Anomaly detection in the cloud using data density

Shirazi, Syed Noor Ul Hassan and Simpson, Steven and Gouglidis, Antonios and Mauthe, Andreas Ulrich and Hutchison, David (2016) Anomaly detection in the cloud using data density. In: Cloud Computing (CLOUD), 2016 IEEE 9th International Conference on :. Cloud Computing (CLOUD), 2016 IEEE 9th International Conference on . IEEE, USA, pp. 616-623. ISBN 9781509026203

[thumbnail of AD3-paper]
Preview
PDF (AD3-paper)
rde_paper.pdf - Accepted Version
Available under License Creative Commons Attribution-NonCommercial.

Download (460kB)

Abstract

Cloud computing is now extremely popular because of its use of elastic resources to provide optimized, cost-effective and on-demand services. However, clouds may be subject to challenges arising from cyber attacks including DoS and malware, as well as from sheer complexity problems that manifest themselves as anomalies. Anomaly detection techniques are used increasingly to improve the resilience of cloud environments and indirectly reduce the cost of recovery from outages. Most anomaly detection techniques are computation ally expensive in a cloud context, and often require problem-specific parameters to be predefined in advance, impairing their use in real-time detection. Aiming to overcome these problems, we propose a technique for anomaly detection based on data density. The density is computed recursively, so the technique is memory-less and unsupervised, and therefore suitable for real-time cloud environments. We demonstrate the efficacy of the proposed technique using an emulated dataset from a testbed, under various attack types and intensities, and in the face of VM migration. The obtained results, which include precision, recall, accuracy, F-score and G-score, show that network level attacks are detectable with high accuracy.

Item Type:
Contribution in Book/Report/Proceedings
Additional Information:
©2016 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
ID Code:
79222
Deposited By:
Deposited On:
26 Apr 2016 08:24
Refereed?:
Yes
Published?:
Published
Last Modified:
18 Mar 2024 00:11