高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

一种基于时间序列分解和时空信息提取的云服务器异常检测模型

唐伦 赵禹辰 薛呈呈 陈前斌

唐伦, 赵禹辰, 薛呈呈, 陈前斌. 一种基于时间序列分解和时空信息提取的云服务器异常检测模型[J]. 电子与信息学报. doi: 10.11999/JEIT230679
引用本文: 唐伦, 赵禹辰, 薛呈呈, 陈前斌. 一种基于时间序列分解和时空信息提取的云服务器异常检测模型[J]. 电子与信息学报. doi: 10.11999/JEIT230679
TANG Lun, ZHAO Yuchen, XUE Chengcheng, CHEN Qianbin. A Cloud Server Anomaly Detection Model Based on Time Series Decomposition and Spatiotemporal Information Extraction[J]. Journal of Electronics & Information Technology. doi: 10.11999/JEIT230679
Citation: TANG Lun, ZHAO Yuchen, XUE Chengcheng, CHEN Qianbin. A Cloud Server Anomaly Detection Model Based on Time Series Decomposition and Spatiotemporal Information Extraction[J]. Journal of Electronics & Information Technology. doi: 10.11999/JEIT230679

一种基于时间序列分解和时空信息提取的云服务器异常检测模型

doi: 10.11999/JEIT230679
基金项目: 国家自然科学基金(62071078),川渝联合实施重点研发项目(2021YFQ0053)
详细信息
    作者简介:

    唐伦:男,教授,博士生导师,研究方向为新一代无线通信网络、异构蜂窝网络、软件定义无线网络等

    赵禹辰:男,硕士生,研究方向为云数据中心异常检测、深度学习等

    薛呈呈:女,硕士生,研究方向为虚拟化网络、异常检测等

    陈前斌:男,教授,博士生导师,研究方向为个人通信、多媒体信息处理与传输、下一代移动通信网络、异构蜂窝网络等

    通讯作者:

    赵禹辰 1094534177@qq.com

  • 中图分类号: TN911.7

A Cloud Server Anomaly Detection Model Based on Time Series Decomposition and Spatiotemporal Information Extraction

Funds: The National Natural Science Foundation of China (62071078), Sichuan and Chongqing Key R&D Projects (2021YFQ0053)
  • 摘要: 异常检测是维护云数据中心性能的一项重要任务。云数据中心中运行着大量的云服务器以实现各种云计算功能。由于云数据中心的性能取决于云服务的正常运行,因此检测和分析云服务器中的异常至关重要。为此,该文提出一种基于时间序列分解和时空信息提取的云服务器异常检测模型。首先,提出带时空信息提取模块的双向Wasserstein 生成对抗网络算法(BiWGAN-GTN),该算法在具有梯度惩罚的双向Wasserstein 生成对抗网络(BiWGAN-GP)算法的基础上,将生成器与编码器替换为由图卷积网络(GCN)与时间卷积网络(TCN)组成的时空信息提取模块(GTN),实现对数据空时信息的提取;其次,提出半监督BiWGAN-GTN算法来识别多维时间序列中的异常,以在训练过程中避免异常数据侵入的风险并增强模型鲁棒性。最后设计多通道BiWGAN-GTN算法-MCBiWGAN-GTN以实现降低数据复杂度并提升模型学习效率的目标。利用带有自适应噪声完全集合经验模态分解(CEEMDAN)算法将时序数据分解,然后将不同的分量送入对应通道下的BiWGAN-GTN算法中训练。在真实世界云数据中心数据集Clearwater和MBD上采用精确率、召回率和F1分数这3个性能指标验证了该文所提模型的有效性。实验结果表明,MCBiWGAN-GTN在这两个数据集上的性能稳定并优于所比较的方法。
  • 图  1  GTN模块架构图

    图  2  BiWGAN-GTN模型架构图

    图  3  MCBiWGAN-GTN模型架构图

    图  4  鉴别损失与生成编码损失函数

    图  5  不同数据集中惩罚系数与损失函数权重系数对性能指标的影响

    图  6  算法稳定性对比

    表  1  不同方法的异常检测效果

    数据集 算法 Precious Recall F1-score
    Clearwater MADGAN 0.901 0.893 0.897
    MTAD-GAT 0.936 0.948 0.942
    TFAD 0.915 0.926 0.92
    SLA-VAE 0.928 0.905 0.916
    MCBiWGAN-GTN 0.954 0.967 0.960
    MBD MADGAN 0.412 0.491 0.454
    MTAD-GAT 0.521 0.625 0.568
    TFAD 0.494 0.636 0.556
    SLA-VAE 0.469 0.581 0.519
    MCBiWGAN-GTN 0.592 0.673 0.630
    下载: 导出CSV

    表  2  在Clearwater和MBD数据集上对MCBiWGAN-GTN进行消融实验,采用F1-score作为评价指标

    模型 GTN 分解 无监督 半监督 Clearwater MBD
    BiWGAN-GP 0.829 0.556
    BiWGAN-GTN 0.917 0.613
    MCBiWGAN 0.905 0.602
    MCBiWGAN-GTN(无监督) 0.941 0.614
    MCBiWGAN-GTN 0.960 0.630
    下载: 导出CSV
  • [1] ZHU Zheng, GU Rongbin, PAN Chenling, et al. CPU and network traffic anomaly detection method for cloud data center[C]. The 1st International Conference on Advanced Information Science and System, Singapore, 2019: 24. doi: 10.1145/3373477.3373501.
    [2] LI Dan, CHEN Dacheng, JIN Baihong, et al. MAD-GAN: Multivariate anomaly detection for time series data with generative adversarial networks[C]. The 28th International Conference on Artificial Neural Networks, Munich, Germany, 2019: 703–716. doi: 10.1007/978-3-030-30490-4_56.
    [3] WANG Weili, LIANG Chengchao, TANG Lun, et al. Federated multi-discriminator BiWGAN-GP based collaborative anomaly detection for virtualized network slicing[J]. IEEE Transactions on Mobile Computing, 2023, 22(11): 6445–6459. doi: 10.1109/TMC.2022.3200059.
    [4] Haloui I, Gupta J S, and Feuilard V. Anomaly detection with Wasserstein GAN[J]. arXiv preprint, 2018: 1–36. doi: 10.48550/arXiv.1812.02463.
    [5] GULRAJANI I, AHMED F, ARJOVSKY M, et al. Improved training of Wasserstein GANs[C]. The 31st International Conference on Neural Information Processing Systems, Long Beach, USA, 2017: 5769–5779. doi: 10.5555/3295222.3295327.
    [6] ZHAO Hang, WANG Yujing, DUAN Juanyong, et al. Multivariate time-series anomaly detection via graph attention network[C]. 2020 IEEE International Conference on Data Mining, Sorrento, Italy, 2020: 841–850. doi: 10.1109/ICDM50108.2020.00093.
    [7] GAO Jingkun, SONG Xiaomin, WEN Qingsong, et al. RobustTAD: Robust time series anomaly detection via decomposition and convolutional neural networks[J]. arXiv preprint, 2020: 1–9. doi: 10.48550/arXiv.2002.09545.
    [8] ZHANG Chaoli, ZHOU Tian, WEN Qingsong, et al. TFAD: A decomposition time series anomaly detection architecture with time-frequency analysis[C]. The 31st ACM International Conference on Information & Knowledge Management, Atlanta, USA, 2022: 2497–2507. doi: 10.1145/3511808.3557470.
    [9] RAO Yucong and ZHAO Jiabao. Time series anomaly detection based on CEEMDAN and LSTM[C]. 2021 IEEE International Conference on Networking, Sensing and Control, Xiamen, China, 2021: 1–6. doi: 10.1109/ICNSC52481.2021.9702161.
    [10] HUANG Tao, CHEN Pengfei, and LI Ruipeng. A semi-supervised VAE based active anomaly detection framework in multivariate time series for online systems[C]. ACM Web Conference 2022, Lyon, France, 2022: 1797–1806. doi: 10.1145/3485447.3511984.
    [11] THOMAS N and WELLING M. Semi-supervised classification with graph convolutional networks[J]. arXiv preprint, 2016: 1–14. doi: 10.48550/arXiv.1609.02907.
    [12] BAI Shaojie, KOLTER Z, and KOLTUN V. An empirical evaluation of generic convolutional and recurrent networks for sequence modeling[EB/OL]. https://arxiv.org/abs/1803.01271, 2018.
    [13] TORRES M E, COLOMINAS M A, SCHLOTTHAUER G, et al. A complete ensemble empirical mode decomposition with adaptive noise[C]. 2011 IEEE International Conference on Acoustics, Speech and Signal Processing, Prague, Czech Republic, 2011: 4144–4147. doi: 10.1109/ICASSP.2011.5947265.
    [14] HE Zilong, CHEN Pengfei, LI Xiaoyun, et al. A spatiotemporal deep learning approach for unsupervised anomaly detection in cloud systems[J]. IEEE Transactions on Neural Networks and Learning Systems, 2023, 34(4): 1705–1719. doi: 10.1109/TNNLS.2020.3027736.
    [15] SAUVANAUD C, LAZRI K, KAâNICHE M, et al. Towards black-box anomaly detection in virtual network functions[C]. The 2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshop, Toulouse, France, 2016: 254–257. doi: 10.1109/DSN-W.2016.17.
  • 加载中
图(6) / 表(2)
计量
  • 文章访问数:  47
  • HTML全文浏览量:  14
  • PDF下载量:  23
  • 被引次数: 0
出版历程
  • 收稿日期:  2023-07-07
  • 修回日期:  2024-02-08
  • 网络出版日期:  2024-03-04

目录

    /

    返回文章
    返回