[1]王春迎,安致嫄,赵 斌,等.基于混合神经网络的电力通信系统数据异常检测方法[J].南京师大学报(自然科学版),2025,48(05):85-92.[doi:10.3969/j.issn.1001-4616.2025.05.010]
 Wang Chunying,An Zhiyuan,Zhao Bin,et al.Anomaly Detection Method for Power Communication System Data Based on a Hybrid Neural Network[J].Journal of Nanjing Normal University(Natural Science Edition),2025,48(05):85-92.[doi:10.3969/j.issn.1001-4616.2025.05.010]
点击复制

基于混合神经网络的电力通信系统数据异常检测方法()

《南京师大学报(自然科学版)》[ISSN:1001-4616/CN:32-1239/N]

卷:
48
期数:
2025年05期
页码:
85-92
栏目:
计算机科学与技术
出版日期:
2025-10-20

文章信息/Info

Title:
Anomaly Detection Method for Power Communication System Data Based on a Hybrid Neural Network
文章编号:
1001-4616(2025)05-0085-08
作者:
王春迎1安致嫄1赵 斌2李 宁2
(1.国网河南省电力公司信息通信分公司,河南 郑州 450000)
(2.南京师范大学计算机与电子信息学院/人工智能学院,江苏 南京 210000)
Author(s):
Wang Chunying1An Zhiyuan1Zhao Bin2Li Ning2
(1.State Grid Henan Electric Power Company Information & Communication Branch, Zhengzhou 450000, China)
(2.School of Computer and Electronic Information/School of Artificial Intelligence, Nanjing Normal University, Nanjing 210000, China)
关键词:
电力通信系统日志异常检测Mogrifier LSTMCNN
Keywords:
electric power communication systemlog anomaly detectionmogrifier LSTMconvolutional neural network
分类号:
TM912
DOI:
10.3969/j.issn.1001-4616.2025.05.010
文献标志码:
A
摘要:
电力通信系统中的数据异常检测面临诸多严峻的挑战. 一方面,系统的数据维护日志通常包含大量专业术语,且格式复杂多样,传统的通用日志解析方法难以精准理解其深层语义信息. 另一方面,系统运行产生的日志数据具有显著的时序关联性与空间依赖性,现有方法对时空特征的协同建模能力不足,难以识别复杂的异常模式. 此外,若数据异常未能被及时发现和处理,可能对电力通信网络的稳定性和服务质量造成不利影响,危及电力系统的稳定运行. 因此,开发一种准确且高效的日志异常检测方法对于保障电力通信系统的运行安全具有重要意义. 本文提出了一种基于混合神经网络的日志异常检测方法,采用改进的Drain3算法进行日志解析,结合BERT模型与IDF加权机制进行特征表示,使用Mogrifier LSTM与CNN的混合模型进行异常检测. 实验结果表明,该方法在真实电力通信系统数据集上取得了优异的性能表现,对于日志异常检测的理论研究与工程实践具有一定的参考价值.
Abstract:
Anomaly detection in power communication systems poses significant and unique challenges. On one hand, the maintenance logs of the system often contain numerous domain-specific terms and exhibit complex, heterogeneous formats, making it difficult for traditional log parsing methods to accurately capture their underlying semantic information. On the other hand, the log data generated during system operation is characterized by pronounced temporal correlations and spatial dependencies, yet existing approaches struggle to effectively model these spatiotemporal features, limiting their ability to identify complex anomaly patterns. Moreover, failure to promptly detect and address data anomalies may adversely affect the stability and service quality of the power communication network, thereby compromising the stable operation of the power system. Consequently, developing an accurate and efficient log anomaly detection method is critical to ensuring the operational security of power communication systems. This paper proposes a log anomaly detection method based on a hybrid neural network. The method employs an enhanced Drain3 algorithm for log parsing, integrates the BERT model with an IDF weighting mechanism for feature representation, and utilizes a hybrid model combining Mogrifier LSTM and CNN for anomaly detection. Experimental results demonstrate that the proposed method achieves superior performance on a real-world power communication system dataset, offering valuable insights for both the theoretical advancement and practical implementation of log anomaly detection in power communication systems.

参考文献/References:

[1]YUAN Y,ADHATARAO S S,LIN M,et al. Ada:Adaptive deep log anomaly detector[C]//IEEE Conference on Computer Communications. Virtual Conference,2020:2449-2458.
[2]彭小圣,邓迪元,程时杰,等. 面向智能电网应用的电力大数据关键技术[J]. 中国电机工程学报,2015,35(3):503-511.
[3]ZHAO X,MIAO W,YUAN G,et al. Abnormal traffic detection system based on feature fusion and sparse transformer[J]. Mathematics,2024,12(11):1643.
[4]ZHANG X,ZHENG C,WU X,et al. Anomaly detection method for interactive data of third-party load aggregation platform based on multidimensional feature information fusion[C]//2022 IEEE 22nd International Conference on Communication Technology(ICCT). Nanjing,China,IEEE,2022:1893-1897.
[5]MAKANJU A,ZINCIR-HEYWOOD A N,MILIOS E E. A lightweight algorithm for message type extraction in system application logs[J]. IEEE transactions on knowledge and data engineering,2011,24(11):1921-1936.
[6]FU Q,LOU J G,WANG Y,et al. Execution anomaly detection in distributed systems through unstructured log analysis[C]//IEEE International Conference on Data Mining. Miami,Florida,USA,2009:149-158.
[7]HE P,ZHU J,ZHENG Z,et al. Drain:An online log parsing approach with fixed depth tree[C]//IEEE International Conference on Web Services,Honolulu,Hawaii,USA,2017:33-40.
[8]DU M,LI F. Spell:Online streaming parsing of large unstructured system logs[J]. IEEE transactions on knowledge and data engineering,2018,31(11):2213-2227.
[9]ASTEKIN M,ÖZCAN S,SÖZER H. Incremental analysis of large-scale system logs for anomaly detection[C]//IEEE Interna-tional Conference on Big Data,Los Angeles,CA,USA,2019:2119-2127.
[10]CHEN R,ZHANG S,LI D,et al. Logtransfer:Cross-system log anomaly detection for software systems with transfer learning[C]//IEEE International Symposium on Software Reliability Engineering,Virtual Conference,2020:37-47.
[11]HOCHREITER S,SCHMIDHUBER J. Long short-term memory[J]. Neural computation,1997,9(8):1735-1780.
[12]DU M,LI F,ZHENG G,et al. Deeplog:Anomaly detection and diagnosis from system logs through deep learning[C]//Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. Dallas,Texas,USA,2017:1285-1298.
[13]YANG R,QU D,GAO Y,et al. NLSALog:An anomaly detection framework for log sequence in security management[J]. IEEE Access,2019,7:181152-181164.
[14]MENG W,LIU Y,ZHU Y,et al. Loganomaly:Unsupervised detection of sequential and quantitative anomalies in unstructured logs[C]//International Joint Conference on Artificial Intelligence. Macao,China,2019,19(7):4739-4745.
[15]闫力,夏伟. 基于机器学习的日志异常检测综述[J]. 计算机系统应用,2022,31(09):57-69.
[16]HE P,ZHU J,HE S,et al. An evaluation study on log parsing and its use in log mining[C]//IEEE/IFIP International Conference on Dependable Systems and Networks. Toulouse,France,2016:654-661.
[17]FU Y,LIANG K,XU J. MLog:Mogrifier LSTM-based log anomaly detection approach using semantic representation[J]. IEEE transactions on services computing,2023,16(5):3537-3549.
[18]DEVLIN J. Bert:Pre-training of deep bidirectional transformers for language understanding[J]. arXiv Preprint arXiv:1810.04805,2018.

备注/Memo

备注/Memo:
收稿日期:2025-06-30.
基金项目:国家自然科学基金资助项目(41971343,62406145).
通讯作者:赵斌,博士,副教授,研究方向:人工智能、大数据分析与挖掘、云计算. E-mail:zhaobin@njnu.edu.cn
更新日期/Last Update: 2025-10-20