CoLog: Unified Framework for Log Anomaly Detection
Research Paper#Anomaly Detection, Operating Systems, Transformers, Log Analysis🔬 Research|Analyzed: Jan 3, 2026 16:07•
Published: Dec 29, 2025 11:18
•1 min read
•ArXivAnalysis
This paper introduces CoLog, a novel framework for log anomaly detection in operating systems. It addresses the limitations of existing unimodal and multimodal methods by utilizing collaborative transformers and multi-head impressed attention to effectively handle interactions between different log data modalities. The framework's ability to adapt representations from various modalities through a modality adaptation layer is a key innovation, leading to improved anomaly detection capabilities, especially for both point and collective anomalies. The high performance metrics (99%+ precision, recall, and F1 score) across multiple benchmark datasets highlight the practical significance of CoLog for cybersecurity and system monitoring.
Key Takeaways
- •CoLog is a unified framework for detecting point and collective anomalies in OS logs.
- •It uses collaborative transformers and multi-head impressed attention to handle interactions between log modalities.
- •A modality adaptation layer is incorporated to adapt representations from different log modalities.
- •CoLog achieves state-of-the-art performance on benchmark datasets.
- •The implementation of CoLog is available at https://github.com/NasirzadehMoh/CoLog.
Reference / Citation
View Original"CoLog achieves a mean precision of 99.63%, a mean recall of 99.59%, and a mean F1 score of 99.61% across seven benchmark datasets."