Machine Learning For Cloud Computing Intrution Detection


Vijitha kondiparthi
V. Greeshmananda


The term "cloud computing” has emerged as a major ICT trend and has been acknowledged by respected industry survey organizations as a key technology and market development theme for the industry and ICT users in 2010. In Cloud Computing intrusion detection research, one popular strategy for finding attacks is monitoring a cloud's activity for anomalies: deviations from profiles of normality previously learned from benign traffic typically identified using tools borrowed from the machine learning community. However, despite extensive academic research one finds a striking gap in terms of actual deployments of such systems: compared with other intrusion detection approaches, machine learning is rarely employed in operational "real world” settings. We examine the differences between the cloud computing intrusion detection problem and other areas where machine learning

regularly finds much more success. Our main claim is that the task of finding attacks is fundamentally different from these other applications, making it significantly harder for the intrusion detection community to employ machine learning effectively. We support this claim by identifying challenges particular to cloud computing intrusion detection, and provide a set of guidelines meant to strengthen future research on anomaly detection.