{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,16]],"date-time":"2026-01-16T01:47:07Z","timestamp":1768528027019,"version":"3.49.0"},"reference-count":37,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2024,5,10]],"date-time":"2024-05-10T00:00:00Z","timestamp":1715299200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,5,10]],"date-time":"2024-05-10T00:00:00Z","timestamp":1715299200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62272037 and 61872039"],"award-info":[{"award-number":["62272037 and 61872039"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62272037 and 61872039"],"award-info":[{"award-number":["62272037 and 61872039"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"CCF-Ant Research Fund"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Software Qual J"],"published-print":{"date-parts":[[2024,6]]},"DOI":"10.1007\/s11219-024-09670-8","type":"journal-article","created":{"date-parts":[[2024,5,10]],"date-time":"2024-05-10T15:01:50Z","timestamp":1715353310000},"page":"821-845","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["KAD: a knowledge formalization-based anomaly detection approach for distributed systems"],"prefix":"10.1007","volume":"32","author":[{"given":"Xinjie","family":"Wei","sequence":"first","affiliation":[]},{"given":"Chang-ai","family":"Sun","sequence":"additional","affiliation":[]},{"given":"Xiao-Yi","family":"Zhang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,5,10]]},"reference":[{"issue":"4","key":"9670_CR1","doi-asserted-by":"publisher","first-page":"21","DOI":"10.3390\/s23042100","volume":"23","author":"A Ali","year":"2023","unstructured":"Ali, A., Ali, A., Abaluof, H., et al. (2023). Moisture detection in tree trunks in semiarid lands using low-cost non-invasive capacitive sensors with statistical based anomaly detection approach. Sensors, 23(4), 21\u201331.","journal-title":"Sensors"},{"key":"9670_CR2","unstructured":"Apache Hadoop. (2023). Apache Hadoop Home. http:\/\/hadoop.apache.org\/"},{"key":"9670_CR3","unstructured":"Apache Spark. (2023). What is Apache Spark? http:\/\/spark.apache.org\/"},{"key":"9670_CR4","doi-asserted-by":"crossref","unstructured":"Bertero, C., Roy, M., Sauvanaud, C., et\u00a0al. (2017). Experience report: Log mining using natural language processing and application to anomaly detection. In: Proceedings of the 28th IEEE International Symposium on Software Reliability Engineering, pp 351\u2013360.","DOI":"10.1109\/ISSRE.2017.43"},{"key":"9670_CR5","doi-asserted-by":"crossref","unstructured":"Breier, J., & Brani\u0161ov\u00e1, J. (2015). Anomaly detection from log files using data mining techniques. In: Proceedings of the 2015 Information Science and Applications, pp 449\u2013457.","DOI":"10.1007\/978-3-662-46578-3_53"},{"key":"9670_CR6","doi-asserted-by":"crossref","unstructured":"Chen, L., Dang, Q., Chen, M., et\u00a0al. (2023). BertHTLG: Graph-based microservice anomaly detection through sentence-Bert enhancement. In: Proceedings of the 2023 International Conference on Web Information Systems and Applications, pp 427\u2013439.","DOI":"10.1007\/978-981-99-6222-8_36"},{"key":"9670_CR7","unstructured":"Devlin, J., Chang, M. W., Lee, K., et\u00a0al. (2019). BERT: Pre-training of deep bidirectional transformers for language understanding. In: Proceedings of the 2019 Annual Conference of the North American Chapter of the Association for Computational Linguistics, pp 4171\u20134186."},{"key":"9670_CR8","doi-asserted-by":"crossref","unstructured":"Du, M., Li, F., Zheng, G., et\u00a0al. (2017). DeepLog: Anomaly detection and diagnosis from system logs through deep learning. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp 1285\u20131298.","DOI":"10.1145\/3133956.3134015"},{"key":"9670_CR9","doi-asserted-by":"crossref","unstructured":"Farshchi, M., Schneider, J. G., Weber, I., et\u00a0al. (2015). Experience report: Anomaly detection of cloud application operations using log and cloud metric correlation analysis. In: Proceedings of the 26th IEEE International Symposium on Software Reliability Engineering, pp 24\u201334.","DOI":"10.1109\/ISSRE.2015.7381796"},{"issue":"1","key":"9670_CR10","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10664-022-10214-6","volume":"28","author":"Y Fu","year":"2023","unstructured":"Fu, Y., Yan, M., Xu, Z., et al. (2023). An empirical study of the impact of log parsers on the performance of log-based anomaly detection. Empirical Software Engineering, 28(1), 1\u201339.","journal-title":"Empirical Software Engineering"},{"issue":"3","key":"9670_CR11","first-page":"834","volume":"37","author":"\u00c1LP G\u00f3mez","year":"2023","unstructured":"G\u00f3mez, \u00c1. L. P., Maim\u00f3, L. F., Celdr\u00e1n, A. H., et al. (2023). SUSAN: A deep learning based anomaly detection framework for sustainable industry. Sustainable Computing: Informatics and Systems, 37(3), 834\u2013842.","journal-title":"Sustainable Computing: Informatics and Systems"},{"key":"9670_CR12","unstructured":"Haoming, L., & Yuguo, L. (2020). LogSpy: System log anomaly detection for distributed systems. In: Proceedings of the 2020 International Conference on Artificial Intelligence and Computer Engineering, pp 347\u2013352."},{"key":"9670_CR13","doi-asserted-by":"crossref","unstructured":"He, P., Zhu, J., Zheng, Z., et\u00a0al. (2017). Drain: An online log parsing approach with fixed depth tree. In: Proceedings of the 2017 IEEE International Conference on Web Services, pp 33\u201340.","DOI":"10.1109\/ICWS.2017.13"},{"key":"9670_CR14","doi-asserted-by":"crossref","unstructured":"He, S., Lin, Q., Lou, J. G., et\u00a0al. (2018). Identifying impactful service system problems via log analysis. In: Proceedings of the 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp 60\u201370.","DOI":"10.1145\/3236024.3236083"},{"issue":"1","key":"9670_CR15","doi-asserted-by":"publisher","first-page":"31","DOI":"10.5267\/j.uscm.2022.12.003","volume":"11","author":"J Hidayati","year":"2023","unstructured":"Hidayati, J., Vamelia, R., Hammami, J., et al. (2023). Transparent distribution system design of halal beef supply chain. Uncertain Supply Chain Management, 11(1), 31\u201340.","journal-title":"Uncertain Supply Chain Management"},{"issue":"4","key":"9670_CR16","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3447772","volume":"54","author":"A Hogan","year":"2021","unstructured":"Hogan, A., Blomqvist, E., Cochez, M., et al. (2021). Knowledge graphs. ACM Computing Surveys, 54(4), 1\u201337.","journal-title":"ACM Computing Surveys"},{"key":"9670_CR17","doi-asserted-by":"crossref","unstructured":"Hristov, M., Nenova, M., Iliev, G., et\u00a0al. (2021). Integration of Splunk enterprise SIEM for DDoS attack detection in IoT. In: Proceedings of the 20th IEEE International Symposium on Network Computing and Applications, pp 1\u20135.","DOI":"10.1109\/NCA53618.2021.9685977"},{"issue":"9","key":"9670_CR18","doi-asserted-by":"publisher","first-page":"2656","DOI":"10.1109\/TC.2023.3257518","volume":"72","author":"S Huang","year":"2023","unstructured":"Huang, S., Liu, Y., Fung, C., et al. (2023). Improving log-based anomaly detection by pre-training hierarchical transformers. IEEE Transactions on Computers, 72(9), 2656\u20132667.","journal-title":"IEEE Transactions on Computers"},{"key":"9670_CR19","unstructured":"IBM. (2023). Ariel Query Language Guide. https:\/\/www.ibm.com\/docs\/en\/SS42VS_7.4\/pdf\/b_qradar_aql.pdf"},{"key":"9670_CR20","doi-asserted-by":"crossref","unstructured":"Le, V. H., & Zhang, H. (2022). Log-based anomaly detection with deep learning: How far are we? In: Proceedings of the 44th international conference on software engineering, pp 1356\u20131367.","DOI":"10.1145\/3510003.3510155"},{"issue":"7553","key":"9670_CR21","doi-asserted-by":"publisher","first-page":"436","DOI":"10.1038\/nature14539","volume":"521","author":"Y LeCun","year":"2015","unstructured":"LeCun, Y., Bengio, Y., & Hinton, G. (2015). Deep learning. Nature, 521(7553), 436\u2013444.","journal-title":"Nature"},{"key":"9670_CR22","unstructured":"Liang, E., Nishihara, R., Mika, S., et\u00a0al. (2023). Ray. https:\/\/github.com\/ray-project\/ray"},{"key":"9670_CR23","unstructured":"Lou, J. G., Fu, Q., Yang, S., et\u00a0al. (2010). Mining invariants from console logs for system problem detection. In: Proceedings of the 2010 USENIX Annual Technical Conference, pp 24\u201337."},{"key":"9670_CR24","doi-asserted-by":"crossref","unstructured":"Lu, S., Wei, X., Li, Y., et\u00a0al. (2018). Detecting anomaly in big data system logs using convolutional neural network. In: Proceedings of the 16th IEEE Intlernational Conference on Dependable, Autonomic and Secure Computing, pp 151\u2013158.","DOI":"10.1109\/DASC\/PiCom\/DataCom\/CyberSciTec.2018.00037"},{"issue":"2","key":"9670_CR25","first-page":"1","volume":"6","author":"X Ma","year":"2023","unstructured":"Ma, X., Keung, J., He, P., et al. (2023). A semi-supervised approach for industrial anomaly detection via self-adaptive clustering. IEEE Transactions on Industrial Informatics, 6(2), 1\u201312.","journal-title":"IEEE Transactions on Industrial Informatics"},{"key":"9670_CR26","doi-asserted-by":"crossref","unstructured":"Majeed, A., ur Rasool R, Ahmad F, et al. (2019). Near-miss situation based visual analysis of SIEM rules for real time network security monitoring. Journal of Ambient Intelligence and Humanized Computing, 10(7), 1509\u20131526.","DOI":"10.1007\/s12652-018-0936-7"},{"key":"9670_CR27","doi-asserted-by":"crossref","unstructured":"Meng, W., Liu, Y., Zhu, Y., et\u00a0al. (2019). LogAnomaly: Unsupervised detection of sequential and quantitative anomalies in unstructured logs. In: Proceedings of the 2019 International Joint Conference on Artificial Intelligence, pp 4739\u20134745.","DOI":"10.24963\/ijcai.2019\/658"},{"key":"9670_CR28","unstructured":"Moritz, P., Nishihara, R., Wang, S., et\u00a0al. (2018). Ray: A distributed framework for emerging AI applications. In: Proceedings of the 13th Operating Systems Design and Implementation, pp 561\u2013577."},{"key":"9670_CR29","doi-asserted-by":"crossref","unstructured":"Nedelkoski, S., Bogatinovski, J., Acker, A., et\u00a0al. (2020). Self-attentive classification-based anomaly detection in unstructured logs. In: Proceedings of the 2020 IEEE International Conference on Data Mining, pp 1196\u20131201.","DOI":"10.1109\/ICDM50108.2020.00148"},{"issue":"2","key":"9670_CR30","doi-asserted-by":"publisher","first-page":"1378","DOI":"10.1109\/TNSM.2023.3239522","volume":"20","author":"J Qi","year":"2023","unstructured":"Qi, J., Luan, Z., Huang, S., et al. (2023). LogEncoder: Log-based contrastive representation learning for anomaly detection. IEEE Transactions on Network and Service Management, 20(2), 1378\u20131391.","journal-title":"IEEE Transactions on Network and Service Management"},{"key":"9670_CR31","unstructured":"Splunk Enterprise. (2023). Search Tutorial-Use the search language. https:\/\/docs.splunk.com\/Documentation\/Splunk\/9.1.1\/SearchTutorial\/Usethesearchlanguage"},{"key":"9670_CR32","doi-asserted-by":"crossref","unstructured":"Tietz, V., & Annighoefer, B. (2022). A formally defined and formally provable EBNF-based constraint language for use in qualifiable software. In: Proceedings of the 25th International Conference on Model Driven Engineering Languages and Systems: Companion Proceedings, pp 862\u2013871.","DOI":"10.1145\/3550356.3561552"},{"key":"9670_CR33","doi-asserted-by":"crossref","unstructured":"Vinayakumar, R., Soman, K., & Poornachandran, P. (2017). Long short-term memory based operation log anomaly detection. In: Proceedings of the 2017 International Conference on Advances in Computing, Communications and Informatics, pp 236\u2013242.","DOI":"10.1109\/ICACCI.2017.8125846"},{"key":"9670_CR34","doi-asserted-by":"crossref","unstructured":"Xu, W., Huang, L., Fox, A., et\u00a0al. (2009). Detecting large-scale system problems by mining console logs. In: Proceedings of the 22nd ACM Symposium on Operating Systems Principles, pp 117\u2013132.","DOI":"10.1145\/1629575.1629587"},{"key":"9670_CR35","doi-asserted-by":"crossref","unstructured":"Zhang, K., Xu, J., Min, M. R., et\u00a0al. (2016). Automated it system failure prediction: A deep learning approach. In: Proceedings of the 2016 IEEE International Conference on Big Data, pp 1291\u20131300.","DOI":"10.1109\/BigData.2016.7840733"},{"key":"9670_CR36","doi-asserted-by":"crossref","unstructured":"Zhang, X., Xu, Y., Lin, Q., et\u00a0al. (2019). Robust log-based anomaly detection on unstable log data. In: Proceedings of the 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp 807\u2013817.","DOI":"10.1145\/3338906.3338931"},{"key":"9670_CR37","doi-asserted-by":"crossref","unstructured":"Zhang, Y., & Sivasubramaniam, A. (2007). Failure prediction in IBM BlueGene\/L event logs. In: Proceedings of the 7th International Conference on Data Mining, pp 583\u2013588.","DOI":"10.1109\/IPDPS.2008.4536397"}],"container-title":["Software Quality Journal"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11219-024-09670-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11219-024-09670-8\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11219-024-09670-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,6,20]],"date-time":"2024-06-20T09:19:02Z","timestamp":1718875142000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11219-024-09670-8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,5,10]]},"references-count":37,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2024,6]]}},"alternative-id":["9670"],"URL":"https:\/\/doi.org\/10.1007\/s11219-024-09670-8","relation":{},"ISSN":["0963-9314","1573-1367"],"issn-type":[{"value":"0963-9314","type":"print"},{"value":"1573-1367","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,5,10]]},"assertion":[{"value":"21 March 2024","order":1,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"10 May 2024","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"This article does not contain any studies with human participants or animals performed by any of the authors.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethics approval"}},{"value":"Not applicable","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Consent to participate"}},{"value":"The results\/data\/figures in this manuscript have not been published elsewhere, nor are they under consideration (from you or one of your contributing authors) by another publisher.","order":4,"name":"Ethics","group":{"name":"EthicsHeading","label":"Consent for publication"}},{"value":"The authors declare no competing interests.","order":5,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interest"}}]}}