Advancing Software Security and Reliability in Cloud Platforms through AI-based Anomaly Detection
- URL: http://arxiv.org/abs/2411.09200v1
- Date: Thu, 14 Nov 2024 05:45:55 GMT
- Title: Advancing Software Security and Reliability in Cloud Platforms through AI-based Anomaly Detection
- Authors: Sabbir M. Saleh, Ibrahim Mohammed Sayem, Nazim Madhavji, John Steinbacher,
- Abstract summary: This research aims to enhance CI/CD pipeline security by implementing anomaly detection through AI support.
The goal is to identify unusual behaviour or variations from network traffic patterns in pipeline and cloud platforms.
We implemented a combination of Convolution Neural Network(CNN) and Long Short-Term Memory (LSTM) to detect unusual traffic patterns.
- Score: 0.5599792629509228
- License:
- Abstract: Continuous Integration/Continuous Deployment (CI/CD) is fundamental for advanced software development, supporting faster and more efficient delivery of code changes into cloud environments. However, security issues in the CI/CD pipeline remain challenging, and incidents (e.g., DDoS, Bot, Log4j, etc.) are happening over the cloud environments. While plenty of literature discusses static security testing and CI/CD practices, only a few deal with network traffic pattern analysis to detect different cyberattacks. This research aims to enhance CI/CD pipeline security by implementing anomaly detection through AI (Artificial Intelligence) support. The goal is to identify unusual behaviour or variations from network traffic patterns in pipeline and cloud platforms. The system shall integrate into the workflow to continuously monitor pipeline activities and cloud infrastructure. Additionally, it aims to explore adaptive response mechanisms to mitigate the detected anomalies or security threats. This research employed two popular network traffic datasets, CSE-CIC-IDS2018 and CSE-CIC-IDS2017. We implemented a combination of Convolution Neural Network(CNN) and Long Short-Term Memory (LSTM) to detect unusual traffic patterns. We achieved an accuracy of 98.69% and 98.30% and generated log files in different CI/CD pipeline stages that resemble the network anomalies affected to address security challenges in modern DevOps practices, contributing to advancing software security and reliability.
Related papers
- Blockchain-Enabled Variational Information Bottleneck for Data
Extraction Based on Mutual Information in Internet of Vehicles [34.63863606532729]
The Internet of Vehicles (IoV) network can address the issue of limited computing resources and data processing capabilities of individual vehicles.
Applying blockchain technology can establish secure data links within the IoV, solving the problems of insufficient computing resources for each vehicle and the security of data transmission over the network.
This paper introduces an innovative approach that integrates blockchain with VIB, referred to as BVIB, designed to lighten computational workloads and reinforce the security of the network.
arXiv Detail & Related papers (2024-09-20T17:30:19Z) - Enhancing Critical Infrastructure Cybersecurity: Collaborative DNN Synthesis in the Cloud Continuum [0.0]
Researchers are exploring the integration of IoT and the cloud continuum, together with AI, to enhance the cost-effectiveness and efficiency of critical infrastructure (CI) systems.
This integration, however, increases susceptibility of CI systems to cyberattacks, potentially leading to disruptions like power outages, oil spills, or even a nuclear mishap.
We propose an innovative approach that utilizes trained edge cloud models to synthesize central cloud models.
arXiv Detail & Related papers (2024-05-23T00:36:45Z) - A Framework for the Systematic Assessment of Anomaly Detectors in Time-Sensitive Automotive Networks [0.4077787659104315]
We present an assessment framework that allows for reproducible, comparable, and rapid evaluation of anomaly detection algorithms.
We evaluate exemplary detection mechanisms and reveal how the detection performance is influenced by different combinations of TSN traffic flows and anomaly types.
arXiv Detail & Related papers (2024-05-02T14:29:42Z) - Advancing Security in AI Systems: A Novel Approach to Detecting
Backdoors in Deep Neural Networks [3.489779105594534]
backdoors can be exploited by malicious actors on deep neural networks (DNNs) and cloud services for data processing.
Our approach leverages advanced tensor decomposition algorithms to meticulously analyze the weights of pre-trained DNNs and distinguish between backdoored and clean models.
This advancement enhances the security of deep learning and AI in networked systems, providing essential cybersecurity against evolving threats in emerging technologies.
arXiv Detail & Related papers (2024-03-13T03:10:11Z) - Generative AI for Secure Physical Layer Communications: A Survey [80.0638227807621]
Generative Artificial Intelligence (GAI) stands at the forefront of AI innovation, demonstrating rapid advancement and unparalleled proficiency in generating diverse content.
In this paper, we offer an extensive survey on the various applications of GAI in enhancing security within the physical layer of communication networks.
We delve into the roles of GAI in addressing challenges of physical layer security, focusing on communication confidentiality, authentication, availability, resilience, and integrity.
arXiv Detail & Related papers (2024-02-21T06:22:41Z) - SISSA: Real-time Monitoring of Hardware Functional Safety and
Cybersecurity with In-vehicle SOME/IP Ethernet Traffic [49.549771439609046]
We propose SISSA, a SOME/IP communication traffic-based approach for modeling and analyzing in-vehicle functional safety and cyber security.
Specifically, SISSA models hardware failures with the Weibull distribution and addresses five potential attacks on SOME/IP communication.
Extensive experimental results show the effectiveness and efficiency of SISSA.
arXiv Detail & Related papers (2024-02-21T03:31:40Z) - Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS)
FLEKD enables a more flexible aggregation method than conventional model fusion techniques.
Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z) - Prevention of cyberattacks in WSN and packet drop by CI framework and
information processing protocol using AI and Big Data [0.0]
This study integrates a cognitive intelligence (CI) framework, an information processing protocol, and sophisticated artificial intelligence (AI) and big data analytics approaches.
The framework is capable of detecting and preventing several forms of assaults, including as denial-of-service (DoS) attacks, node compromise, and data tampering.
It is highly resilient to packet drop occurrences, which improves the WSN's overall reliability and performance.
arXiv Detail & Related papers (2023-06-15T19:00:39Z) - Task-Oriented Integrated Sensing, Computation and Communication for
Wireless Edge AI [46.61358701676358]
Edge artificial intelligence (AI) has been proposed to provide high-performance computation of a conventional cloud down to the network edge.
Recently, convergence of wireless sensing, computation and communication (SC$2$) for specific edge AI tasks, has aroused paradigm shift.
It is paramount importance to advance fully integrated sensing, computation and communication (I SCC) to achieve ultra-reliable and low-latency edge intelligence acquisition.
arXiv Detail & Related papers (2023-06-11T06:40:51Z) - Lightweight Collaborative Anomaly Detection for the IoT using Blockchain [40.52854197326305]
Internet of things (IoT) devices tend to have many vulnerabilities which can be exploited by an attacker.
Unsupervised techniques, such as anomaly detection, can be used to secure these devices in a plug-and-protect manner.
We present a distributed IoT simulation platform, which consists of 48 Raspberry Pis.
arXiv Detail & Related papers (2020-06-18T14:50:08Z) - Machine Learning based Anomaly Detection for 5G Networks [0.0]
This paper proposes SDS (Software Defined Security) as a means to provide an automated, flexible and scalable network defence system.
SDS will harness current advances in machine learning to design a CNN (Convolutional Neural Network) using NAS (Neural Architecture Search) to detect anomalous network traffic.
arXiv Detail & Related papers (2020-03-07T00:17:08Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.