# Machine Learning for Anomaly Detection and Categorization in Multi-cloud   Environments

**Authors:** Tara Salman, Deval Bhamare, Aiman Erbad, Raj Jain, and Mohammed Samaka

arXiv: 1812.05443 · 2018-12-14

## TL;DR

This paper explores machine learning methods for both detecting and categorizing network anomalies in multi-cloud environments, achieving high accuracy and emphasizing the importance of attack differentiation for effective cybersecurity.

## Contribution

It introduces a dual approach using supervised learning for anomaly detection and attack categorization in multi-cloud settings, highlighting the challenges and effectiveness of these techniques.

## Key findings

- Detection accuracy exceeds 99%
- Categorization accuracy reaches 93.6%
- Some attacks remain difficult to categorize

## Abstract

Recently, advances in machine learning techniques have attracted the attention of the research community to build intrusion detection systems (IDS) that can detect anomalies in the network traffic. Most of the research works, however, do not differentiate among different types of attacks. This is, in fact, necessary for appropriate countermeasures and defense against attacks. In this paper, we investigate both detecting and categorizing anomalies rather than just detecting, which is a common trend in the contemporary research works. We have used a popular publicly available dataset to build and test learning models for both detection and categorization of different attacks. To be precise, we have used two supervised machine learning techniques, namely linear regression (LR) and random forest (RF). We show that even if detection is perfect, categorization can be less accurate due to similarities between attacks. Our results demonstrate more than 99% detection accuracy and categorization accuracy of 93.6%, with the inability to categorize some attacks. Further, we argue that such categorization can be applied to multi-cloud environments using the same machine learning techniques.

---
Source: https://tomesphere.com/paper/1812.05443