针对云端系统 DDoS 攻击的运行时可靠性分数分布变化分析

IF 3.7 2区计算机科学 Q1 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Journal of Systems and Software Pub Date : 2024-10-28 DOI:10.1016/j.jss.2024.112265

Lei Wang, Shuhan Chen, Xikai Zhang, Jiyuan Liu

{"title":"针对云端系统 DDoS 攻击的运行时可靠性分数分布变化分析","authors":"Lei Wang, Shuhan Chen, Xikai Zhang, Jiyuan Liu","doi":"10.1016/j.jss.2024.112265","DOIUrl":null,"url":null,"abstract":"<div><div>With the help of the Software as a Service (SaaS) delivery model, the rapid advancement of cloud computing has become the most prevalent distributed computing paradigm. A large number of application vendors and developers choose to integrate cloud-hosted Application Program Interfaces (APIs) into their systems as <em>system components</em> to construct new and value-added cloud-based systems. When executed in an open cloud environment, each system component is constantly at risk of Distributed Denial of Service (DDoS) attacks. Such cloud-based systems are challenged by reliability fluctuations when a system component is attacked. A change in the reliability of the remote system components, e.g., performance decline or runtime anomalies, can threaten the stability of the entire cloud-based system. To enable timely reliability assurance against cloud-based systems DDoS attacks, it is necessary to analyze runtime reliability of its system components. In this paper, we formally present a new model for evaluating the reliability of the system components based on concept drift. Based on the model, we propose a novel method named runtime reliability anomaly detection (RAD), leveraging the Singular Value Decomposition (SVD) technique. RAD analyzes the reliability of a system component during its operation by detecting peaks in Fractional Distribution Change (FDC) within its reliability time series data. Specifically, it calculates the Jensen Shannon divergence between historical and up-to-date reliability data streams, based on feature vectors that are dimensionality-reduced using SVD. The results of extensive experiments conducted on two public cloud APIs performance datasets demonstrate the effectiveness and efficiency of RAD.</div></div>","PeriodicalId":51099,"journal":{"name":"Journal of Systems and Software","volume":"220 ","pages":"Article 112265"},"PeriodicalIF":3.7000,"publicationDate":"2024-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Runtime reliability fractional distribution change analytics against cloud-based systems DDoS attacks\",\"authors\":\"Lei Wang, Shuhan Chen, Xikai Zhang, Jiyuan Liu\",\"doi\":\"10.1016/j.jss.2024.112265\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>With the help of the Software as a Service (SaaS) delivery model, the rapid advancement of cloud computing has become the most prevalent distributed computing paradigm. A large number of application vendors and developers choose to integrate cloud-hosted Application Program Interfaces (APIs) into their systems as <em>system components</em> to construct new and value-added cloud-based systems. When executed in an open cloud environment, each system component is constantly at risk of Distributed Denial of Service (DDoS) attacks. Such cloud-based systems are challenged by reliability fluctuations when a system component is attacked. A change in the reliability of the remote system components, e.g., performance decline or runtime anomalies, can threaten the stability of the entire cloud-based system. To enable timely reliability assurance against cloud-based systems DDoS attacks, it is necessary to analyze runtime reliability of its system components. In this paper, we formally present a new model for evaluating the reliability of the system components based on concept drift. Based on the model, we propose a novel method named runtime reliability anomaly detection (RAD), leveraging the Singular Value Decomposition (SVD) technique. RAD analyzes the reliability of a system component during its operation by detecting peaks in Fractional Distribution Change (FDC) within its reliability time series data. Specifically, it calculates the Jensen Shannon divergence between historical and up-to-date reliability data streams, based on feature vectors that are dimensionality-reduced using SVD. The results of extensive experiments conducted on two public cloud APIs performance datasets demonstrate the effectiveness and efficiency of RAD.</div></div>\",\"PeriodicalId\":51099,\"journal\":{\"name\":\"Journal of Systems and Software\",\"volume\":\"220 \",\"pages\":\"Article 112265\"},\"PeriodicalIF\":3.7000,\"publicationDate\":\"2024-10-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Systems and Software\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0164121224003091\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, SOFTWARE ENGINEERING\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Systems and Software","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0164121224003091","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

摘要

在软件即服务（SaaS）交付模式的帮助下，云计算的快速发展已成为最普遍的分布式计算模式。大量应用程序供应商和开发人员选择将云托管应用程序接口（API）作为系统组件集成到自己的系统中，以构建新的增值云系统。在开放的云环境中执行时，每个系统组件都时刻面临着分布式拒绝服务（DDoS）攻击的风险。当系统组件受到攻击时，这种基于云的系统就会面临可靠性波动的挑战。远程系统组件可靠性的变化，如性能下降或运行时异常，会威胁到整个基于云的系统的稳定性。为了能够及时保证云系统在受到 DDoS 攻击时的可靠性，有必要对其系统组件的运行时可靠性进行分析。本文正式提出了一种基于概念漂移的系统组件可靠性评估新模型。基于该模型，我们利用奇异值分解（SVD）技术提出了一种名为运行时可靠性异常检测（RAD）的新方法。RAD 通过检测可靠性时间序列数据中分数分布变化（FDC）的峰值，分析系统组件在运行期间的可靠性。具体来说，它基于使用 SVD 降维的特征向量，计算历史可靠性数据流与最新可靠性数据流之间的詹森-香农发散。在两个公共云 API 性能数据集上进行的大量实验结果证明了 RAD 的有效性和效率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Runtime reliability fractional distribution change analytics against cloud-based systems DDoS attacks

With the help of the Software as a Service (SaaS) delivery model, the rapid advancement of cloud computing has become the most prevalent distributed computing paradigm. A large number of application vendors and developers choose to integrate cloud-hosted Application Program Interfaces (APIs) into their systems as system components to construct new and value-added cloud-based systems. When executed in an open cloud environment, each system component is constantly at risk of Distributed Denial of Service (DDoS) attacks. Such cloud-based systems are challenged by reliability fluctuations when a system component is attacked. A change in the reliability of the remote system components, e.g., performance decline or runtime anomalies, can threaten the stability of the entire cloud-based system. To enable timely reliability assurance against cloud-based systems DDoS attacks, it is necessary to analyze runtime reliability of its system components. In this paper, we formally present a new model for evaluating the reliability of the system components based on concept drift. Based on the model, we propose a novel method named runtime reliability anomaly detection (RAD), leveraging the Singular Value Decomposition (SVD) technique. RAD analyzes the reliability of a system component during its operation by detecting peaks in Fractional Distribution Change (FDC) within its reliability time series data. Specifically, it calculates the Jensen Shannon divergence between historical and up-to-date reliability data streams, based on feature vectors that are dimensionality-reduced using SVD. The results of extensive experiments conducted on two public cloud APIs performance datasets demonstrate the effectiveness and efficiency of RAD.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Systems and Software 工程技术-计算机：理论方法

CiteScore

8.60

自引率

5.70%

发文量

193

审稿时长

16 weeks

期刊介绍： The Journal of Systems and Software publishes papers covering all aspects of software engineering and related hardware-software-systems issues. All articles should include a validation of the idea presented, e.g. through case studies, experiments, or systematic comparisons with other approaches already in practice. Topics of interest include, but are not limited to: • Methods and tools for, and empirical studies on, software requirements, design, architecture, verification and validation, maintenance and evolution • Agile, model-driven, service-oriented, open source and global software development • Approaches for mobile, multiprocessing, real-time, distributed, cloud-based, dependable and virtualized systems • Human factors and management concerns of software development • Data management and big data issues of software systems • Metrics and evaluation, data mining of software development resources • Business and economic aspects of software development processes The journal welcomes state-of-the-art surveys and reports of practical experience for all of these topics.