Detecting Malicious Cloud Bandwidth consumption using machine learning

Abstract

One of the most difficult and unsolved issues in network is the security issue, because of continuous evolving nature of both threats and the measures used to detect and avoid threats. Among different types of attacks, one of the most vulnerable attacks in network security are bots that consume the resources maliciously and exhaust them. Malicious Cloud Bandwidth Consumption (MCBC) attack is a new type of attack, where the aim of the attacker is to consume the bandwidth maliciously, in turn causing the financial burden to the cloud service host. MCBC is generally vulnerable to the internet based web services in public cloud. MCBC mainly aims at frequently consuming the bandwidth in a slow manner, hence affecting the pay-as-you-go utility model, causing the consumer in the form of monetary loss. Unlike DDOS attack which is short lived and makes the resource unavailable to the user, MCBC attack is a long term attack which slowly attacks the target for an extended period and remains undetectable. As this attack does not affect the availability issue immediately, it is not discussed much as DDOS attack. This paper discuss about how machine learning technique can be used to detect the MCBC attack in the form of request per second, any traffic violating this range are classified as MCBC attack. The proposed system consists of using semi supervised machine learning which uses labeled network traffic for building model and unlabeled traffic to classify using the built model.