Chinese Journal of Network and Information Security ›› 2020, Vol. 6 ›› Issue (6): 1-12.doi: 10.11959/j.issn.2096-109x.2020072

• Special Column:Network Application and Protection Technology •     Next Articles

Survey on anomaly detection technology based on logs

Yingjun ZHANG1(),Ushangqi LI2,Mu YANG2,Haixia ZHANG1,Kezhen HUANG1   

  1. 1 Trusted Computing and Information Assurance Laboratory,Institute of Software,Chinese Academy of Sciences,Beijing 100190,China
    2 Network Security Corps of Beijing Municipal Public Security Bureau,Beijing 100029,China
  • Revised:2020-09-24 Online:2020-12-15 Published:2020-12-16
  • Supported by:
    The Science and Technology Project of the Ministry of Public Security(2018JSYJA08)


Log information has become an important information resource in the rapid development of information systems.Through the analysis of logs,abnormal detection,fault diagnosis and performance diagnosis can be performed.The log-based anomaly detection technology was focused on.Firstly,the currently used log-based anomaly detection framework was introduced,and then the key link technologies such as log analysis and log anomaly detection were focused on.Finally,the current technology was summarized and suggestions for future research directions were given.

Key words: abnormal detection, log analysis, machine learning

CLC Number: