-
公开(公告)号:US20180270262A1
公开(公告)日:2018-09-20
申请号:US15889733
申请日:2018-02-06
Applicant: NEC Laboratories America, Inc.
Abstract: A method for implementing automatic and scalable log pattern learning in security log analysis is provided. The method includes collecting security logs generated by a computer system. An incremental learning process is implemented to generate a set of log patterns from the collected security logs. The collected security logs are parsed using the set of log patterns.
-
公开(公告)号:US20170139806A1
公开(公告)日:2017-05-18
申请号:US15352546
申请日:2016-11-15
Applicant: NEC Laboratories America, Inc.
Inventor: Jianwu Xu , Biplob Debnath , Hui Zhang , Guofei Jiang , Nipun Arora
IPC: G06F11/36
CPC classification number: G06F11/3612 , G06F11/0706 , G06F11/0766 , G06F11/3636
Abstract: Systems and methods are disclosed for handling log data from one or more applications, sensors or instruments by receiving heterogeneous logs from arbitrary/unknown systems or applications; generating regular expression patterns from the heterogeneous log sources using machine learning and extracting a log pattern therefrom; generating models and profiles from training logs based on different conditions and updating a global model database storing all models generated over time; tokenizing raw log messages from one or more applications, sensors or instruments running a production system; transforming incoming tokenized streams are into data-objects for anomaly detection and forwarding of log messages to various anomaly detectors; and generating an anomaly alert from the one or more applications, sensors or instruments running a production system.
-
公开(公告)号:US20210078589A1
公开(公告)日:2021-03-18
申请号:US17015239
申请日:2020-09-09
Applicant: NEC Laboratories America, Inc.
Inventor: Jianwu Xu , Haifeng Chen
IPC: B60W50/02 , G01R31/317 , B60R16/023 , B60W50/06 , G07C5/08 , B60W60/00 , G06N3/08
Abstract: A computer-implemented method for implementing electronic control unit (ECU) testing optimization includes capturing, within a neural network model, input-output relationships of a plurality of ECUs operatively coupled to a controller area network (CAN) bus within a CAN bus framework, including generating the neural network model by pruning a fully-connected neural network model based on comparisons of maximum values of neuron weights to a threshold, reducing signal connections of a plurality of collected input signals and a plurality of collected output signals based on connection weight importance, ranking importance of the plurality of collected input signals based on the neural network model, generating, based on the ranking, a test case execution sequence for testing a system including the plurality of ECUs to identify flaws in the system, and initiating the test case execution sequence for testing the system.
-
公开(公告)号:US10883345B2
公开(公告)日:2021-01-05
申请号:US16034663
申请日:2018-07-13
Applicant: NEC Laboratories America, Inc.
Inventor: Jianwu Xu , Tanay Kumar Saha , Haifeng Chen , Hui Zhang
IPC: G06F16/45 , E21B43/08 , B01D29/21 , B01D39/20 , B01D29/11 , B01D29/33 , G06F16/22 , G06F16/28 , G06F16/26 , G06F7/08
Abstract: A method and system are provided for processing computer log messages for log visualization and log retrieval. The method includes collecting log messages from one or more computer system components, performing a log tokenization process on the log messages to generate tokens, transforming the tokens into log vectors associated with a metric space, performing dimensionality reduction on the metric space to project the metric space into a lower dimensional sub-space, storing similarity distances between respective pairs of the log vectors, and in response to receiving a query associated with a query log message for reducing operational inefficiencies of the one or more computer system components, employing the similarity distances to retrieve one or more similar log messages corresponding to the query log message for reducing the operational inefficiencies of the one or more computer system components.
-
公开(公告)号:US20200285807A1
公开(公告)日:2020-09-10
申请号:US16787774
申请日:2020-02-11
Applicant: NEC Laboratories America, Inc.
Inventor: Jianwu Xu , Haifeng Chen , Bin Nie
Abstract: A method detects anomalies in a system having sensors for collecting multivariate sensor data including discrete event sequences. The method determines, using a NMT model, pairwise relationships among the sensors based on the data. The method forms sequences of characters into sentences on a per sensor basis, by treating each discrete variable in the sequences as a character in natural language. The method translates, using the NMT, the sentences of source sensors to sentences of target sensors to obtain a translation score that quantifies a pairwise relationship strength therebetween. The method aggregates the pairwise relationships into a multivariate relationship graph having nodes representing sensors and edges denoted by the translation score for a sensor pair connected thereto to represent the pairwise relationship strength therebetween. The method performs a corrective action to correct an anomaly responsive to a detection of the anomaly relating to the sensor pair.
-
Patent Agency Ranking
公开(公告)号:US20200174870A1
公开(公告)日:2020-06-04
申请号:US16673144
申请日:2019-11-04
Applicant: NEC Laboratories America, Inc.
Inventor: Jianwu Xu , Haifeng Chen
Abstract: A method for implementing automated information technology (IT) system failure recommendation and mitigation includes performing log pattern learning to automatically generate sparse time series for each log pattern for a set of classification logs corresponding to a failure, performing multivariate log time series extraction based on the log pattern learning to generate a failure signature for the set of classification logs, including representing the sparse time series as a run-length encoded sequence for efficient storage and computation, calculating a similarity distance between the failure signature for the set of classification logs and each failure signature from a failure signature model file, determining a failure label for the failure corresponding to a most similar known failure based on the similarity distance, and initiating failure mitigation based on the failure label.
-
公开(公告)号:US20190095417A1
公开(公告)日:2019-03-28
申请号:US16145580
申请日:2018-09-28
Applicant: NEC Laboratories America, Inc.
Inventor: Jianwu Xu , Hui Zhang , Haifeng Chen , Tanay Kumar Saha
IPC: G06F17/27
Abstract: A computer-implemented method, system, and computer program product are provided for content aware heterogeneous log pattern comparative analysis. The method includes receiving, by a processor-device, a plurality of heterogeneous logs. The method also includes extracting, by the processor-device, a plurality of log syntactic patterns from the plurality of heterogenous logs. The method additionally includes generating, by the processor-device, latent representation vectors for each of the plurality of log syntactic patterns. The method further includes predicting, by the processor-device, an anomaly from the clustered latent representation vectors. The method also includes controlling an operation of a processor-based machine to react in accordance with the anomaly.
-
公开(公告)号:US10235231B2
公开(公告)日:2019-03-19
申请号:US15351449
申请日:2016-11-15
Applicant: NEC Laboratories America, Inc.
Inventor: Kai Zhang , Jianwu Xu , Hui Zhang , Guofei Jiang
Abstract: An exemplary method for detecting one or more anomalies in a system includes building a temporal causality graph describing functional relationship among local components in normal period; applying the causality graph as a propagation template to predict a system status by iteratively applying current system event signatures; and detecting the one or more anomalies of the system by examining related patterns on the template causality graph that specifies normal system behaviors. The system can align event patterns on the causality graph to determine an anomaly score.
-
公开(公告)号:US20190073406A1
公开(公告)日:2019-03-07
申请号:US16034663
申请日:2018-07-13
Applicant: NEC Laboratories America, Inc.
Inventor: Jianwu Xu , Tanay Kumar Saha , Haifeng Chen , Hui Zhang
Abstract: A method and system are provided for processing computer log messages for log visualization and log retrieval. The method includes collecting log messages from one or more computer system components, performing a log tokenization process on the log messages to generate tokens, transforming the tokens into log vectors associated with a metric space, performing dimensionality reduction on the metric space to project the metric space into a lower dimensional sub-space, storing similarity distances between respective pairs of the log vectors, and in response to receiving a query associated with a query log message for reducing operational inefficiencies of the one or more computer system components, employing the similarity distances to retrieve one or more similar log messages corresponding to the query log message for reducing the operational inefficiencies of the one or more computer system components.
-
公开(公告)号:US20180174065A1
公开(公告)日:2018-06-21
申请号:US15678751
申请日:2017-08-16
Applicant: NEC Laboratories America, Inc.
Inventor: Biplob Debnath , Hui Zhang , Jianwu Xu , Nipun Arora , Guofei Jiang , Bo Zong
Abstract: A computer-implemented method for automatically analyzing log contents received via a network and detecting content-level anomalies is presented. The computer-implemented method includes building a statistical model based on contents of a set of training logs and detecting, based on the set of training logs, content-level anomalies for a set of testing logs. The method further includes maintaining an index and metadata, generating attributes for fields, editing model capability to incorporate user domain knowledge, detecting anomalies using field attributes, and improving anomaly quality by using user feedback.
-
-
-
-
-
-
-
-
-
Search Results
60
records
(took 0.022 seconds)
