CLOUD SECURITY ANOMALY DETECTION USING AI: A REAL TIME ANOMALY DETECTION SYSTEM FOR CLOUD WORKLOADS
Main Article Content
Abstract
Cloud computing has been integrated into the core of contemporary computing infrastructures, and it has allowed organizations to effectively support large and dynamic workloads. Nevertheless, cloud environments have become more complex and diverse, posing serious security issues. Conventional intrusion detection systems, which make use of preset rules or known attack signatures, do not reveal the unknown or developing threats. In this paper, the researcher will present Intelli Guard Cloud, an artificial intelligence-based real-time anomaly detection system to improve the security of the cloud environment. The system continuously observes the workloads in the cloud and multi-source telemetry, such as log records of the system, network traffic, API activity, and metrics of resource use. It uses a hybrid detection model based on the combination of an Autoencoder model, an Isolation Forest model and a Long Short-Term Memory (LSTM) model to identify statistical, structural, and temporal anomalies. The suggested framework is tested on simulated and real-life cloud workload data under simulated attack conditions. The experimental findings point to the fact that the system delivers better detection accuracy, lower-false positive and low-latency response in comparison with the traditional approaches. These results prove how AI-based solutions can be effective in providing adaptive and scalable anomaly detection to dynamic clouds.
Downloads
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Author(s) and co-author(s) jointly and severally represent and warrant that the Article is original with the author(s) and does not infringe any copyright or violate any other right of any third parties, and that the Article has not been published elsewhere. Author(s) agree to the terms that the IJRDO Journal will have the full right to remove the published article on any misconduct found in the published article.
References
2. S. S. Levy, M. A. Khan, and M. A. Ferrag, "Deep Learning for Cyber Security Intrusion Detection: Approaches, Datasets, and Comparison," Journal of Network and Computer Applications, vol. 206, p. 103442, 2022. [Online].
3. M. Ahmed, A. N. Mahmood, and J. Hu, "A Survey of Network Anomaly Detection Techniques," IEEE Transactions on Network and Service Management, DOI: 10.1109/TNSM.2024.11011269, 2024.
4. P. Garcia-Teodoro, J. Diaz-Verdejo, G. Macia-Fernandez, and E. Vazquez, "Anomaly-based Network Intrusion Detection: Techniques, Systems and Challenges," Journal of Cluster Computing, vol. 27, pp. 1-25, 2023. [Online].
5. S. K. Sahoo, P. K. Das, and S. K. Rath, "AI-Based Anomaly Detection for Cloud Security Using Machine Learning Techniques," Journal of Computer Technology & Applications, vol. 9, no. 1, pp. 45-58, 2024. [Online].
6. M. A. Ferrag, L. Maglaras, S. Moschoyiannis, and H. Janicke, "Deep Learning for Cyber Security Intrusion Detection: Approaches, Datasets, and Comparative Study," Journal of Cloud Computing, vol. 12, p. 91, 2023. [Online].
7. M. Ahmed, A. N. Mahmood, and J. Hu, "Real-time Anomaly Detection System (RADS) for Cloud Data Centres," arXiv:1811.04481, 2018.
8. J. S. Baek, K. H. Kwak, B. G. Lee, and S. H. Kim, "CloudShield: Real-time Anomaly Detection in the Cloud," NSF Public Access Repository, DOI: 10.1109/Cloud.2024.00000, 2024. [Online].