Machine Learning Based Web-Traffic Analysis for Detection of Fraudulent Resource Consumption Attack in Cloud

Abstract

Attackers can orchestrate a fraudulent resource consumption (FRC) attack by wittingly consuming metered resources of the cloud servers for a long duration of time. The skillful over-consumption of the resources results in significant financial burden to the client. These attacks differ in intent but not in content, hence they are hard to detect. In this paper, we propose a novel scheme for the detection of the FRC attack on a cloud based web-server. We first divide the web-pages into a number of quantiles based on their popularity index. Next, we compute the number of requests per hour for each of these quantiles. Discrete Wavelet Transform is then applied to these quantiles to remove any high-frequency anomaly and smoothen the time series data. The n-tuple data from these quantiles along with their label (attack or normal) is used to train an Artificial Neural Network model. Our trained model for low percent of FRC attack (5%) obtained an accuracy of 98.51% with a precision of 0.983 and recall of 0.987 in detecting the FRC attack. CCS CONCEPTS • Security and privacy → Intrusion/anomaly detection and malware mitigation; → Computing methodologies → Supervised learning by classification.