The UTC Graduate School is pleased to announce that Lucas Payne will present Master’s research titled, Log File Anomaly Detection Using Knowledge Graphs and Graph Neural Networks on 05/26/2023 at 1pm – 2:30pm in Online: https://tennessee.zoom.us/j/93218551797?pwd=bWcya1ZDREo4dE9VQnB2QXZuQ0dpZz09&from=addon Password: 131948. Everyone is invited to attend.
Computer Science
Chair: Mengjun Xie
Co-Chair:
Abstract:
Log files contain valuable information for detecting abnormal behavior within a computing environment. However, log files are semi-structured documents that cannot be directly processed by computers. To address this, researchers have proposed representing log files as knowledge graphs (KGs), structured graph representations of information, and using KG completion techniques to predict new facts based on the KG. Despite the potential of this approach, current research in this area is limited, and no existing work has implemented a comprehensive end-to-end system that includes both KG generation and KG completion. In this study, we present an end-to-end system that utilizes graph neural networks (GNNs) and KG completion to detect anomalies in log files. The proposed system consists of two main components. The first component employs templates to generate a KG from a set of log files, capturing the normal behavior in the computing environment. The second component applies KG embedding models, enhanced with graph neural network layers, to learn a representation of the generated KG. The KG completion task is then employed to determine the suspiciousness of new information. We evaluated the proposed method using two public datasets with standard KG completion metrics. The experimental results demonstrate its promising potential.