6445570588111877},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.6353123784065247},{"id":"https://openalex.org/keywords/event","display_name":"Event (particle physics)","score":0.6263929009437561},{"id":"https://openalex.org/keywords/web-log-analysis-software","display_name":"Web log analysis software","score":0.507717490196228},{"id":"https://openalex.org/keywords/sentence","display_name":"Sentence","score":0.4760879576206207},{"id":"https://openalex.org/keywords/anomaly","display_name":"Anomaly (physics)","score":0.469360888004303},{"id":"https://openalex.org/keywords/embedding","display_name":"Embedding","score":0.4241613447666168},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3505607843399048},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3494716286659241},{"id":"https://openalex.org/keywords/web-page","display_name":"Web page","score":0.11824032664299011},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.10800755023956299}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7654601335525513},{"id":"https://openalex.org/C93518851","wikidata":"https://www.wikidata.org/wiki/Q180160","display_name":"Metadata","level":2,"score":0.7097029685974121},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.6445570588111877},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.6353123784065247},{"id":"https://openalex.org/C2779662365","wikidata":"https://www.wikidata.org/wiki/Q5416694","display_name":"Event (particle physics)","level":2,"score":0.6263929009437561},{"id":"https://openalex.org/C104352257","wikidata":"https://www.wikidata.org/wiki/Q1238961","display_name":"Web log analysis software","level":5,"score":0.507717490196228},{"id":"https://openalex.org/C2777530160","wikidata":"https://www.wikidata.org/wiki/Q41796","display_name":"Sentence","level":2,"score":0.4760879576206207},{"id":"https://openalex.org/C12997251","wikidata":"https://www.wikidata.org/wiki/Q567560","display_name":"Anomaly (physics)","level":2,"score":0.469360888004303},{"id":"https://openalex.org/C41608201","wikidata":"https://www.wikidata.org/wiki/Q980509","display_name":"Embedding","level":2,"score":0.4241613447666168},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3505607843399048},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3494716286659241},{"id":"https://openalex.org/C21959979","wikidata":"https://www.wikidata.org/wiki/Q36774","display_name":"Web page","level":2,"score":0.11824032664299011},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.10800755023956299},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C61096286","wikidata":"https://www.wikidata.org/wiki/Q7978592","display_name":"Web navigation","level":3,"score":0.0},{"id":"https://openalex.org/C26873012","wikidata":"https://www.wikidata.org/wiki/Q214781","display_name":"Condensed matter physics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C173576120","wikidata":"https://www.wikidata.org/wiki/Q2641220","display_name":"Static web page","level":4,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tifs.2022.3201379","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2022.3201379","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6000000238418579,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G7761621777","display_name":null,"funder_award_id":"ZDYF2021GXJS014","funder_id":"https://openalex.org/F4320327827","funder_display_name":"Key Research and Development Project of Hainan Province"},{"id":"https://openalex.org/G8334011003","display_name":null,"funder_award_id":"CNS-2019340","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320327827","display_name":"Key Research and Development Project of Hainan Province","ror":null}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":35,"referenced_works":["https://openalex.org/W392761142","https://openalex.org/W1522301498","https://openalex.org/W1614298861","https://openalex.org/W2039157918","https://openalex.org/W2064675550","https://openalex.org/W2105454049","https://openalex.org/W2106950427","https://openalex.org/W2114554028","https://openalex.org/W2143996186","https://openalex.org/W2493916176","https://openalex.org/W2518186251","https://openalex.org/W2520381032","https://openalex.org/W2560021099","https://openalex.org/W2583874385","https://openalex.org/W2754665629","https://openalex.org/W2767094836","https://openalex.org/W2775696952","https://openalex.org/W2882319491","https://openalex.org/W2947815220","https://openalex.org/W2963999143","https://openalex.org/W2964304846","https://openalex.org/W2965838158","https://openalex.org/W3095840026","https://openalex.org/W3121951581","https://openalex.org/W3127712067","https://openalex.org/W3169066865","https://openalex.org/W4243639384","https://openalex.org/W4255845613","https://openalex.org/W6631190155","https://openalex.org/W6632550495","https://openalex.org/W6636510571","https://openalex.org/W6712994927","https://openalex.org/W6727087348","https://openalex.org/W6743384090","https://openalex.org/W6769430610"],"related_works":["https://openalex.org/W2806741695","https://openalex.org/W4290647774","https://openalex.org/W3189286258","https://openalex.org/W3207797160","https://openalex.org/W3210364259","https://openalex.org/W4300558037","https://openalex.org/W2667207928","https://openalex.org/W2912112202","https://openalex.org/W4377864969","https://openalex.org/W3120251014"],"abstract_inverted_index":{"Anomaly":[0],"events":[1,82,101],"indicating":[2],"the":[3,7,13,48,57,68,74,97,106,110,114,124,131,144,167,171,180,198],"unhealthy":[4],"status":[5],"of":[6,50,63,99,113,162],"computer":[8],"system":[9,14,26],"are":[10],"recorded":[11],"in":[12,56,73,105,130,179],"log":[15,40,65,100,115,132,147,173,188],"(Syslog).":[16],"Therefore,":[17],"Syslog-based":[18],"anomaly":[19,33,81,168,201],"event":[20,52,54,103,156,177,202],"detection":[21,34,203],"is":[22,152],"crucial":[23],"for":[24],"diagnosing":[25],"issues":[27],"and":[28,38,43,53,83,102,126,175],"problems.":[29],"However,":[30],"existing":[31,199],"log-based":[32,200],"approaches":[35],"use":[36],"raw":[37],"unstructured":[39,64],"entries":[41,174],"<i>independently</i>":[42],"<i>incompletely</i>,":[44],"i.e.,":[45],"without":[46],"considering":[47],"context":[49,98,127],"each":[51],"metadata":[55,104,157,178],"logs.":[58,107],"They":[59],"employ":[60,118],"incomplete":[61],"representation":[62],"data,":[66],"limiting":[67],"deep":[69],"learning":[70],"model&#x2019;s":[71],"capacity":[72],"early":[75],"stage,":[76],"which":[77,93,141,164],"tends":[78],"to":[79,122,158],"omit":[80],"cause":[84],"false":[85],"alarms.":[86],"In":[87],"this":[88],"work,":[89],"we":[90,117],"propose":[91],"DeepSyslog,":[92],"represents":[94],"Syslog":[95],"with":[96,155,197],"Inspired":[108],"by":[109,170],"sequence":[111],"nature":[112],"stream,":[116,133],"unsupervised":[119],"sentence":[120,150],"embedding":[121,137,151],"extract":[123],"semantic":[125],"information":[128],"hidden":[129],"rather":[134],"than":[135],"word":[136],"or":[138],"one-hot":[139],"embedding,":[140],"only":[142],"capture":[143],"similarities":[145],"between":[146],"words.":[148],"The":[149,182],"further":[153],"integrated":[154],"form":[159],"complete":[160],"representations":[161],"Syslog,":[163],"can":[165],"distinguish":[166],"caused":[169],"correlated":[172],"exceptional":[176],"log.":[181],"simulation":[183],"results":[184],"on":[185],"widely":[186],"used":[187],"datasets":[189],"show":[190],"that":[191],"DeepSyslog":[192],"achieves":[193],"high":[194],"performance":[195],"compared":[196],"approaches.":[204]},"counts_by_year":[{"year":2026,"cited_by_count":5},{"year":2025,"cited_by_count":23},{"year":2024,"cited_by_count":14},{"year":2023,"cited_by_count":9},{"year":2022,"cited_by_count":1}],"updated_date":"2026-04-01T17:29:45.350535","created_date":"2025-10-10T00:00:00"}