1 research outputs found
RADS: Real-time Anomaly Detection System for Cloud Data Centres
Cybersecurity attacks in Cloud data centres are increasing alongside the
growth of the Cloud services market. Existing research proposes a number of
anomaly detection systems for detecting such attacks. However, these systems
encounter a number of challenges, specifically due to the unknown behaviour of
the attacks and the occurrence of genuine Cloud workload spikes, which must be
distinguished from attacks. In this paper, we discuss these challenges and
investigate the issues with the existing Cloud anomaly detection approaches.
Then, we propose a Real-time Anomaly Detection System (RADS) for Cloud data
centres, which uses a one class classification algorithm and a window-based
time series analysis to address the challenges. Specifically, RADS can detect
VM-level anomalies occurring due to DDoS and cryptomining attacks. We evaluate
the performance of RADS by running lab-based experiments and by using
real-world Cloud workload traces. Evaluation results demonstrate that RADS can
achieve 90-95% accuracy with a low false positive rate of 0-3%. The results
further reveal that RADS experiences fewer false positives when using its
window-based time series analysis in comparison to using state-of-the-art
average or entropy based analysis.Comment: 14 page