Machine Learning for Anomaly Detection and Categorization in Multi-cloud Environments
Tara Salman, Deval Bhamare, Aiman Erbad, Raj Jain, and Mohammed Samaka

TL;DR
This paper explores machine learning methods for both detecting and categorizing network anomalies in multi-cloud environments, achieving high accuracy and emphasizing the importance of attack differentiation for effective cybersecurity.
Contribution
It introduces a dual approach using supervised learning for anomaly detection and attack categorization in multi-cloud settings, highlighting the challenges and effectiveness of these techniques.
Findings
Detection accuracy exceeds 99%
Categorization accuracy reaches 93.6%
Some attacks remain difficult to categorize
Abstract
Recently, advances in machine learning techniques have attracted the attention of the research community to build intrusion detection systems (IDS) that can detect anomalies in the network traffic. Most of the research works, however, do not differentiate among different types of attacks. This is, in fact, necessary for appropriate countermeasures and defense against attacks. In this paper, we investigate both detecting and categorizing anomalies rather than just detecting, which is a common trend in the contemporary research works. We have used a popular publicly available dataset to build and test learning models for both detection and categorization of different attacks. To be precise, we have used two supervised machine learning techniques, namely linear regression (LR) and random forest (RF). We show that even if detection is perfect, categorization can be less accurate due to…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
