Similar articles

Abstract: The advancement of the fifth generation (5G) mobile communication and Internet of Things (IoT) has facilitated the development of intelligent applications, but has also rendered these networks increasingly complex and vulnerable to various targeted attacks. Numerous anomaly detection (AD) models, particularly those using deep learning technologies, have been proposed to monitor and identify network anomalous events. However, the implementation of these models poses challenges for network operators due to lacking expert knowledge of these black-box systems. In this study, we present a comprehensive review of current AD models and methods in the field of communication networks. We categorize these models into four methodological groups based on their underlying principles and structures, with particular emphasis on the role of recent promising large language models (LLMs) in the field of AD. Additionally, we provide a detailed discussion of the models in the following four application areas: network traffic monitoring, networking system log analysis, cloud and edge service provisioning, and IoT security. Based on these application requirements, we examine the current challenges and offer insights into future research directions, including robustness, explainability, and the integration of LLMs for AD.

智能运维（AIOps）中时间异构数据深度异常检测方法综述

[1]Aboubacar A, El Machkouri M, 2020. Recursive kernel density estimation for time series. IEEE Trans Inform Theory, 66(10):6378-6388.

[2]Abrams L, 2020. CenturyLink routing issue led to outages on Hulu, Steam, Discord, more. https://www.bleepingcomputer.com/news/technology/centurylink-routing-issue-led-to-outages-on-hulu-steam-discord-more [Accessed on Apr. 1, 2024].

[3]Ahmed CM, Palleti VR, Mathur AP, 2017. WADI: a water distribution testbed for research in the design of secure cyber physical systems. Proc 3^rd Int Workshop on Cyber-Physical Systems for Smart Water Networks, p.25-28.

[4]Ahmed M, Mahmood AN, Hu JK, 2016. A survey of network anomaly detection techniques. J Netw Comput Appl, 60:19-31.

[5]Aldribi A, Traore I, Moa B, 2018. Data sources and datasets for cloud intrusion detection modeling and evaluation. In: Mishra BSP, Das H, Dehuri S, et al. (Eds.), Cloud Computing for Optimization: Foundations, Applications, and Challenges. Springer, Cham, p.333-366.

[6]Al-Hawawreh M, Sitnikova E, Aboutorab N, 2022. X-IIoTID: a connectivity-agnostic and device-agnostic intrusion data set for Industrial Internet of Things. IEEE Int Things J, 9(5):3962-3977.

[7]Alsaedi A, Moustafa N, Tari Z, et al., 2020. TON_IoT telemetry dataset: a new generation dataset of IoT and IIoT for data-driven intrusion detection systems. IEEE Access, 8:165130-165150.

[8]Amer M, Goldstein M, Abdennadher S, 2013. Enhancing one-class support vector machines for unsupervised anomaly detection. Proc ACM SIGKDD Workshop on Outlier Detection and Description, p.8-15.

[9]Aminikhanghahi S, Cook DJ, 2017. A survey of methods for time series change point detection. Knowl Inform Syst, 51(2):339-367.

[10]Andresini G, Appice A, Malerba D, 2021. Autoencoder-based deep metric learning for network intrusion detection. Inform Sci, 569:706-727.

[11]Ao SI, Fayek H, 2023. Continual deep learning for time series modeling. Sensors, 23(16):7167.

[12]Audibert J, Michiardi P, Guyard F, et al., 2020. USAD: unsupervised anomaly detection on multivariate time series. Proc 26^th ACM SIGKDD Int Conf on Knowledge Discovery & Data Mining, p.3395-3404.

[13]Bai JZ, Bai S, Chu YF, et al., 2023. QWEN technical report.

[14]Balasubramanian P, Seby J, Kostakos P, 2023. Transformer-based LLMs in cybersecurity: an in-depth study on log anomaly detection and conversational defense mechanisms. IEEE Int Conf on Big Data, p.3590-3599.

[15]Bansod SD, Nandedkar AV, 2020. Crowd anomaly detection and localization using histogram of magnitude and momentum. Vis Comput, 36(3):609-620.

[16]Basati A, Faghih MM, 2023. APAE: an IoT intrusion detection system using asymmetric parallel auto-encoder. Neur Comput Appl, 35(7):4813-4833.

[17]Bochner S, Chandrasekharan K, 1949. Fourier Transforms. Princeton University Press, Princeton, USA.

[18]Bowman B, Laprade C, Ji YD, et al., 2020. Detecting lateral movement in enterprise computer networks with unsupervised graph AI. 23^rd Int Symp on Research in Attacks, Intrusions and Defenses, p.257-268.

[19]Brown TB, Mann B, Ryder N, et al., 2020. Language models are few-shot learners. Proc 34^th Int Conf on Neural Information Processing Systems, p.1877-1901.

[20]Chand N, Mishra P, Krishna CR, et al., 2016. A comparative analysis of SVM and its stacking with other classification algorithm for intrusion detection. Int Conf on Advances in Computing, Communication, & Automation, p.1-6.

[21]Chandola V, Banerjee A, Kumar V, 2009. Anomaly detection: a survey. ACM Comput Surv, 41(3):15.

[22]Chang C, Peng WC, Chen TF, 2024. LLM4TS: two-stage fine-tuning for time-series forecasting with pre-trained LLMs.

[23]Chen M, Zheng AX, Lloyd J, et al., 2004. Failure diagnosis using decision trees. Int Conf on Autonomic Computing, p.36-43.

[24]Chen ZH, Zheng LN, Lu C, et al., 2023. ChatGPT informed graph neural network for stock movement prediction. https://arxiv.org/abs/2306.03763

[25]Chen ZM, Yeo CK, Lee BS, et al., 2018. Autoencoder-based network anomaly detection. Wireless Telecommunications Symp, p.1-5.

[26]Choi K, Yi JH, Park C, et al., 2021. Deep learning for anomaly detection in time-series data: review, analysis, and guidelines. IEEE Access, 9:120043-120065.

[27]Chouhan N, Khan A, Khan HUR, 2019. Network anomaly detection using channel boosted and residual learning based deep convolutional neural network. Appl Soft Comput, 83:105612.

[28]Cook AA, Mook AA G, Fan Z, 2020. Anomaly detection for IoT time-series data: a survey. IEEE Int Things J, 7(7):6481-6494.

[29]Cup K, 2007. KDD Cup 1999 Data. https://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html [Accessed on Apr. 1, 2024].

[30]Dai L, Chen WC, Liu YW, et al., 2022. Switching Gaussian mixture variational RNN for anomaly detection of diverse CDN websites. IEEE Conf on Computer Communications, p.300-309.

[31]Dang WX, Zhou BY, Wei LW, et al., 2021. TS-Bert: time series anomaly detection via pre-training model Bert. 21^st Int Conf on Computational Science, p.209-223.

[32]Dang YN, Lin QW, Huang P, 2019. AIOps: real-world challenges and research innovations. IEEE/ACM 41^st Int Conf on Software Engineering: Companion Proceedings, p.4-5.

[33]Darban ZZ, Yang YY, Webb GI, et al., 2024. DACAD: domain adaptation contrastive learning for anomaly detection in multivariate time series.

[34]DataSetsAI, 2020. Water Pumps. https://datasets.ai/datasets/water-pumps [Accessed on Aug. 17, 2025].

[35]Dhadhania A, Bhatia J, Mehta R, et al., 2024. Unleashing the power of SDN and GNN for network anomaly detection: state-of-the-art, challenges, and future directions. Secur Priv, 7(1):e337.

[36]Diaf A, Korba AA, Karabadji NE, et al., 2024. Beyond detection: leveraging large language models for cyber attack prediction in IoT networks. 20^th Int Conf on Distributed Computing in Smart Systems and the Internet of Things, p.117-123.

[37]Du M, Li FF, Zheng GN, et al., 2017. DeepLog: anomaly detection and diagnosis from system logs through deep learning. Proc ACM SIGSAC Conf on Computer and Communications Security, p.1285-1298.

[38]Du ZX, Qian YJ, Liu X, et al., 2022. GLM: general language model pretraining with autoregressive blank infilling.

[39]Duan XY, Fu Y, Wang K, 2023. Network traffic anomaly detection method based on multi-scale residual classifier. Comput Commun, 198:206-216.

[40]Egersdoerfer C, Zhang D, Dai D, 2023. Early exploration of using ChatGPT for log-based anomaly detection on parallel file systems logs. Proc 32^nd Int Symp on High-Performance Parallel and Distributed Computing, p.315-316.

[41]Ekambaram V, Jati A, Dayama P, et al., 2024. Tiny time mixers (TTMs): fast pre-trained models for enhanced zero/few-shot forecasting of multivariate time series.

[42]Esling P, Agon C, 2012. Time-series data mining. ACM Comput Surv, 45(1):12.

[43]Fang YQ, Yap PT, Lin WL, et al., 2024. Source-free unsupervised domain adaptation: a survey. Neur Netw, 174:106230.

[44]Farrukh YA, Wali S, Khan I, et al., 2024. XG-NID: dual-modality network intrusion detection using a heterogeneous graph neural network and large language model.

[45]Feng C, Tian PW, 2021. Time series anomaly detection for cyber-physical systems via neural system identification and Bayesian filtering. Proc 27^th ACM SIGKDD Conf on Knowledge Discovery & Data Mining, p.2858-2867.

[46]Ferrag MA, Friha O, Hamouda D, et al., 2022. Edge-IIoTset: a new comprehensive realistic cyber security dataset of IoT and IIoT applications for centralized and federated learning. IEEE Access, 10:40281-40306.

[47]Gao S, Huang YF, Zhang S, et al., 2020. Short-term runoff prediction with GRU and LSTM networks without requiring time step optimization during sample generation. J Hydrol, 589:125188.

[48]Gao SH, Koker T, Queen O, et al., 2024. UniTS: a unified multi-task time series model.

[49]Georgiou T, Liu Y, Chen W, et al., 2020. A survey of traditional and deep learning-based feature descriptors for high dimensional data in computer vision. Int J Multimed Inform Retr, 9(3):135-170.

[50]Girish L, Rao SKN, 2023. Anomaly detection in cloud environment using artificial intelligence techniques. Computing, 105(3):675-688.

[51]Griffiths TL, Callaway F, Chang MB, et al., 2019. Doing more with less: meta-reasoning and meta-learning in humans and machines. Curr Opin Behav Sci, 29:24-30.

[52]Gruver N, Finzi M, Qiu SK, et al., 2024. Large language models are zero-shot time series forecasters. Proc 37^th Int Conf on Neural Information Processing Systems, p.19622-19635. https://dl.acm.org/doi/10.5555/3666122.3666983

[53]Guigou F, Collet P, Parrend P, 2019. SCHEDA: lightweight Euclidean-like heuristics for anomaly detection in periodic time series. Appl Soft Comput, 82:105594.

[54]Gupta V, Narwariya J, Malhotra P, et al., 2021. Continual learning for multivariate time series tasks with variable input dimensions. IEEE Int Conf on Data Mining, p.161-170.

[55]Halbouni A, Gunawan TS, Habaebi MH, et al., 2022. CNN-LSTM: hybrid deep neural network for network intrusion detection system. IEEE Access, 10:99837-99849.

[56]Han DQ, Wang ZL, Chen WQ, et al., 2021. DeepAID: interpreting and improving deep learning-based anomaly detection in security applications. Proc ACM SIGSAC Conf on Computer and Communications Security, p.3197-3217.

[57]Hawkins DM, 1980. Identification of Outliers. Springer, Dordrecht, Netherlands.

[58]He Q, Zheng YJ, Zhang CL, et al., 2020. MTAD-TF: multivariate time series anomaly detection using the combination of temporal pattern and feature pattern. Complexity, 2020:8846608.

[59]Heinle A, 2022. The Canada wide Rogers outage on July 8, 2022: what exactly happened & how can it be prevented? https://www.coguard.io/post/canada-rogers-outage-root-cause-analysis [Accessed on Apr. 15, 2024].

[60]Hnamte V, Hussain J, 2023. DCNNBiLSTM: an efficient hybrid deep learning-based intrusion detection system. Telemat Inform Rep, 10:100053.

[61]Houssel PR, Singh P, Layeghy S, et al., 2024. Towards explainable network intrusion detection using large language models.

[62]Huang JJ, Kurniawan E, Sun SM, 2022. Cellular KPI anomaly detection with GAN and time series decomposition. IEEE Int Conf on Communications, p.4074-4079.

[63]Hundman K, Constantinou V, Laporte C, et al., 2018. Detecting spacecraft anomalies using LSTMS and nonparametric dynamic thresholding. Proc 24^th ACM SIGKDD Int Conf on Knowledge Discovery & Data Mining, p.387-395.

[64]Hwang RH, Peng MC, Huang CW, et al., 2020. An unsupervised deep learning model for early network traffic anomaly detection. IEEE Access, 8:30387-30399.

[65]IMT-2030 (6G) Promotion Group, 2021. White Paper on 6G Vision and Candidate Technologies. Technical Report.

[66]Jiang AQ, Sablayrolles A, Mensch A, et al., 2023. Mistral 7B.

[67]Jiang J, Liu FG, Ng WWY, et al., 2023. AERF: adaptive ensemble random fuzzy algorithm for anomaly detection in cloud computing. Comput Commun, 200:86-94.

[68]Jin M, Koh HY, Wen QS, et al., 2024a. A survey on graph neural networks for time series: forecasting, classification, imputation, and anomaly detection.

[69]Jin M, Wang SY, Ma LT, et al., 2024b. Time-LLM: time series forecasting by reprogramming large language models.

[70]Khalaf OI, Ogudo KA, Sangeetha SKB, 2022. Design of graph-based layered learning-driven model for anomaly detection in distributed cloud IoT network. Mob Inform Syst, 2022:6750757.

[71]Khan MA, 2021. HCRNNIDS: hybrid convolutional recurrent neural network-based network intrusion detection system. Processes, 9(5):834.

[72]Khatibzadeh L, Bornaee Z, Bafghi AG, 2019. Applying catastrophe theory for network anomaly detection in cloud computing traffic. Secur Commun Netw, 2019:5306395.

[73]Koroniotis N, Moustafa N, Sitnikova E, et al., 2019. Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: BoT-IoT dataset. Future Gener Comput Syst, 100:779-796.

[74]Kourtis MA, Xilouris G, Gardikis G, et al., 2016. Statistical-based anomaly detection for NFV services. IEEE Conf on Network Function Virtualization and Software Defined Networks, p.161-166.

[75]KYODO NEWS, 2022. KDDI network outage affects record 30.91 million users. https://english.kyodonews.net/news/2022/07/57bbb532c4d7-kddi-network-outage-affects-record-3091-million-users.html [Accessed on Apr. 15, 2024].

[76]Lalotra GS, Kumar V, Bhatt A, et al., 2022. iReTADS: an intelligent real-time anomaly detection system for cloud communications using temporal data summarization and neural network. Secur Commun Netw, 2022:9149164.

[77]Le XH, Ho HV, Lee G, et al., 2019. Application of long short-term memory (LSTM) neural network for flood forecasting. Water, 11(7):1387.

[78]Lee MC, Lin JC, Gran EG, 2020. RePAD: real-time proactive anomaly detection for time series. Proc 34^th Int Conf on Advanced Information Networking and Applications, p.1291-1302.

[79]Li D, Chen DC, Goh J, et al., 2019a. Anomaly detection with generative adversarial networks for multivariate time series.

[80]Li D, Chen DC, Jin BH, et al., 2019b. MAD-GAN: multivariate anomaly detection for time series data with generative adversarial networks. 28^th Int Conf on Artificial Neural Networks, p.703-716.

[81]Li G, Jung JJ, 2023. Deep learning for anomaly detection in multivariate time series: approaches, applications, and challenges. Inform Fus, 91:93-102.

[82]Li RY, Li Q, Zhang Y, et al., 2024. Interpreting unsupervised anomaly detection in security via rule extraction. Proc 37^th Int Conf on Neural Information Processing Systems, p.62224-62243.

[83]Liang Y, Zhang Y, Sivasubramaniam A, et al., 2005. Filtering failure logs for a BlueGene/L prototype. Int Conf on Dependable Systems and Networks, p.476-485.

[84]Liang YL, Zhang YY, Xiong H, et al., 2007. Failure prediction in IBM BlueGene/L event logs. 7^th IEEE Int Conf on Data Mining, p.583-588.

[85]Lim W, Yong KSC, Lau BT, et al., 2024. Future of generative adversarial networks (GAN) for anomaly detection in network security: a review. Comput Secur, 139:103733.

[86]Lin QW, Zhang HY, Lou JG, et al., 2016. Log clustering based problem identification for online service systems. Proc 38^th Int Conf on Software Engineering Companion, p.102-111.

[87]Lin Z, Qu GQ, Chen QY, et al., 2024. Pushing large language models to the 6G edge: vision, challenges, and opportunities.

[88]Liu C, Antypenko R, Sushko I, et al., 2022. Intrusion detection system after data augmentation schemes based on the VAE and CVAE. IEEE Trans Reliab, 71(2):1000-1010.

[89]Liu FT, Ting KM, Zhou ZH, 2008. Isolation forest. 8^th IEEE Int Conf on Data Mining, p.413-422.

[90]Liu YL, Tao SM, Meng WB, et al., 2024. LogPrompt: prompt engineering towards zero-shot and interpretable log analysis. 46^th IEEE/ACM Int Conf on Software Engineering, p.364-365.

[91]Lu HM, Wang T, Xu X, et al., 2022. Cognitive memory-guided autoencoder for effective intrusion detection in Internet of Things. IEEE Trans Industr Inform, 18(5):3358-3366.

[92]Lüdtke O, Robitzsch A, West SG, 2020. Regression models involving nonlinear effects with missing data: a sequential modeling approach using Bayesian estimation. Psychol Methods, 25(2):157-181.

[93]Lüer F, Bohm C, 2024. Anomaly detection using generative adversarial networks reviewing methodological progress and challenges. ACM SIGKDD Explor Newsl, 25(2):29-41.

[94]Lunardi WT, Lopez MA, Giacalone JP, 2023. ARCADE: adversarially regularized convolutional autoencoder for network anomaly detection. IEEE Trans Netw Serv Manage, 20(2):1305-1318.

[95]Luo H, Zhong SS, 2017. Gas turbine engine gas path anomaly detection using deep learning with Gaussian distribution. Prognostics and System Health Management Conf, p.1-6.

[96]Mascaro S, Nicholso AE, Korb KB, 2014. Anomaly detection in vessel tracks using Bayesian networks. Int J Approx Reason, 55(1):84-98.

[97]Mathur AP, Tippenhauer NO, 2016. SWaT: a water treatment testbed for research and training on ICS security. Int Workshop on Cyber-Physical Systems for Smart Water Networks, p.31-36.

[98]Meidan Y, Bohadana M, Mathov Y, et al., 2018. N-BaIoT—network-based detection of IoT botnet attacks using deep autoencoders. IEEE Pervasive Comput, 17(3):12-22.

[99]Meng WB, Liu Y, Zhu YC, et al., 2019. LogAnomaly: unsupervised detection of sequential and quantitative anomalies in unstructured logs. Proc 28^th Int Joint Conf on Artificial Intelligence, p.4739-4745.

[100]Mirsky Y, Doitshman T, Elovici Y, et al., 2018. Kitsune: an ensemble of autoencoders for online network intrusion detection.

[101]Montgomery B, 2024. Large-scale cellular phone outage hits AT&T customers across US. https://www.theguardian.com/technology/2024/feb/22/phone-outage-us [Accessed on Apr. 15, 2025].

[102]Moustafa N, Slay J, 2015. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). Military Communications and Information Systems Conf, p.1-6.

[103]Nawaz A, Khan SS, Ahmad A, 2024. Ensemble of autoencoders for anomaly detection in biomedical data: a narrative review. IEEE Access, 12:17273-17289.

[104]Neto ECP, Dadkhah S, Ferreira R, et al., 2023. CICIoT2023: a real-time dataset and benchmark for large-scale attacks in IoT environment. Sensors, 23(13):5941.

[105]Ngo MV, Luo T, Chaouchi H, et al., 2020. Contextual-bandit anomaly detection for IoT data in distributed hierarchical edge computing. IEEE 40^th Int Conf on Distributed Computing Systems, p.1227-1230.

[106]Ngo MV, Luo T, Quek TQS, 2021. Adaptive anomaly detection for Internet of Things in hierarchical edge computing: a contextual-bandit approach. ACM Trans Int Things, 3(1):4.

[107]Nguyen TA, He JY, Le LT, et al., 2023. Federated PCA on Grassmann manifold for anomaly detection in IoT networks. IEEE Conf on Computer Communications, p.1-10.

[108]Oliner A, Stearley J, 2007. What supercomputers say: a study of five system logs. 37^th Annual IEEE/IFIP Int Conf on Dependable Systems and Networks, p.575-584.

[109]OpenAI, 2024. GPT-4 technical report.

[110]Ozyurt Y, Feuerriegel S, Zhang C, 2023. Contrastive learning for unsupervised domain adaptation of time series.

[111]Pajouh HH, Dastghaibyfard G, Hashemi S, 2017. Two-tier network anomaly detection model: a machine learning approach. J Intell Inform Syst, 48(1):61-74.

[112]Parameswarappa P, Shah T, Lanke GR, 2023. A machine learning-based approach for anomaly detection for secure cloud computing environments. Int Conf on Intelligent Data Communication Technologies and Internet of Things, p.931-940.

[113]Peng YH, Tan AP, Wu JJ, et al., 2019. Hierarchical edge computing: a novel multi-source multi-dimensional data anomaly detection scheme for Industrial Internet of Things. IEEE Access, 7:111257-111270.

[114]Popoola SI, Ande R, Adebisi B, et al., 2022. Federated deep learning for zero-day botnet attack detection in IoT-edge devices. IEEE Int Things J, 9(5):3930-3944.

[115]Ratsch G, Mika S, Scholkopf B, et al., 2002. Constructing boosting algorithms from SVMs: an application to one-class classification. IEEE Trans Patt Anal Mach Intell, 24(9):1184-1199.

[116]Ren HS, Xu BX, Wang YJ, et al., 2019. Time-series anomaly detection service at Microsoft. Proc 25^th ACM SIGKDD Int Conf on Knowledge Discovery & Data Mining, p.3009-3017.

[117]Ren KY, Yuan S, Zhang C, et al., 2023. CANET: a hierarchical CNN-attention model for network intrusion detection. Comput Commun, 205:170-181.

[118]Ren PZ, Xiao Y, Chang XJ, et al., 2021. A survey of deep active learning. ACM Comput Surv, 54(9):180.

[119]Reynolds D. 2009. Gaussian mixture models. In: Li SZ, Jain A (Eds.), Encyclopedia of Biometrics. Springer, Boston, MA.

[120]Rokach L, Maimon O. 2005. Clustering methods. In: Maimon O, Rokach L (Eds.), Data Mining and Knowledge Discovery Handbook. Springer, Boston, MA.

[121]Schneible J, Lu A, 2017. Anomaly detection on the edge. IEEE Military Communications Conf, p.678-682.

[122]Segerholm L, 2023. Unsupervised Online Anomaly Detection in Multivariate Time-Series. https://stsprogrammet.se/wp-content/uploads/2023/02/2312_Ludvig_Segerholm.pdf [Accessed on Apr. 1, 2024].

[123]Shan SW, Huo YT, Su YX, et al., 2024. Face it yourselves: an LLM-based two-stage strategy to localize configuration errors via logs. Proc 33^rd ACM SIGSOFT Int Symp on Software Testing and Analysis, p.13-25.

[124]Sharafaldin I, Lashkari AH, Ghorbani AA, 2018. Toward generating a new intrusion detection dataset and intrusion traffic characterization. Proc 4^th Int Conf on Information Systems Security and Privacy, p.108-116.

[125]Sharafaldin I, Lashkari AH, Hakak S, et al., 2019. Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy. Int Carnahan Conf on Security Technology, p.1-8.

[126]Shi WB, Cao J, Zhang Q, et al., 2016. Edge computing: vision and challenges. IEEE Int Things J, 3(5):637-646.

[127]Shi YJ, Ying XH, Yang JF, 2022. Deep unsupervised domain adaptation with time series sensor data: a survey. Sensors, 22(15):5507.

[128]Smith D, Guan Q, Fu S, 2010. An anomaly detection framework for autonomic management of compute cloud systems. IEEE 34^th Annual Computer Software and Applications Conf Workshops, p.376-381.

[129]Song J, Takakura H, Okabe Y, et al., 2013. Toward a more practical unsupervised anomaly detection system. Inform Sci, 231:4-14.

[130]Song YJ, Xin RY, Chen P, et al., 2023. Identifying performance anomalies in fluctuating cloud environments: a robust correlative-GNN-based explainable approach. Future Gener Comput Syst, 145:77-86.

[131]Srivastava S, Singh SP, 2016. A survey on latency reduction approaches for performance optimization in cloud computing. 2^nd Int Conf on Computational Intelligence & Communication Technology, p.111-115.

[132]Su J, Jiang CF, Jin X, et al., 2024. Large language models for forecasting and anomaly detection: a systematic literature review.

[133]Tavallaee M, Bagheri E, Lu W, et al., 2009. A detailed analysis of the KDD CUP 99 data set. IEEE Symp on Computational Intelligence for Security and Defense Applications, p.1-6.

[134]Touvron H, Lavril T, Izacard G, et al., 2023a. LLaMA: open and efficient foundation language models.

[135]Touvron H, Martin L, Stone K, et al., 2023b. LLaMA 2: open foundation and fine-tuned chat models.

[136]Tuli S, Casale G, Jennings NR, 2022. TranAD: deep transformer networks for anomaly detection in multivariate time series data.

[137]Tzeng E, Hoffman J, Zhang N, et al., 2014. Deep domain confusion: maximizing for domain invariance.

[138]Venkateswara H, Eusebio J, Chakraborty S, et al., 2017. Deep hashing network for unsupervised domain adaptation. Proc IEEE Conf on Computer Vision and Pattern Recognition, p.5385-5394.

[139]Vu L, Cao VL, Nguyen QU, et al., 2022. Learning latent representation for IoT anomaly detection. IEEE Trans Cybern, 52(5):3769-3782.

[140]Wang L, Yoon KJ, 2022. Knowledge distillation and student-teacher learning for visual intelligence: a review and new outlooks. IEEE Trans Patt Anal Mach Intell, 44(6):3048-3068.

[141]Wang N, Chen YM, Hu Y, et al., 2022. FeCo: boosting intrusion detection capability in IoT networks via contrastive learning. IEEE Conf on Computer Communications, p.1409-1418.

[142]Wang W, Zhu M, Zeng XW, et al., 2017. Malware traffic classification using convolutional neural network for representation learning. Int Conf on Information Networking, p.712-717.

[143]Wang YX, Yan J, Ye XY, et al., 2022. Few-shot transfer learning with attention mechanism for high-voltage circuit breaker fault diagnosis. IEEE Trans Ind Appl, 58(3):3353-3360.

[144]Webb BK, Purohit S, Meyur R, 2024. Cyber knowledge completion using large language models.

[145]Wu TT, Luo LH, Li YF, et al., 2024. Continual learning for large language models: a survey.

[146]Xia X, Pan XZ, Li N, et al., 2022. GAN-based anomaly detection: a review. Neurocomputing, 493:497-535.

[147]Xu HW, Chen WX, Zhao NW, et al., 2018. Unsupervised anomaly detection via variational auto-encoder for seasonal KPIs in web applications. Proc World Wide Web Conf, p.187-196.

[148]Xu W, Huang L, Fox A, et al., 2009. Detecting large-scale system problems by mining console logs. Proc ACM SIGOPS 22nd Symp on Operating Systems Principles, p.117-132.

[149]Xue H, Salim FD, 2024. PromptCast: a new prompt-based learning paradigm for time series forecasting. IEEE Trans Knowl Data Eng, 36(11):6851-6864.

[150]Yang L, Chen JJ, Wang Z, et al., 2021. Semi-supervised log-based anomaly detection via probabilistic label estimation. IEEE/ACM 43rd Int Conf on Software Engineering, p.1448-1460.

[151]Yang YC, Lee K, Dariush B, et al., 2024. Follow the rules: reasoning for video anomaly detection with large language models.

[152]Yu XY, Li T, Hu AQ, 2020. Time-series network anomaly detection based on behaviour characteristics. IEEE 6^th Int Conf on Computer and Communications, p.568-572.

[153]Zanella L, Menapace W, Mancini M, et al., 2024. Harnessing large language models for training-free video anomaly detection. Proc IEEE/CVF Conf on Computer Vision and Pattern Recognition, p.18527-18536.

[154]Zeng AH, Liu X, Du ZX, et al., 2023. GLM-130B: an open bilingual pre-trained model.

[155]Zhang JQ, Wang ZZ, Meng JJ, et al., 2019. Boosting positive and unlabeled learning for anomaly detection with multi-features. IEEE Trans Multimedia, 21(5):1332-1344.

[156]Zhang P, Niu K, Tian H, et al., 2019. Technology prospect of 6G mobile communications. J Commun, 40(1):141-148 (in Chinese).

[157]Zhang SL, Zhao CY, Sui YC, et al., 2021. Robust KPI anomaly detection for large-scale software services with partial labels. IEEE 32^nd Int Symp on Software Reliability Engineering, p.103-114.

[158]Zhang X, Lin QW, Xu Y, et al., 2019a. Cross-dataset time series anomaly detection for cloud systems. Proc USENIX Annual Technical Conf, p.1063-1076.

[159]Zhang X, Xu Y, Lin QW, et al., 2019b. Robust log-based anomaly detection on unstable log data. Proc 27^th ACM Joint Meeting on European Software Engineering Conf and Symp on the Foundations of Software Engineering, p.807-817.

[160]Zhong ZY, Fan QL, Zhang JC, et al., 2023. A survey of time series anomaly detection methods in the AIOps domain.

[161]Zhu B, Li J, Gu RB, et al., 2020. An approach to cloud platform log anomaly detection based on natural language processing and LSTM. Proc 3^rd Int Conf on Algorithms, Computing and Artificial Intelligence, Article 88.

[162]Zhuang FZ, Qi ZY, Duan KY, et al., 2021. A comprehensive survey on transfer learning. Proc IEEE, 109(1):43-76.