SSLA: a semi-supervised framework for real-time injection detection and anomaly monitoring in cloud-based web applications with real-world implementation and evaluation

SSLA: a semi-supervised framework for real-time injection detection and anomaly monitoring in cloud-based web applications with real-world implementation and evaluation

연구 분야: Safety

학회: Journal of Cloud Computing

Injection attacks and anomalies pose significant threats to the security and reliability of cloud-based web applications. Traditional detection methods, such as rule-based systems and supervised learning techniques, often struggle to adapt to evolving threats and large-scale, unstructured log data. This paper introduces a novel framework, the Semi-Supervised Log Analyzer (SSLA), designed for real-time injection detection and anomaly monitoring in cloud environments. SSLA uses semi-supervised learning to utilize both labeled and unlabeled data, reducing the reliance on extensive annotated datasets. A similarity graph is built from the log data, allowing for effective anomaly detection using graph-based methods. At the same time, privacy-preserving techniques are integrated to protect sensitive information. The proposed method is evaluated on large-scale datasets, including Hadoop Distributed File System (HDFS) and BlueGene/L (BGL) logs, demonstrating superior performance in terms of precision, recall, and scalability compared to state-of-the-art methods. SSLA achieves high detection accuracy with minimal computational overhead, ensuring reliable, real-time protection for cloud-based web applications.