Anomaly Detection in IaaS Clouds

Author

Doelitzscher, Frank ; Knahl, Martin ; Reich, Christoph ; Clarke, N.

Author_Institution

Cloud Res. Lab., Furtwangen Univ., Furtwangen, Germany

Volume

1

fYear

2013

fDate

2-5 Dec. 2013

Firstpage

387

Lastpage

394

Abstract

Security is still a major concern in Cloud computing, especially the detection of nefarious use or abuse of cloud instances. One reason for this, is the ever-growing complexity and dynamic of the underlying system design and architecture. To be able to detect misuse of cloud instances, this work presents an anomaly detection system for Infrastructure as a Service Clouds. It is based on Cloud customers´ usage behaviour analysis. Neural networks are used to analyse and learn the normal usage behaviour of Cloud customers, to then detect anomalies which could originate from a cloud security incident caused by an overtaken virtual machine. It increases transparency for Cloud customers about the security of their Cloud instances and supports the Cloud provider to detect misuse of their infrastructure. A simulation environment and an anomaly detection prototype get presented. Experiments validate the effectiveness of the proposed system.

Keywords

cloud computing; neural nets; security of data; IaaS clouds; anomaly detection; cloud computing; cloud customer usage behaviour analysis; cloud provider; cloud security incident; infrastructure as a service; nefarious use detection; neural networks; overtaken virtual machine; system architecture; system design; Biological neural networks; Cloud computing; Mathematical model; Monitoring; Security; Training; Virtual machining; Cloud Computing; Cloud Security; Machine Learning; Neural Networks;

fLanguage

English

Publisher

ieee

Conference_Titel

Cloud Computing Technology and Science (CloudCom), 2013 IEEE 5th International Conference on

Conference_Location

Bristol

Type

conf

DOI

10.1109/CloudCom.2013.57

Filename

6753822