公开(公告)号：US20170235626A1

公开(公告)日：2017-08-17

申请号：US15351449

申请日：2016-11-15

Applicant: NEC Laboratories America, Inc.

Inventor： Kai Zhang ,  Jianwu Xu ,  Hui Zhang ,  Guofei Jiang

IPC: G06F11/07 ,  G06N7/00 ,  G06N5/04

CPC classification number: G06F11/0775 ,  G06F11/0709 ,  G06F11/0751 ,  G06F11/079 ,  G06F11/3452 ,  G06F2201/83 ,  G06F2201/86 ,  G06N5/04 ,  G06N7/00

Abstract: An exemplary method for detecting one or more anomalies in a system includes building a temporal causality graph describing functional relationship among local components in normal period; applying the causality graph as a propagation template to predict a system status by iteratively applying current system event signatures; and detecting the one or more anomalies of the system by examining related patterns on the template causality graph that specifies normal system behaviors. The system can aligning event patterns on the causality graph to determine an anomaly score.

公开(公告)号：US20170132523A1

公开(公告)日：2017-05-11

申请号：US15340255

申请日：2016-11-01

Applicant: NEC Laboratories America, Inc.

Inventor： Hui Zhang ,  Haifeng Chen ,  Jianwu Xu ,  Kenji Yoshihira ,  Guofei Jiang

IPC: G06N5/04 ,  G06N99/00

CPC classification number: G06N5/047 ,  G06N20/00

Abstract: Systems and methods are disclosed for detecting periodic event behaviors from machine generated logging by: capturing heterogeneous log messages, each log message including a time stamp and text content with one or more fields; recognizing log formats from log messages; transforming the text content into a set of time series data, one time series for each log format; during a training phase, analyzing the set of time series data and building a category model for each periodic event type in heterogeneous logs; and during live operation, applying the category model to a stream of time series data from live heterogeneous log messages and generating a flag on a time series data point violating the category model and generating an alarm report for the corresponding log message.

公开(公告)号：US20170132278A1

公开(公告)日：2017-05-11

申请号：US15340341

申请日：2016-11-01

Applicant: NEC Laboratories America, Inc.

Inventor： Junghwan Rhee ,  Jianwu Xu ,  Hui Zhang ,  Guofei Jiang

IPC: G06F17/30

CPC classification number: G06F16/2425 ,  G06F16/116 ,  G06F16/2455

Abstract: Systems and methods are disclosed for analyzing logs generated by a machine by analyzing a log and identifying one or more abstract landmark delimiters (ALDs) representing delimiters for log tokenization; from the log and ALDs, tokenizing the log and generating an increasingly tokenized format by separating the patterns with the ALD to form an intermediate tokenized log; iteratively repeating the tokenizing of the logs until a last intermediate tokenized log is processed as a final tokenized log; and applying the tokenized logs in applications.

公开(公告)号：US20160086097A1

公开(公告)日：2016-03-24

申请号：US14846093

申请日：2015-09-04

Applicant: NEC Laboratories America, Inc.

Inventor： Hui Zhang ,  Jianwu Xu ,  Guofei Jiang ,  Kenji Yoshihira ,  Pallavi Joshi

IPC: G06N99/00 ,  G06N5/04

CPC classification number: G06N99/005

Abstract: A method and system are provided. The method includes performing, by a logs-to-time-series converter, a logs-to-time-series conversion by transforming a plurality of heterogeneous logs into a set of time series. Each of the heterogeneous logs includes a time stamp and text portion with one or more fields. The method further includes performing, by a time-series-to-sequential-pattern converter, a time-series-to-sequential-pattern conversion by mining invariant relationships between the set of time series, and discovering sequential message patterns and association rules in the plurality of heterogeneous logs using the invariant relationships. The method also includes executing, by a processor, a set of log management applications, based on the sequential message patterns and the association rules.

Abstract translation: 提供了一种方法和系统。 该方法包括：通过日志到时间序列转换器，通过将多个异构日志转换为一组时间序列来进行日志到时间序列转换。 每个异类日志包括具有一个或多个字段的时间戳和文本部分。 该方法还包括通过时间序列到顺序模式转换器，通过在时间序列集合之间挖掘不变关系，并且发现顺序消息模式和关联规则来执行时间序列到顺序模式转换 使用不变关系的多个异类日志。 该方法还包括基于顺序消息模式和关联规则由处理器执行一组日志管理应用程序。

公开(公告)号：US11756349B2

公开(公告)日：2023-09-12

申请号：US17015239

申请日：2020-09-09

Applicant: NEC Laboratories America, Inc.

Inventor： Jianwu Xu ,  Haifeng Chen

IPC: G07C5/08 ,  B60W50/02 ,  G01R31/317 ,  G06N3/082 ,  B60W50/06 ,  B60W60/00 ,  B60R16/023 ,  G06N3/088 ,  G06V20/20 ,  G06V20/56 ,  G06F18/214 ,  G06N3/044 ,  G06N3/045 ,  G06V10/764 ,  G06V10/82 ,  G05D1/00

CPC classification number: G07C5/0808 ,  B60R16/0231 ,  B60W50/0205 ,  B60W50/06 ,  B60W60/001 ,  B60W60/0027 ,  G01R31/3172 ,  G01R31/31707 ,  G06F18/2148 ,  G06N3/044 ,  G06N3/045 ,  G06N3/082 ,  G06N3/088 ,  G06V10/764 ,  G06V10/82 ,  G06V20/20 ,  G06V20/56 ,  G06V20/588 ,  G05D1/0088 ,  G05D2201/0213

Abstract: A computer-implemented method for implementing electronic control unit (ECU) testing optimization includes capturing, within a neural network model, input-output relationships of a plurality of ECUs operatively coupled to a controller area network (CAN) bus within a CAN bus framework, including generating the neural network model by pruning a fully-connected neural network model based on comparisons of maximum values of neuron weights to a threshold, reducing signal connections of a plurality of collected input signals and a plurality of collected output signals based on connection weight importance, ranking importance of the plurality of collected input signals based on the neural network model, generating, based on the ranking, a test case execution sequence for testing a system including the plurality of ECUs to identify flaws in the system, and initiating the test case execution sequence for testing the system.

公开(公告)号：US11520981B2

公开(公告)日：2022-12-06

申请号：US16787774

申请日：2020-02-11

Applicant: NEC Laboratories America, Inc.

Inventor： Jianwu Xu ,  Haifeng Chen ,  Bin Nie

IPC: G06F11/27 ,  G06F40/20 ,  G06N3/04 ,  G06N3/063

Abstract: A method detects anomalies in a system having sensors for collecting multivariate sensor data including discrete event sequences. The method determines, using a NMT model, pairwise relationships among the sensors based on the data. The method forms sequences of characters into sentences on a per sensor basis, by treating each discrete variable in the sequences as a character in natural language. The method translates, using the NMT, the sentences of source sensors to sentences of target sensors to obtain a translation score that quantifies a pairwise relationship strength therebetween. The method aggregates the pairwise relationships into a multivariate relationship graph having nodes representing sensors and edges denoted by the translation score for a sensor pair connected thereto to represent the pairwise relationship strength therebetween. The method performs a corrective action to correct an anomaly responsive to a detection of the anomaly relating to the sensor pair.

公开(公告)号：US11249887B2

公开(公告)日：2022-02-15

申请号：US16998224

申请日：2020-08-20

Applicant: NEC Laboratories America, Inc.

Inventor： Jianwu Xu ,  Haifeng Chen ,  Yuchen Bian

IPC: G06F9/44 ,  G06F11/36 ,  G06N20/00

Abstract: Systems and methods for automated software test design and implementation. The system and method being able to establish an initial pool of test cases for testing computer code; apply the initial pool of test cases to the computer code in a testing environment to generate test results; preprocess the test results into a predetermined format; extract metadata from the test results; generate a training sequence; calculate a reward value for the pool of test cases; input the training sequence and reward value into a reinforcement learning agent; utilizing the value output from the reinforcement learning agent to produce a ranking list; prioritizing the initial pool of test cases and one or more new test cases based on the ranking list; and applying the prioritized initial pool of test cases and one or more new test cases to the computer code in a testing environment to generate test results.

公开(公告)号：US11132248B2

公开(公告)日：2021-09-28

申请号：US16673144

申请日：2019-11-04

Applicant: NEC Laboratories America, Inc.

Inventor： Jianwu Xu ,  Haifeng Chen

IPC: G06F11/07 ,  G06K9/62

Abstract: A method for implementing automated information technology (IT) system failure recommendation and mitigation includes performing log pattern learning to automatically generate sparse time series for each log pattern for a set of classification logs corresponding to a failure, performing multivariate log time series extraction based on the log pattern learning to generate a failure signature for the set of classification logs, including representing the sparse time series as a run-length encoded sequence for efficient storage and computation, calculating a similarity distance between the failure signature for the set of classification logs and each failure signature from a failure signature model file, determining a failure label for the failure corresponding to a most similar known failure based on the similarity distance, and initiating failure mitigation based on the failure label.

公开(公告)号：US10990616B2

公开(公告)日：2021-04-27

申请号：US15351452

申请日：2016-11-15

Applicant: NEC Laboratories America, Inc.

Inventor： Biplob Debnath ,  Jianwu Xu ,  Hui Zhang ,  Guofei Jiang ,  Hossein Hamooni

IPC: G06F11/34 ,  G06F16/31 ,  G06F17/40 ,  G06K9/46

Abstract: Systems and methods are disclosed for parsing logs from arbitrary or unknown systems or applications by capturing heterogeneous logs from the arbitrary or unknown systems or applications; generating one pattern for every unique log message; building a pattern hierarchy tree by grouping patterns based on similarity metrics, and for every group it generates one pattern by combing all constituting patterns of that group; and selecting a set of patterns from the pattern hierarchy tree.

公开(公告)号：US10929763B2

公开(公告)日：2021-02-23

申请号：US15684293

申请日：2017-08-23

Applicant: NEC Laboratories America, Inc.

Inventor： Jianwu Xu ,  Biplob Debnath ,  Bo Zong ,  Hui Zhang ,  Guofei Jiang ,  Hancheng Ge

IPC: G06N5/04 ,  G06F17/16 ,  G06N7/00 ,  G06F40/00 ,  G06F40/16 ,  G06F40/284

Abstract: A heterogeneous log pattern editing recommendation system and computer-implemented method are provided. The system has a processor configured to identify, from heterogeneous logs, patterns including variable fields and constant fields. The processor is also configured to extract a category feature, a cardinality feature, and a before-after n-gram feature by tokenizing the variable fields in the identified patterns. The processor is additionally configured to generate target similarity scores between target fields to be potentially edited and other fields from among the variable fields in the heterogeneous logs using pattern editing operations based on the extracted category feature, the extracted cardinality feature, and the extracted before-after n-gram feature. The processor is further configured to recommend, to a user, log pattern edits for at least one of the target fields based on the target similarity scores between the target fields in the heterogeneous logs.