Enhancing Cloud Security through Topic Modelling
This work addresses security threats for cloud application developers and operators, but it is incremental as it applies existing NLP methods to a specific domain.
This research tackled the problem of securing cloud applications, particularly CI/CD pipelines, by applying topic modelling (LDA and PLSA) to analyze security-related text data like logs and reports, resulting in the identification of patterns such as phishing and encryption failures to support early vulnerability recognition.
Protecting cloud applications is critical in an era where security threats are increasingly sophisticated and persistent. Continuous Integration and Continuous Deployment (CI/CD) pipelines are particularly vulnerable, making innovative security approaches essential. This research explores the application of Natural Language Processing (NLP) techniques, specifically Topic Modelling, to analyse security-related text data and anticipate potential threats. We focus on Latent Dirichlet Allocation (LDA) and Probabilistic Latent Semantic Analysis (PLSA) to extract meaningful patterns from data sources, including logs, reports, and deployment traces. Using the Gensim framework in Python, these methods categorise log entries into security-relevant topics (e.g., phishing, encryption failures). The identified topics are leveraged to highlight patterns indicative of security issues across CI/CD's continuous stages (build, test, deploy). This approach introduces a semantic layer that supports early vulnerability recognition and contextual understanding of runtime behaviours.