Sistem Çağrısı Verilerinde Derin Öğrenme Mimarileri Kullanılarak Anomali Tespitinin Değerlendirilmesi: Performans ve Enerji Verimliliği

Year 2025, Volume: 29 Issue: 2, 388 - 396, 25.08.2025

İbrahim Şanlialp , Mehmet Yıldız

https://doi.org/10.19113/sdufenbed.1655066

Abstract

Sistem çağrıları, işletim sistemi ile yazılım arasındaki etkileşimleri temsil eden kritik bir veri kaynağı görevi görmektedir. Bir veri kaynağındaki olağan dışı kalıpların belirlenmesi, sistem performansını iyileştirmek açısından önemli olan anomali tespiti olarak adlandırılmaktadır. Özellikle, derin öğrenme tabanlı yaklaşımlar sistem çağrılarında anomali tespitinin doğruluğunu artırırken, kullanılan derin öğrenme modellerinin enerji verimliliği göz ardı edilemez bir değerlendirme ölçütü olarak öne çıkmaktadır.

Bu çalışmada, üç derin öğrenme modelinin (Tekrarlayan Sinir Ağı (RNN), Kapılı Tekrarlayan Birim (GRU) ve Uzun Kısa Süreli Bellek (LSTM)) sistem çağrısı verilerinde anomali tespiti için performansı ve enerji verimliliği karşılaştırılmıştır. Her model, Asgari-Azami Normalleştirmesi (Min-Max Normalization) ile ölçeklendirilmiş verilerle eğitilmiştir. Model performansı, Determinasyon Katsayısı (R²), Ortalama Kare Hatası (MSE) ve Ortalama Mutlak Hata (MAE) değerlendirme metrikleri kullanılarak ölçülmüştür. Enerji tüketimi tahmini ise Intel Power Gadget (IPG) ile gerçekleştirilmiştir.

Bu karşılaştırmalı analiz, test edilen mimarilerin göreceli etkinliği hakkında ampirik içgörüler sunmaktadır. Bulgular, LSTM'nin anomali tespiti açısından daha iyi bir performans sergilediğini, ancak enerji verimliliği açısından RNN’nin daha avantajlı olduğunu göstermektedir.

Keywords

Sistem çağrısı , Anomali tespiti , Enerji verimliliği , Derin öğrenme

Evaluation of Anomaly Detection in System Call Data Using Deep Learning Architectures: Performance and Energy Efficiency

Abstract

Abstract: System calls serve as a critical data source that represents the interactions between the operating system and software. The identification of unusual patterns within a data source is referred to as anomaly detection, which is essential for improving system performance. Particularly, deep learning-based approaches enhance the accuracy of anomaly detection in system calls, while the energy efficiency of the employed deep learning models emerges as a crucial evaluation criterion that cannot be overlooked.

In this study, the performance and energy efficiency of three deep learning models—Recurrent Neural Network (RNN), Gated Recurrent Unit (GRU), and Long Short-Term Memory (LSTM)—were compared for anomaly detection in system call data. Each model was trained using data scaled with Min-Max Normalization. Model performance was measured using the evaluation metrics Coefficient of Determination (R²), Mean Squared Error (MSE), and Mean Absolute Error (MAE). Energy consumption estimation was conducted using Intel Power Gadget (IPG).

This comparative analysis provides empirical insights into the relative effectiveness of the tested architectures. The findings show that LSTM achieves better performance in anomaly detection, while RNN is more advantageous in terms of energy efficiency.

Keywords

System call , Anomaly detection , Energy efficiency , Deep learning

References

• [1] Fan, L., Wang, H., Zhao, Y., Xin, K. 2025. Application of Deep Learning in Public Network Security Management. Journal of Computer, Signal, and System Research, 2(1), 1-8.
• [2] Nguyen, H. D., Tran, K. P., Thomassey, S., Hamad, M. 2021. Forecasting and Anomaly Detection approaches using LSTM and LSTM Autoencoder techniques with the applications in supply chain management. International Journal of Information Management, 57, 102282.
• [3] Tan, K., Zhan, D., Yu, Z., Ye, L., Zhang, H., Fang, B. 2024. Multi-Stage Defense: Enhancing Robustness in Sequence-Based Log Anomaly Detection. In ICC 2024-IEEE International Conference on Communications, 09-13 June, Denver, USA, 2725-2730.
• [4] Tian, M., Verma, S., Gao, Y. 2025. Enhancing 3D seismic facies interpretation through a modified patched deep learning approach leveraging spatio-temporal dependencies. Computational Geosciences, 29(1), 8.
• [5] Rodrigues, C. F., Riley, G., & Luján, M. 2018. SyNERGY: An energy measurement and prediction framework for Convolutional Neural Networks on Jetson TX1. In Proceedings of the international conference on parallel and distributed processing techniques and applications (PDPTA) (pp. 375-382). The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (WorldComp). 30 July-2 August, Las Vegas, USA, 375-382.
• [6] Desislavov, R., Martínez-Plumed, F., & Hernández-Orallo, J. 2023. Trends in AI inference energy consumption: Beyond the performance-vs-parameter laws of deep learning. Sustainable Computing: Informatics and Systems, 38, 100857.
• [7] Akkuzukaya, G., Yıldız, M. 2023. Time Series Anomaly Detection Embedded Systems By Using LSTM. International Journal of Multidisciplinary Studies and Innovative Technologies, 7(2), 90-96.
• [8] Switrayana, I. N., Hammad, R., Irfan, P., Sujaka, T. T., Nasri, M. H. 2025. Comparative Analysis of Stock Price Prediction Using Deep Learning with Data Scaling Method. JTIM: Jurnal Teknologi Informasi dan Multimedia, 7(1), 78-90.
• [9] Rodriguez, C., Degioanni, L., Kameni, L., Vidal, R., Neglia, G. 2024. Evaluating the energy consumption of machine learning: Systematic literature review and experiments. arXiv preprint arXiv:2408.15128.
• [10] Fahad, M., Shahid, A., Manumachu, R. R., Lastovetsky, A. 2019. A comparative study of methods for measurement of energy of computing. Energies, 12(11), 2204.
• [11] Intel® Power Gadget, 2023. https://archive.org/details/intel-power-gadget-windows (Erişim Tarihi: 21.01.2025).
• [12] Duan, G., Fu, Y., Cai, M., Chen, H., & Sun, J. (2023). DongTing: a large-scale dataset for anomaly detection of the Linux kernel. Journal of Systems and Software, 203, 111745.
• [13] Zhang, T., Dipanzan, S. I., Tahmooresnejad, L., Ezzati-Jivan, N. 2024. Assessing Predictive Models for Energy Consumption Across Varied Software Environments. In 2024 IEEE International Conference on Big Data (BigData), 15-18 December, Washington, 5233-5242.
• [14] Asghar, R., Fulginei, F. R., Quercio, M., Mahrouch, A. 2024. Artificial neural networks for photovoltaic power forecasting: a review of five promising models. IEEE Access.
• [15] O. Ezeme, Q. Mahmoud, A. Azim, and M. Lescisin. Syscall veri seti: Sistem Çağrıları kullanarak bağlam modelleme ve anomali tespiti için bir veri seti. Mendeley Data, V2, 2019. https://data.mendeley.com/datasets/vfvw7g8s8h/2 (Erişim Tarihi: 01.01.2025).
• [16] Memory, L. S. T. 1997. Sepp hochreiter and jürgen schmidhuber. Neural Computation, 9(8), 1735.
• [17] Aggarwal, S. 2023. LSTM based Anomaly Detection in Time Series for United States exports and imports. Munich Personal RePEc Archive ( MPRA), 117149.
• [18] Puteri, D. I. 2023. Implementasi Long Short Term Memory (LSTM) dan Bidirectional Long Short Term Memory (BiLSTM) Dalam Prediksi Harga Saham Syariah. Euler J. Ilm. Mat. Sains dan Teknol, 11(1), 35-43.
• [19] Golshanrad, P., Faghih, F. 2024. DeepCover: Advancing RNN test coverage and online error prediction using state machine extraction. Journal of Systems and Software, 211, 111987.
• [20] Siami-Namini, S., Tavakoli, N., Namin, A. S. (2019, December). The performance of LSTM and BiLSTM in forecasting time series. In 2019 IEEE International conference on big data (Big Data), 09-12 December, Los Angeles, USA, 3285-3292.
• [21] Cho, K., Van Merriënboer, B., Gulcehre, C., Bahdanau, D., Bougares, F., Schwenk, H., Bengio, Y. 2014. Learning phrase representations using RNN encoder-decoder for statistical machine translation. arXiv preprint arXiv:1406.1078.
• [22] Mateus, B. C., Mendes, M., Farinha, J. T., Assis, R., Cardoso, A. M. 2021. Comparing LSTM and GRU models to predict the condition of a pulp paper press. Energies, 14(21), 6958.
• [23] Microsoft, 2025. https://www.microsoft.com/tr-tr/software-download/windows10 (Erişim Tarihi: 01.06.2025).
• [24] Aswal, V. S., Singh, B. K., Maheshwari, R. 2025. Machine learning-based model for prediction of concrete strength. Multiscale and Multidisciplinary Modeling, Experiments and Design, 8(1), 48.
• [25] Suresh, B. S., Suresh, M. 2024. AI Based Retail Sales Management: Leveraging Optimized Metaheuristic Algorithms for Forecasting and Recommendations. In 2024 Second International Conference on Networks, Multimedia and Information Technology (NMITCON), 09-10 August, Bengaluru, India, 1-5.
• [26] Adeogun, O. Y., Adeoti, L., Allo, O. 2024. Machine Learning Approach in Predicting Water Saturation Using Well Data at “Tm” Niger Delta. Available at SSRN 4927838.
• [27] Smejkal, T., Hähnel, M., Ilsche, T., Roitzsch, M., Nagel, W. E., Härtig, H. 2017. Practical Energy Accounting for {Multi-Core} Systems. In 2017 USENIX Annual Technical Conference (USENIX ATC 17), 12–14 July, Santa Clara, USA, 589-601.
• [28] Buestán-Andrade, P. A., Peñacoba-Yagüe, M., Sierra-García, J. E., Santos, M. 2024. Wind power forecasting with machine learning algorithms in low-cost devices. Electronics, 13(8), 1541.
• [29] PranavRaj, R., Syam, S. R. 2024. Identification Of Malware Families Using Energy Consumption. In 2024 15th International Conference on Computing Communication and Networking Technologies (ICCCNT), 24-28 June, Kamand, India, 1-6.
• [30] Tekin, N., Acar, A., Aris, A., Uluagac, A. S., & Gungor, V. C. 2023. Energy consumption of on-device machine learning models for IoT intrusion detection. Internet of Things, 21, 100670.