Research Papers - Dept of Computer Systems Engineering

Permanent URI for this collection https://rda.sliit.lk/handle/123456789/1253

Browse

Filters

2021 - 20222

Advanced Search

Filter by

Settings

Author: search.filters.author.Rupasinghe, LSubject: search.filters.subject.Anomaly Detection

Search Results

Now showing 1 - 2 of 2
  • Thumbnail Image
    PublicationEmbargo
    Anomaly Detection in Microservice Systems Using Autoencoders
    (IEEE, 2022-12-09) de Silva, M; Daniel, S; Kumarapeli, M; Mahadura, S; Rupasinghe, L; Liyanapathirana, C
    The adaptation of microservice architecture has increased massively during the last few years with the emergence of the cloud. Containers have become a common choice for microservices architecture instead of VMs (Virtual Machines) due to their portability and optimized resource usage characteristics. Along with the containers, container-orchestration platforms are also becoming an integral part of microservice-based systems, considering the flexibility and scalability offered by the container-orchestration media. With the virtualized implementation and the dynamic attribute of modern microservice architecture, it has been a cumbersome task to implement a proper observability mechanism to detect abnormal behaviour using conventional monitoring tools, which are most suitable for static infrastructures. We present a system that will collect required data with the understanding of the dynamic attribute of the system and identify anomalies with efficient data analysis methods.
  • Thumbnail Image
    PublicationEmbargo
    Autonomous Cyber AI for Anomaly Detection
    (IEEE, 2021-12-09) Madhuvantha, K. A. N; Hussain, M. H; De Silva, H. W. D. T; Liyanage, U. I. D; Rupasinghe, L; Liyanapathirana, C
    Since available signature-based Intrusion Detection systems (IDS) are lacking in performance to identify such cyber threats and defend against novel attacks. It does not have the ability to detect zero-day or advanced malicious activities. To address the issue with signature-based IDS, a possible solution is to adopt anomaly-based detections to identify the latest cyber threats including zero days. We initially focused on network intrusions. This research paper discusses detecting network anomalies using AI-based technologies such as machine learning (ML) and natural language processing (NLP). In the proposed solution, network traffic logs and HTTP traffic data are taken as inputs using a mechanism called beats. Once relevant data has been extracted from the captured traffic, it will be passed to the AI engine to conduct further analysis. Algorithms such as Word2vec, Convolution Neural Network (CNN), Artificial Neural networks (ANN), and autoencoders are used in order to conduct the threat analysis. HTTP DATASET CSIC 2010, that NSL-KDD, CICIDS are the benchmarking datasets used in parallel with the above algorithms in order to receive high accuracy in detection. The outputted data is integrated and visualized using the Kibana dashboard and blockchain model is implemented to maintain and handle all the data.