Advancing Software Security and Reliability in Cloud Platforms through AI-based Anomaly Detection
- URL: http://arxiv.org/abs/2411.09200v1
- Date: Thu, 14 Nov 2024 05:45:55 GMT
- Title: Advancing Software Security and Reliability in Cloud Platforms through AI-based Anomaly Detection
- Authors: Sabbir M. Saleh, Ibrahim Mohammed Sayem, Nazim Madhavji, John Steinbacher,
- Abstract summary: This research aims to enhance CI/CD pipeline security by implementing anomaly detection through AI support.
The goal is to identify unusual behaviour or variations from network traffic patterns in pipeline and cloud platforms.
We implemented a combination of Convolution Neural Network(CNN) and Long Short-Term Memory (LSTM) to detect unusual traffic patterns.
- Score: 0.5599792629509228
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Continuous Integration/Continuous Deployment (CI/CD) is fundamental for advanced software development, supporting faster and more efficient delivery of code changes into cloud environments. However, security issues in the CI/CD pipeline remain challenging, and incidents (e.g., DDoS, Bot, Log4j, etc.) are happening over the cloud environments. While plenty of literature discusses static security testing and CI/CD practices, only a few deal with network traffic pattern analysis to detect different cyberattacks. This research aims to enhance CI/CD pipeline security by implementing anomaly detection through AI (Artificial Intelligence) support. The goal is to identify unusual behaviour or variations from network traffic patterns in pipeline and cloud platforms. The system shall integrate into the workflow to continuously monitor pipeline activities and cloud infrastructure. Additionally, it aims to explore adaptive response mechanisms to mitigate the detected anomalies or security threats. This research employed two popular network traffic datasets, CSE-CIC-IDS2018 and CSE-CIC-IDS2017. We implemented a combination of Convolution Neural Network(CNN) and Long Short-Term Memory (LSTM) to detect unusual traffic patterns. We achieved an accuracy of 98.69% and 98.30% and generated log files in different CI/CD pipeline stages that resemble the network anomalies affected to address security challenges in modern DevOps practices, contributing to advancing software security and reliability.
Related papers
- CANDoSA: A Hardware Performance Counter-Based Intrusion Detection System for DoS Attacks on Automotive CAN bus [45.24207460381396]
This paper presents a novel Intrusion Detection System (IDS) designed for the Controller Area Network (CAN) environment.<n>A RISC-V-based CAN receiver is simulated using the gem5 simulator, processing CAN frame payloads with AES-128 encryption as FreeRTOS tasks.<n>Results indicate that this approach could significantly improve CAN security and address emerging challenges in automotive cybersecurity.
arXiv Detail & Related papers (2025-07-19T20:09:52Z) - Cyber Attacks Detection, Prevention, and Source Localization in Digital Substation Communication using Hybrid Statistical-Deep Learning [39.58317527488534]
This paper proposes a novel method using hybrid statistical-deep learning for the detection, prevention, and source localization of IEC 61850 SV injection attacks.<n>It effectively discards malicious SV frames with minimal processing overhead and latency, maintains robustness against communication network latency variation and time-synchronization issues.<n>Results demonstrate the method's suitability for practical deployment in IEC 61850-compliant digital substations.
arXiv Detail & Related papers (2025-07-01T07:38:22Z) - A Systematic Literature Review on Continuous Integration and Deployment (CI/CD) for Secure Cloud Computing [0.6117371161379209]
Continuous Software Engineering is essential for software development and deployment.<n>We reviewed 66 papers, summarising tools, approaches, and challenges related to the security of CI/CD in the cloud.<n>Challenges such as image manipulation, unauthorised access, and weak authentication were highlighted.
arXiv Detail & Related papers (2025-06-09T04:21:29Z) - Enhancing Software Supply Chain Security Through STRIDE-Based Threat Modelling of CI/CD Pipelines [1.3535770763481907]
This study applies a structured threat modeling approach to identify and mitigate risks throughout the Continuous Integration/ Continuous Deployment lifecycle.<n>Threats are documented and to comprehensive security controls drawn from standards like NIST SP 800-218, Top 10 CI/CD risks, and the SLSA framework.<n>This approach provides a pragmatic roadmap for enhancing CI/CD pipeline security against evolving software supply chain threats.
arXiv Detail & Related papers (2025-06-06T19:06:59Z) - A Scalable Hierarchical Intrusion Detection System for Internet of Vehicles [1.6017263994482716]
Internet of Vehicles (IoV) is prone to various cyber threats, ranging from spoofing and Distributed Denial of Services (DDoS) attacks to malware.<n>To safeguard the IoV ecosystem from intrusions, malicious activities, policy violations, intrusion detection systems (IDS) play a critical role by continuously monitoring and analyzing network traffic to identify and mitigate potential threats in real-time.<n>This paper proposes an effective hierarchical classification framework tailored for IoV networks.
arXiv Detail & Related papers (2025-05-22T04:30:26Z) - AI-Powered Anomaly Detection with Blockchain for Real-Time Security and Reliability in Autonomous Vehicles [1.1797787239802762]
We develop a new framework that combines the power of Artificial Intelligence (AI) for real-time anomaly detection with blockchain technology to detect and prevent any malicious activity.<n>This framework employs a decentralized platform for securely storing sensor data and anomaly alerts in a blockchain ledger for data incorruptibility and authenticity.<n>This makes the AV system more resilient to attacks from both cyberspace and hardware component failure.
arXiv Detail & Related papers (2025-05-10T12:53:28Z) - MDHP-Net: Detecting an Emerging Time-exciting Threat in IVN [42.74889568823579]
We identify a new time-exciting threat model against in-vehicle network (IVN)
These attacks inject malicious messages that exhibit a time-exciting effect, gradually manipulating network traffic to disrupt vehicle operations and compromise safety-critical functions.
To detect time-exciting threat, we introduce MDHP-Net, leveraging Multi-Dimentional Hawkes Process (MDHP) and temporal and message-wise feature extracting structures.
arXiv Detail & Related papers (2025-04-16T08:41:24Z) - CNN+Transformer Based Anomaly Traffic Detection in UAV Networks for Emergency Rescue [12.074051347588963]
We propose a novel anomaly traffic detection architecture for UAV networks based on the software-defined networking (SDN) framework and blockchain technology.
An integrated algorithm combining convolutional neural networks (CNNs) and Transformer (CNN+Transformer) for anomaly traffic detection is developed, which is called CTranATD.
arXiv Detail & Related papers (2025-03-26T09:27:26Z) - Application of Machine Learning Techniques for Secure Traffic in NoC-based Manycores [44.99833362998488]
This document explores an IDS technique using machine learning and temporal series for detecting DoS attacks in NoC-based manycore systems.
It is necessary to extract traffic data from a manycore NoC and execute the learning techniques in the extracted data.
The developed platform will have its data validated with a low-level platform.
arXiv Detail & Related papers (2025-01-21T10:58:09Z) - NetFlowGen: Leveraging Generative Pre-training for Network Traffic Dynamics [72.95483148058378]
We propose to pre-train a general-purpose machine learning model to capture traffic dynamics with only traffic data from NetFlow records.
We address challenges such as unifying network feature representations, learning from large unlabeled traffic data volume, and testing on real downstream tasks in DDoS attack detection.
arXiv Detail & Related papers (2024-12-30T00:47:49Z) - MDHP-Net: Detecting an Emerging Time-exciting Threat in IVN [42.74889568823579]
We identify a new time-exciting threat model against in-vehicle network (IVN)<n>These attacks inject malicious messages that exhibit a time-exciting effect, gradually manipulating network traffic to disrupt vehicle operations and compromise safety-critical functions.<n>To detect time-exciting threat, we introduce MDHP-Net, leveraging Multi-Dimentional Hawkes Process (MDHP) and temporal and message-wise feature extracting structures.
arXiv Detail & Related papers (2024-11-15T15:05:01Z) - Blockchain-Enabled Variational Information Bottleneck for Data
Extraction Based on Mutual Information in Internet of Vehicles [34.63863606532729]
The Internet of Vehicles (IoV) network can address the issue of limited computing resources and data processing capabilities of individual vehicles.
Applying blockchain technology can establish secure data links within the IoV, solving the problems of insufficient computing resources for each vehicle and the security of data transmission over the network.
This paper introduces an innovative approach that integrates blockchain with VIB, referred to as BVIB, designed to lighten computational workloads and reinforce the security of the network.
arXiv Detail & Related papers (2024-09-20T17:30:19Z) - Enhancing Critical Infrastructure Cybersecurity: Collaborative DNN Synthesis in the Cloud Continuum [0.0]
Researchers are exploring the integration of IoT and the cloud continuum, together with AI, to enhance the cost-effectiveness and efficiency of critical infrastructure (CI) systems.
This integration, however, increases susceptibility of CI systems to cyberattacks, potentially leading to disruptions like power outages, oil spills, or even a nuclear mishap.
We propose an innovative approach that utilizes trained edge cloud models to synthesize central cloud models.
arXiv Detail & Related papers (2024-05-23T00:36:45Z) - A Framework for the Systematic Assessment of Anomaly Detectors in Time-Sensitive Automotive Networks [0.4077787659104315]
We present an assessment framework that allows for reproducible, comparable, and rapid evaluation of anomaly detection algorithms.
We evaluate exemplary detection mechanisms and reveal how the detection performance is influenced by different combinations of TSN traffic flows and anomaly types.
arXiv Detail & Related papers (2024-05-02T14:29:42Z) - Advancing Security in AI Systems: A Novel Approach to Detecting
Backdoors in Deep Neural Networks [3.489779105594534]
backdoors can be exploited by malicious actors on deep neural networks (DNNs) and cloud services for data processing.
Our approach leverages advanced tensor decomposition algorithms to meticulously analyze the weights of pre-trained DNNs and distinguish between backdoored and clean models.
This advancement enhances the security of deep learning and AI in networked systems, providing essential cybersecurity against evolving threats in emerging technologies.
arXiv Detail & Related papers (2024-03-13T03:10:11Z) - Generative AI for Secure Physical Layer Communications: A Survey [80.0638227807621]
Generative Artificial Intelligence (GAI) stands at the forefront of AI innovation, demonstrating rapid advancement and unparalleled proficiency in generating diverse content.
In this paper, we offer an extensive survey on the various applications of GAI in enhancing security within the physical layer of communication networks.
We delve into the roles of GAI in addressing challenges of physical layer security, focusing on communication confidentiality, authentication, availability, resilience, and integrity.
arXiv Detail & Related papers (2024-02-21T06:22:41Z) - SISSA: Real-time Monitoring of Hardware Functional Safety and
Cybersecurity with In-vehicle SOME/IP Ethernet Traffic [49.549771439609046]
We propose SISSA, a SOME/IP communication traffic-based approach for modeling and analyzing in-vehicle functional safety and cyber security.
Specifically, SISSA models hardware failures with the Weibull distribution and addresses five potential attacks on SOME/IP communication.
Extensive experimental results show the effectiveness and efficiency of SISSA.
arXiv Detail & Related papers (2024-02-21T03:31:40Z) - Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS)
FLEKD enables a more flexible aggregation method than conventional model fusion techniques.
Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z) - Prevention of cyberattacks in WSN and packet drop by CI framework and
information processing protocol using AI and Big Data [0.0]
This study integrates a cognitive intelligence (CI) framework, an information processing protocol, and sophisticated artificial intelligence (AI) and big data analytics approaches.
The framework is capable of detecting and preventing several forms of assaults, including as denial-of-service (DoS) attacks, node compromise, and data tampering.
It is highly resilient to packet drop occurrences, which improves the WSN's overall reliability and performance.
arXiv Detail & Related papers (2023-06-15T19:00:39Z) - Task-Oriented Integrated Sensing, Computation and Communication for
Wireless Edge AI [46.61358701676358]
Edge artificial intelligence (AI) has been proposed to provide high-performance computation of a conventional cloud down to the network edge.
Recently, convergence of wireless sensing, computation and communication (SC$2$) for specific edge AI tasks, has aroused paradigm shift.
It is paramount importance to advance fully integrated sensing, computation and communication (I SCC) to achieve ultra-reliable and low-latency edge intelligence acquisition.
arXiv Detail & Related papers (2023-06-11T06:40:51Z) - Lightweight Collaborative Anomaly Detection for the IoT using Blockchain [40.52854197326305]
Internet of things (IoT) devices tend to have many vulnerabilities which can be exploited by an attacker.
Unsupervised techniques, such as anomaly detection, can be used to secure these devices in a plug-and-protect manner.
We present a distributed IoT simulation platform, which consists of 48 Raspberry Pis.
arXiv Detail & Related papers (2020-06-18T14:50:08Z) - Machine Learning based Anomaly Detection for 5G Networks [0.0]
This paper proposes SDS (Software Defined Security) as a means to provide an automated, flexible and scalable network defence system.
SDS will harness current advances in machine learning to design a CNN (Convolutional Neural Network) using NAS (Neural Architecture Search) to detect anomalous network traffic.
arXiv Detail & Related papers (2020-03-07T00:17:08Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.