Combating cyber attacks in cloud systems using machine learning

One of the crucial but complicated task is to detect cyber attacks and their types in any IT networking environment including recent consumption of cloud services. The common practice of existing cloud provider’s is that they are not transparent when it comes to share security related data with its consumers adds to the difficulty of detection by a cloud customer. Contributions of this chapter are segregated into two categories. First, we will demonstrate an easy technique on how cloud customers can collect performance data of their Virtual Machine (VM). Second, some thoughts are constructed on novel approaches to classify some of the widely discussed cyber attack types using machine learning techniques. We will evaluate the techniques’ performances using statistical ranking based methods. The novelty of our rather rigorous analysis is in its ability to identify insider's activities and other cyber attacks using performance data. The reason for using performance data rather than traditional logs and security related data is that the performance data can be collected by the customers themselves without any assistance from the cloud providers. Therefore the aim of these series of experiments in our constructed cloud computing model are expected to give researchers, cloud providers and consumers additional insight and tools to proactively protect their data from known, or perhaps even unknown, security issues that have similar patterns.