Published Online:July 2025
Product Name:The IUP Journal of Computer Sciences
Product Type:Article
Product Code:IJCS040725
DOI:10.71329/IUPJCS/2025.19.3.47-60
Author Name:Kaushik Bar
Availability:YES
Subject/Domain:Engineering
Download Format:PDF
Pages:47-60
Modern cloud-based infrastructures frequently operate across multilayered, multi-OS environments supported by numerous vendors. Diagnosing anomalies in such complex systems is a time-consuming task that often results in inaccurate root cause attribution, harming the credibility of otherwise reliable service components. The paper addresses the critical challenge of anomaly detection in networking logs and subsequent root cause analysis through hardware status data in such virtualized infrastructures. It identifies the limitations of traditional anomaly detection methods, including clustering-based (LOF, SOF), statistical (Gaussian-based), rule-based and supervised approaches, which often fail under noisy, high-dimensional, or sparsely labeled settings. To overcome these limitations, the paper proposes a two-stage architecture: (1) an autoencoder-based anomaly detector trained on textual networking logs; and (2) a self-supervised long short-term memory (LSTM) autoencoder trained on hardware metrics augmented by log-derived anomaly flags. This hybrid approach captures temporal dependencies, reduces false positives, and improves root cause traceability. Evaluated on a proprietary dataset comprising over 200K entries, the proposed method outperformed traditional baselines, achieving an F1 score of 0.87, surpassing others by a margin of at least 12%. This solution offers a scalable and automated diagnostic tool for distributed systems with minimal human intervention.
Anomaly detection has been used in many contexts from identifying flaws in manufacturing processes to finding suspicious activities in surveillance videos.