On Machine Learning DoS Attack Identification from Cloud Computing Telemetry
Jo\~ao Henrique Corr\^ea, Patrick Marques Ciarelli, Moises R. N., Ribeiro, Rodolfo da Silva Villaca
TL;DR
This paper proposes using cloud telemetry data, including metrics from physical and virtual hosts, combined with machine learning algorithms like kNN and decision trees, to improve the detection of DoS attacks in cloud environments.
Contribution
It introduces a novel approach leveraging cloud telemetry data for DoS detection, expanding beyond traditional network traffic analysis.
Findings
DoS attacks can be accurately identified using kNN and decision trees.
Telemetry data from cloud infrastructure enhances detection capabilities.
Preliminary results show promising detection accuracy.
Abstract
The detection of Denial of Service (DoS) attacks remains a challenge for the cloud environment, affecting a massive number of services and applications hosted by such virtualized infrastructures. Typically, in the literature, the detection of DoS attacks is performed solely by analyzing the traffic of packets in the network. This work advocates for the use of telemetry from the cloud to detect DoS attacks using Machine Learning algorithms. Our hypothesis is based on richness of such native data collection services, with metrics from both physical and virtual hosts. Our preliminary results demonstrate that DoS can be identified accurately with k-Nearest Neighbors (kNN) and decision tree (CART).
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection · Internet Traffic Analysis and Secure E-voting · Anomaly Detection Techniques and Applications