Anomaly Detection In IaaS Clouds
Security is still a major concern in Cloud computing,Doelitzscher F, Knahl MH, Reich C, Clarke NL
especially the detection of nefarious use or abuse of cloud
instances. One reason for this, is the ever-growing complexity
and dynamic of the underlying system design and architecture.
To be able to detect misuse of cloud instances, this work presents
an anomaly detection system for Infrastructure as a Service
Clouds. It is based on Cloud customers’ usage behaviour analysis.
Neural networks are used to analyse and learn the normal
usage behaviour of Cloud customers, to then detect anomalies
which could originate from a cloud security incident caused
by an overtaken virtual machine. It increases transparency for
Cloud customers about the security of their Cloud instances and
supports the Cloud provider to detect misuse of their infrastructure.
A simulation environment and an anomaly detection
prototype get presented. Experiments validate the effectiveness
of the proposed system.