On Machine Learning DoS Attack Identification from Cloud Computing Telemetry
This addresses DoS attack detection for cloud services, but it appears incremental as it applies existing ML methods to a new data source.
The paper tackled the problem of detecting Denial of Service (DoS) attacks in cloud computing by using telemetry data instead of traditional network packet analysis, and preliminary results showed accurate identification with k-Nearest Neighbors and decision tree algorithms.
The detection of Denial of Service (DoS) attacks remains a challenge for the cloud environment, affecting a massive number of services and applications hosted by such virtualized infrastructures. Typically, in the literature, the detection of DoS attacks is performed solely by analyzing the traffic of packets in the network. This work advocates for the use of telemetry from the cloud to detect DoS attacks using Machine Learning algorithms. Our hypothesis is based on richness of such native data collection services, with metrics from both physical and virtual hosts. Our preliminary results demonstrate that DoS can be identified accurately with k-Nearest Neighbors (kNN) and decision tree (CART).