Flux Research Group / School of Computing

Evaluating Machine Learning Models for Anomaly Detection of System Logs

Joseph Porter

Technical Report , University of Utah Flux Group. 2020.



Training Machine Learning (ML) models for anomaly detection of system logs is a promising approach that empowers system administrators to quickly and automatically identify incidents in their systems. In this work, we have explored the abilities of various ML classifiers to identify anomalies in log sequences from CloudLab logs as determined by a separate unsupervised ML classifier. While all of the models investigated come from the sci-kit learn package in Python, each model differs in its algorithmic approach, making certain models like Logistic Regression and Multi-Layer Perceptron a better classifier choice than others.