The detection of Denial of Service (DoS) attacks remains a challenge for the cloud environment, affecting a massive number of services and applications hosted by such virtualized infrastructures. Typically, in the literature, the detection of DoS attacks is performed solely by analyzing the traffic of packets in the network. This work advocates for the use of telemetry from the cloud to detect DoS attacks using Machine Learning algorithms. Our hypothesis is based on richness of such native data collection services, with metrics from both physical and virtual hosts. Our preliminary results demonstrate that DoS can be identified accurately with k-Nearest Neighbors (kNN) and decision tree (CART).
@article{arxiv.1904.06211,
title = {On Machine Learning DoS Attack Identification from Cloud Computing Telemetry},
author = {João Henrique Corrêa and Patrick Marques Ciarelli and Moises R. N. Ribeiro and Rodolfo da Silva Villaca},
journal= {arXiv preprint arXiv:1904.06211},
year = {2019}
}
Comments
Abstract submit for LANCOMM 2019 (http://sbrc2019.sbc.org.br/en/lancomm-student-workshop-2019/)