ISSN: 2182-2069 (printed) / ISSN: 2182-2077 (online)
Matrix Profile-Based Anomaly Detection in Cloud Networks
Cloud computing has revolutionized computing infrastructure abstraction and utilization, characterized by its cost-effective and high-quality services. However, the challenge of securing cloud networks persists, primarily due to the extensive exchange of data and the inherent complexity of these systems. Anomaly detection emerges as a promising solution to enhance cloud network security, offering insights into system behavior and alerting operators for further actions. This paper presents a novel time series analysis technique for detecting anomalies in cloud networks. Our approach utilizes a multi-dimensional matrix profile, an innovative time series analysis method, to highlight anomalous patterns within multiple features extracted from network traffic streams. Additionally, we employ the Kneedle algorithm to pinpoint the highlighted patterns that identify anomalies. To assess our approach's performance, we applied timestamp-based and index-based methods to two distinct datasets: the most widely used UNSW-NB15 and the recently introduced CICIoT2023 datasets. Our results underscore the effectiveness of our proposed approach in identifying cloud network anomalies. It achieved an impressive accuracy of 99.6% and an F1-score of 99.8% using the timestamp-based analysis method. For the index-based analysis method, the accuracy reached 98%, accompanied by an outstanding F1-score of 99.9%.