Abstract
PaaS delivery model let cloud customers share cloud provider resources through their cloud applications. This structure requires a strong security mechanism that isolates customer applications to prevent interference. For concurrent configurations of common providers, cloud applications are mostly deployed as server side web applications that share a common thread pool. In this paper, a malicious thread behavior detection framework that utilizes machine learning algorithms is proposed to classify whether the cloud platform executes a malicious flow in the currently active thread. The framework uses CPU metrics of worker threads and N-Gram frequencies of basic, privacy-friendly user operations as its features during machine learning phase. The proof of concept results are evaluated on a real-life cloud application scenario using Random Forest, Adaboost and Bagging ensemble learning algorithms. The scenario results indicate that the malicious request detection accuracy of the proposed framework is up to 87.6%. It is foreseen that better feature selection and targeted classifiers may end up with better ratios.
Original language | English |
---|---|
Title of host publication | Cloud Computing and Services Science - 8th International Conference, CLOSER 2018, Revised Selected Papers |
Editors | Víctor Méndez Muñoz, Donald Ferguson, Markus Helfert, Claus Pahl |
Publisher | Springer Verlag |
Pages | 215-232 |
Number of pages | 18 |
ISBN (Print) | 9783030291921 |
DOIs | |
Publication status | Published - 2019 |
Event | 8th International Conference on Cloud Computing and Services Science, CLOSER 2018 - Funchal, Portugal Duration: 19 Mar 2018 → 21 Mar 2018 |
Publication series
Name | Communications in Computer and Information Science |
---|---|
Volume | 1073 |
ISSN (Print) | 1865-0929 |
ISSN (Electronic) | 1865-0937 |
Conference
Conference | 8th International Conference on Cloud Computing and Services Science, CLOSER 2018 |
---|---|
Country/Territory | Portugal |
City | Funchal |
Period | 19/03/18 → 21/03/18 |
Bibliographical note
Publisher Copyright:© 2019, Springer Nature Switzerland AG.
Keywords
- Cloud security
- Machine learning
- Malicious behavior
- PaaS