DP-FlogTinyLLM: Differentially private federated log anomaly detection using Tiny LLMs
Isaiah Thompson, Tanmay Sen, Ritwik Bhattacharya
TL;DR
DP-FLogTinyLLM introduces a federated, privacy-preserving approach for log anomaly detection using Tiny LLMs, enabling collaborative learning across organizations without sharing raw data.
Contribution
It presents a novel federated framework with differential privacy and efficient fine-tuning for log anomaly detection using parameter-efficient Tiny LLMs.
Findings
Matches centralized LLM performance on Thunderbird and BGL datasets.
Achieves higher precision and F1-score than federated baselines.
Effective in detecting anomalies with minimal false positives.
Abstract
Modern distributed systems generate massive volumes of log data that are critical for detecting anomalies and cyber threats. However, in real world settings, these logs are often distributed across multiple organizations and cannot be centralized due to privacy and security constraints. Existing log anomaly detection methods, including recent large language model (LLM) based approaches, largely rely on centralized training and are not suitable for such environments. In this paper, we propose DP-FLogTinyLLM, a privacy preserving federated framework for log anomaly detection using parameter efficient LLMs. Our approach enables collaborative learning without sharing raw log data by integrating federated optimization with differential privacy. To ensure scalability in resource constrained environments, we employ low rank adaptation (LoRA) for efficient fine tuning of Tiny LLMs at each…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.