A two-stage virtual machine abnormal behavior-based anomaly detection mechanism

Virtual machine abnormal behavior detection is an effective way to help cloud platform administrators monitor the running status of cloud platform to improve the reliability of cloud platform, which has become one of the research hotspots in the field of cloud computing. Aiming at the problems of high computational complexity and high false alarm rate in the existing virtual machine anomaly monitoring mechanism of cloud platform, this paper proposed a two-stage virtual machine abnormal behavior-based detection mechanism. Firstly, a workload-based incremental clustering algorithm is used to monitor and analyze both the virtual machine workload information and performance index information. Then, an online anomaly detection mechanism based on the incremental local outlier factor algorithm is designed to enhance detection efficiency. By applying this two-phase detection mechanism, it can significantly reduce the computational complexity and meet the needs of real-time performance. The experimental results are verified on the mainstream Openstack cloud platform.

[1]  Johan Karlsson,et al.  Fault injection-based assessment of aspect-oriented implementation of fault tolerance , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN).

[2]  Manoj Kumar,et al.  Unsupervised outlier detection technique for intrusion detection in cloud computing , 2014, International Conference for Convergence for Technology-2014.

[3]  Johan Karlsson,et al.  Aspect-Oriented Implementation of Fault Tolerance: An Assessment of Overhead , 2010, SAFECOMP.

[4]  Salim Hariri,et al.  Autonomic Resource Management for Power, Performance, and Security in Cloud Environment , 2019, 2019 IEEE/ACS 16th International Conference on Computer Systems and Applications (AICCSA).

[5]  Salim Hariri,et al.  Enhanced Grey Risk Assessment Model for Support of Cloud Service Provider , 2020, IEEE Access.

[6]  Xia Pei,et al.  Construction of Hidden Fault Channel Cloud Test Platform Based on Deep Learning , 2020, 2020 12th International Conference on Measuring Technology and Mechatronics Automation (ICMTMA).

[7]  Jian Zhang,et al.  A Survey on Security of Cloud Environment: Threats, Solutions, and Innovation , 2018, 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC).

[8]  B. Santhosh Kumar,et al.  A survey on anomaly based intrusion detection system , 2021 .

[9]  Nicole Adler,et al.  Improving discrimination in data envelopment analysis: PCA-DEA or variable reduction , 2010, Eur. J. Oper. Res..

[10]  Chunyong Yin,et al.  Parallel implementing improved k-means applied for image retrieval and anomaly detection , 2017, Multimedia Tools and Applications.

[11]  Riddhi Doshi,et al.  A Review Paper on Security Concerns in Cloud Computing and Proposed Security Models , 2020, 2020 International Conference on Emerging Trends in Information Technology and Engineering (ic-ETITE).

[12]  Hans-Peter Kriegel,et al.  LOF: identifying density-based local outliers , 2000, SIGMOD 2000.

[13]  Cheng-Chung Chen,et al.  A terms mining and clustering technique for surveying network and content analysis of academic groups exploration , 2017, Cluster Computing.

[14]  Rahul Kumar,et al.  Deep Reinforcement Learning based Intrusion Detection System for Cloud Infrastructure , 2020, 2020 International Conference on COMmunication Systems & NETworkS (COMSNETS).

[15]  Kanishka Bhaduri,et al.  Detecting Abnormal Machine Characteristics in Cloud Infrastructures , 2011, 2011 IEEE 11th International Conference on Data Mining Workshops.

[16]  Bin Gu,et al.  Incremental Support Vector Learning for Ordinal Regression , 2015, IEEE Transactions on Neural Networks and Learning Systems.

[17]  Vanish Talwar,et al.  Online detection of utility cloud anomalies using metric distributions , 2010, 2010 IEEE Network Operations and Management Symposium - NOMS 2010.

[18]  Xing Chen,et al.  Self-adaptive resource allocation for cloud-based software services based on progressive QoS prediction model , 2019, Science China Information Sciences.

[19]  Guangxia Xu,et al.  Cross-domain sentiment aware word embeddings for review sentiment analysis , 2020, International Journal of Machine Learning and Cybernetics.

[20]  Xiao Zhang,et al.  PerfInsight: A Robust Clustering-Based Abnormal Behavior Detection System for Large-Scale Cloud , 2018, 2018 IEEE 11th International Conference on Cloud Computing (CLOUD).

[21]  Giuliano Casale,et al.  Artificial neural networks based techniques for anomaly detection in Apache Spark , 2019, Cluster Computing.

[22]  Salim Hariri,et al.  Context aware intrusion detection for building automation systems , 2019, Comput. Secur..

[23]  Rami Bahsoon,et al.  Self-Adaptive and Online QoS Modeling for Cloud-Based Software Services , 2017, IEEE Transactions on Software Engineering.

[24]  Xiaohui Gu,et al.  ELT: Efficient Log-based Troubleshooting System for Cloud Computing Infrastructures , 2011, 2011 IEEE 30th International Symposium on Reliable Distributed Systems.

[25]  Shuyu Chen,et al.  An Anomaly Detection Algorithm of Cloud Platform Based on Self-Organizing Maps , 2016 .

[26]  Jin Tang,et al.  Abnormal Gait Behavior Detection for Elderly Based on Enhanced Wigner-Ville Analysis and Cloud Incremental SVM Learning , 2016, J. Sensors.

[27]  Zhao Zhang,et al.  CNN-based encoder-decoder networks for salient object detection: A comprehensive review and recent advances , 2021, Inf. Sci..

[28]  Christof Fetzer,et al.  VScaler: Autonomic Virtual Machine Scaling , 2013, 2013 IEEE Sixth International Conference on Cloud Computing.

[29]  Ravi Sandhu,et al.  Recurrent Neural Networks Based Online Behavioural Malware Detection Techniques for Cloud Infrastructure , 2021, IEEE Access.

[30]  Slawomir Koziel,et al.  Low‐cost data‐driven modelling of microwave components using domain confinement and PCA‐based dimensionality reduction , 2020, IET Microwaves, Antennas & Propagation.

[31]  David Hutchison,et al.  Hybrid self-organizing feature map (SOM) for anomaly detection in cloud infrastructures using granular clustering based upon value-difference metrics , 2019, Inf. Sci..

[32]  S. Rinaldi,et al.  Performance evaluation of full-cloud and edge-cloud architectures for Industrial IoT anomaly detection based on deep learning , 2019, 2019 II Workshop on Metrology for Industry 4.0 and IoT (MetroInd4.0&IoT).

[33]  Yong Wang,et al.  A Low Cost and Easy Implement Highway Accident Detection Model Based on Big Data , 2019, 2019 IEEE International Conferences on Ubiquitous Computing & Communications (IUCC) and Data Science and Computational Intelligence (DSCI) and Smart Computing, Networking and Services (SmartCNS).

[34]  Bo Li,et al.  Time and Frequency Localized Pulse Shape for Resolution Enhancement in STFT-BOTDR , 2016, J. Sensors.

[35]  Donghua Zhou,et al.  Remaining useful life prediction for multi-component systems with hidden dependencies , 2018, Science China Information Sciences.

[36]  Ali Akoglu,et al.  A Value-Oriented Job Scheduling Approach for Power-Constrained and Oversubscribed HPC Systems , 2020, IEEE Transactions on Parallel and Distributed Systems.

[37]  Guangxia Xu,et al.  A Novel Configuration Tuning Method Based on Feature Selection for Hadoop MapReduce , 2020, IEEE Access.

[38]  Guangxia Xu,et al.  An Anomaly Detector Deployment Awareness Detection Framework Based on Multi-Dimensional Resources Balancing in Cloud Platform , 2018, IEEE Access.

[39]  Sukumaran Nair,et al.  Network Traffic Behavioral Analytics for Detection of DDoS Attacks , 2019 .

[40]  M. Gerndt,et al.  Online Memory Leak Detection in the Cloud-based Infrastructures , 2021, ICSOC Workshops.

[41]  Syed Asad Hussain,et al.  Multilevel classification of security concerns in cloud computing , 2017 .

[42]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[43]  Nadra Guizani,et al.  A Network Function Virtualization System for Detecting Malware in Large IoT Based Networks , 2020, IEEE Journal on Selected Areas in Communications.

[44]  Andrew M. Saxe,et al.  High-dimensional dynamics of generalization error in neural networks , 2017, Neural Networks.

[45]  I. Elishakoff,et al.  Antioptimization of earthquake exitation and response , 1998 .

[46]  Karsten Schwan,et al.  EbAT: An entropy based online Anomaly Tester for data center management , 2009, 2009 IFIP/IEEE International Symposium on Integrated Network Management-Workshops.

[47]  Luigi Coppolino,et al.  Cloud security: Emerging threats and current solutions , 2017, Comput. Electr. Eng..

[48]  Chengmo Yang,et al.  Comprehensive Evaluation of Program Reliability with ComFIDet: An Integrated Fault Injection and Detection Framework for Embedded Systems , 2019, 2019 IEEE International Conference on Embedded Software and Systems (ICESS).

[49]  Sahar Alatawi,et al.  A Survey on Cloud Security Issues and Solution , 2020, 2020 International Conference on Computing and Information Technology (ICCIT-1441).

[50]  Abdallah Shami,et al.  Bayesian Optimization with Machine Learning Algorithms Towards Anomaly Detection , 2018, 2018 IEEE Global Communications Conference (GLOBECOM).

[51]  Sung Wook Baik,et al.  CNN features with bi-directional LSTM for real-time anomaly detection in surveillance networks , 2020, Multimedia Tools and Applications.

[52]  Mohamed Rida,et al.  A survey of intrusion detection systems for cloud computing environment , 2016, 2016 International Conference on Engineering & MIS (ICEMIS).

[53]  Zhichao Li,et al.  Fault-Relevant Optimal Ensemble ICA Model for Non-Gaussian Process Monitoring , 2020, IEEE Transactions on Control Systems Technology.

[54]  Bin Gu,et al.  A Robust Regularization Path Algorithm for $\nu $ -Support Vector Classification , 2017, IEEE Transactions on Neural Networks and Learning Systems.