LOMOS: An AI-Based Runtime Security Monitoring System Fit for the Cloud Continuum

LOMOS: An AI-Based Runtime Security Monitoring System Fit for the Cloud Continuum

연구 분야: Infrastructure

학회: European Conference on Parallel Processing

Given the challenges faced by various industries in the global digital transformation process, it is essential to perform detection of anomalies, consuming system logs collected and returning anomaly score, which should significantly enhance the visualization of vulnerabilities and improve the overall security posture of systems. This paper presents LOg MOnitoring System (LOMOS), a robust AI technology and methodology for anomaly detection on logs, tailored to adapt to new data sensitivity concerns. LOMOS facilitates the creation of informative metrics/variables with significant screening capabilities, addressing the critical need for real-time monitoring of stack conditions to fuel its self-healing mechanisms. The proposed system is designed to detect security related events and incidents within the deployed application environment and is deployable automatically, providing users with timely notifications about security episodes. In this paper, we demonstrate the advantages of this approach in the continuous detection of vulnerabilities, threats and malware in production infrastructures and during software development phases, appearing in the infrastructure when new services or features are added, or simply when new vulnerabilities are discovered in existing (outdated) services. By seamlessly integrating this novel transformer-based anomaly detection methodology with the cloud continuum, it facilitates a smooth and secure digital transformation process, ensuring a comprehensive adherence to evolving security requirements while supporting the dynamic nature of modern infrastructures.