17930729. LOG ANOMALY DETECTION IN CONTINUOUS ARTIFICIAL INTELLIGENCE FOR IT OPERATIONS simplified abstract (INTERNATIONAL BUSINESS MACHINES CORPORATION)
Contents
- 1 LOG ANOMALY DETECTION IN CONTINUOUS ARTIFICIAL INTELLIGENCE FOR IT OPERATIONS
- 1.1 Organization Name
- 1.2 Inventor(s)
- 1.3 LOG ANOMALY DETECTION IN CONTINUOUS ARTIFICIAL INTELLIGENCE FOR IT OPERATIONS - A simplified explanation of the abstract
- 1.4 Simplified Explanation
- 1.5 Potential Applications
- 1.6 Problems Solved
- 1.7 Benefits
- 1.8 Potential Commercial Applications
- 1.9 Original Abstract Submitted
LOG ANOMALY DETECTION IN CONTINUOUS ARTIFICIAL INTELLIGENCE FOR IT OPERATIONS
Organization Name
INTERNATIONAL BUSINESS MACHINES CORPORATION
Inventor(s)
An-Jie Andy Tu of Campbell CA (US)
Xiaotong Liu of San Jose CA (US)
Rama Kalyani T. Akkiraju of Cupertino CA (US)
Neil H. Boyette of Oregon City OR (US)
LOG ANOMALY DETECTION IN CONTINUOUS ARTIFICIAL INTELLIGENCE FOR IT OPERATIONS - A simplified explanation of the abstract
This abstract first appeared for US patent application 17930729 titled 'LOG ANOMALY DETECTION IN CONTINUOUS ARTIFICIAL INTELLIGENCE FOR IT OPERATIONS
Simplified Explanation
The abstract describes a computer-implemented method for log anomaly detection, where statistical distribution metrics of entities and word embeddings are compared with real-time statistical models to detect anomalies and send alerts to users.
- Windowed log of incoming raw log messages received
- Statistical distribution metrics of entities compared with real-time statistical models
- Windowed log tagged as entity anomaly if metrics are statistically different
- Distance computed between average word embedding vector and statistical distribution for word embeddings
- Windowed log tagged as word embedding anomaly if distance exceeds predetermined threshold
- Alert sent to user with anomaly severity level
Potential Applications
This technology can be applied in various industries such as cybersecurity, network monitoring, and system performance analysis to detect anomalies in log data and prevent potential security breaches or system failures.
Problems Solved
1. Early detection of anomalies in log data 2. Improved security measures through real-time monitoring 3. Prevention of system failures by identifying abnormal patterns
Benefits
1. Enhanced data security 2. Real-time anomaly detection 3. Improved system performance and reliability
Potential Commercial Applications
Real-time Anomaly Detection in Cybersecurity
Original Abstract Submitted
A computer-implemented method, a computer program product, and a computer system for log anomaly detection. A computer receives a windowed log of incoming raw log messages. A computer compares statistical distribution metrics of entities in the windowed log with a statistical distribution extracted from a real-time statistical model for the entities. In response to the statistical distribution metrics being statistically different from the statistical distribution extracted from the real-time statistical model for the entities, a computer tags the windowed log as an entity anomaly. A computer computes a distance between an average word embedding vector in the windowed log and a statistical distribution extracted form a real-time statistical model for word embeddings. In response to the distance being greater than a predetermined threshold, a computer tags the windowed log as a word embedding anomaly. A computer sends to a user an alert with an anomaly severity level.
- INTERNATIONAL BUSINESS MACHINES CORPORATION
- Lu An of Raleigh NC (US)
- An-Jie Andy Tu of Campbell CA (US)
- Xiaotong Liu of San Jose CA (US)
- ANBANG Xu of San Jose CA (US)
- Rama Kalyani T. Akkiraju of Cupertino CA (US)
- Neil H. Boyette of Oregon City OR (US)
- H04L9/40
- G06F11/16
- G06K9/62
- H04L41/0604
- H04L41/0631
- H04L43/0817
