Convolutional Neural Network Approach for Anomaly Pattern Analysis in Information System Log Data

Authors

DOI:

https://doi.org/10.51903/dj3hk092

Keywords:

anomaly detection, convolutional neural network, deep learning, log analysis, system monitoring

Abstract

The rapid growth of modern information systems has led to the generation of large volumes of log data that record operational activities, system events, and security-related interactions. These logs provide valuable information for monitoring system behaviour and detecting abnormal conditions within complex computing infrastructures. However, manual log inspection and traditional rule-based monitoring approaches are often ineffective in identifying hidden anomaly patterns, particularly in large-scale and dynamic environments. This study proposes a deep learning–based approach using a Convolutional Neural Network (CNN) for anomaly pattern analysis in information system log data. The proposed method focuses on automatically learning hierarchical feature representations from structured log data, enabling the model to capture local patterns and structural relationships among log events without extensive manual feature engineering. Log entries are first processed and transformed into numerical representations suitable for deep learning models. The CNN architecture is then applied to learn discriminative features that distinguish normal system behaviour from anomalous patterns. Experimental evaluation demonstrates that the proposed approach is capable of effectively identifying anomalies within log datasets and provides improved detection capability compared with conventional monitoring techniques. The findings indicate that convolutional neural networks can serve as a reliable method for automated log analysis in large-scale information systems. This research contributes to the development of intelligent monitoring solutions that support early detection of system abnormalities and improve the reliability and security of modern digital infrastructures.

References

[1] M. Landauer, S. Onder, F. Skopik, and M. Wurzenberger, “Deep learning for anomaly detection in log data: A survey,” Machine Learning with Applications, vol. 12, p. 100470, Jun. 2023, doi: 10.1016/j.mlwa.2023.100470.

[2] Z. Chen, J. Liu, W. Gu, Y. Su, and M. R. Lyu, “Experience Report: Deep Learning-based System Log Analysis for Anomaly Detection,” Jan. 2022, Accessed: Mar. 12, 2026. [Online]. Available: http://arxiv.org/abs/2107.05908

[3] J. Cândido, M. Aniche, and A. Van Deursen, “Log-based software monitoring: a systematic mapping study,” PeerJ Comput. Sci., vol. 7, pp. 1–38, May 2021, doi: 10.7717/PEERJ-CS.489.

[4] L. Liao, K. Zhu, J. Luo, and J. Cai, “LogBASA: Log Anomaly Detection Based on System Behavior Analysis and Global Semantic Awareness,” International Journal of Intelligent Systems, vol. 2023, 2023, doi: 10.1155/2023/3777826.

[5] H. Huang, W. Luo, Y. Wang, Y. Zhou, and W. Huang, “LogCTBL: a hybrid deep learning model for log-based anomaly detection,” The Journal of Supercomputing 2025 81:2, vol. 81, no. 2, pp. 448-, Jan. 2025, doi: 10.1007/s11227-025-06926-3.

[6] A. M. Mostafa, A. Altheneyan, A. Alnuaim, and A. Alhadlaq, “Hybrid ML-Based Technique to Classify Malicious Activity Using Log Data of Systems,” Applied Sciences 2023, Vol. 13, Page 2707, vol. 13, no. 4, p. 2707, Feb. 2023, doi: 10.3390/app13042707.

[7] S. Ali, C. Boufaied, D. Bianculli, P. Branco, and L. Briand, “A comprehensive study of machine learning techniques for log-based anomaly detection,” Empirical Software Engineering 2025 30:5, vol. 30, no. 5, pp. 129-, Jun. 2025, doi: 10.1007/s10664-025-10669-3.

[8] S. Chen and H. Liao, “BERT-Log: Anomaly Detection for System Logs Based on Pre-trained Language Model,” Applied Artificial Intelligence, vol. 36, no. 1, Dec. 2022, doi: 10.1080/08839514.2022.2145642.

[9] X. Wu, H. Li, and F. Khomh, “On the effectiveness of log representation for log-based anomaly detection,” Empirical Software Engineering 2023 28:6, vol. 28, no. 6, pp. 137-, Oct. 2023, doi: 10.1007/s10664-023-10364-1.

[10] Z. A. Khan, D. Shin, D. Bianculli, and L. C. Briand, “Impact of log parsing on deep learning-based anomaly detection,” Empirical Software Engineering 2024 29:6, vol. 29, no. 6, pp. 139-, Aug. 2024, doi: 10.1007/s10664-024-10533-w.

[11] M. Jain and A. Shah, “Anomaly Detection Using Convolutional Neural Networks (CNN),” ESP International Journal of Advancements in Computational Technology (ESP-IJACT), vol. 2, no. 3, pp. 12–22, Jul. 2024, doi: 10.56472/25838628/IJACT-V2I3P102.

[12] W. Xu, L. Huang, A. Fox, D. Patterson, and M. I. Jordan, “Detecting large-scale system problems by mining console logs,” SOSP’09 - Proceedings of the 22nd ACM SIGOPS Symposium on Operating Systems Principles, pp. 117–131, 2009, doi: 10.1145/1629575.1629587.

[13] J.-G. Lou, Q. Fu, S. Yang, Y. Xu, and J. Li, “Mining Invariants from Console Logs for System Problem Detection”.

[14] Q. Fu, J. G. Lou, Y. Wang, and J. Li, “Execution anomaly detection in distributed systems through unstructured log analysis,” Proceedings - IEEE International Conference on Data Mining, ICDM, pp. 149–158, 2009, doi: 10.1109/ICDM.2009.60.

[15] M. Du, F. Li, G. Zheng, and V. Srikumar, “DeepLog: Anomaly detection and diagnosis from system logs through deep learning,” Proceedings of the ACM Conference on Computer and Communications Security, pp. 1285–1298, Oct. 2017, doi: 10.1145/3133956.3134015.

[16] P. He, J. Zhu, Z. Zheng, and M. R. Lyu, “Drain: An Online Log Parsing Approach with Fixed Depth Tree,” Proceedings - 2017 IEEE 24th International Conference on Web Services, ICWS 2017, pp. 33–40, Sep. 2017, doi: 10.1109/ICWS.2017.13.

[17] W. Meng et al., “LogAnomaly: Unsupervised Detection of Sequential and Quantitative Anomalies in Unstructured Logs”.

[18] H. Guo, S. Yuan, and X. Wu, “LogBERT: Log Anomaly Detection via BERT,” Proceedings of the International Joint Conference on Neural Networks, vol. 2021-July, Jul. 2021, doi: 10.1109/IJCNN52387.2021.9534113.

[19] J. Zhu et al., “Tools and Benchmarks for Automated Log Parsing,” Proceedings - 2019 IEEE/ACM 41st International Conference on Software Engineering: Software Engineering in Practice, ICSE-SEIP 2019, pp. 121–130, May 2019, doi: 10.1109/ICSE-SEIP.2019.00021.

[20] M. J. Zhen, A. E. Hassan, P. Flora, and G. Hamann, “Abstracting execution logs to execution events for enterprise applications,” Proc. Int. Conf. Qual. Softw., pp. 181–186, 2008, doi: 10.1109/QSIC.2008.50.

[21] X. Zhang et al., “Robust log-based anomaly detection on unstable log data,” ESEC/FSE 2019 - Proceedings of the 2019 27th ACM Joint Meeting European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 807–817, Aug. 2019, doi: 10.1145/3338906.3338931.

[22] P. Wang, X. Zhang, Z. Cao, W. Xu, and W. Li, “LogGT: Cross-system log anomaly detection via heterogeneous graph feature and transfer learning,” Expert Syst. Appl., vol. 251, p. 124082, Oct. 2024, doi: 10.1016/j.eswa.2024.124082.

[23] Y. Duan et al., “LogEDL: Log Anomaly Detection via Evidential Deep Learning,” Applied Sciences 2024, Vol. 14, vol. 14, no. 16, Aug. 2024, doi: 10.3390/app14167055.

Downloads

Published

2026-04-03

Issue

Vol. 1 No. 1 (2026): JUNE : Journal of Artificial Intelligence in Information Technology

Section

Articles

License

Copyright (c) 2026 Muharrom Fatihaturrizqi, Eko Siswanto (Author)

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.