Enhancing Cloud Network Security with Innovative Time Series Analysis

Authors

DOI:

https://doi.org/10.5753/jisa.2025.4768

Keywords:

Cloud networks, Anomaly Detection, Matrix profile, Time series analysis, Cloud security, IoT, Cyber-attacks

Abstract

Cloud computing has revolutionized computing infrastructure abstraction and utilization, distinguished by its cost-effective and high-quality services. However, the challenge of securing cloud networks persists, mainly due to the broad exchange of data and the inherent complexity of these techniques. Anomaly detection emerges as a promising solution to improve cloud network safeness, presenting perception into system behavior and alerting operators for further actions. This paper offers a novel time series analysis method for detecting anomalies in cloud networks. Our technique employs innovative time series analysis techniques based on a matrix profile, and the Kneedle algorithm to identify multi-dimensional anomalous patterns within multiple features extracted from network traffic streams. To evaluate the efficacy of our approach, we implemented timestamp-based and index-based methods to two distinct datasets: the most widely used UNSW-NB15 and the recently introduced CICIoT2023 datasets. The results highlight the efficacy of our proposed method in identifying cloud network anomalies. It achieved an impressive accuracy of 99.6% and an F1-score of 99.8% using the timestamp-based analysis method. For the index-based analysis method, accuracy reached 98%, accompanied by an outstanding F1-score of 99.9%.

Downloads

Download data is not yet available.

References

Agrawal, B., Wiktorski, T., and Rong, C. (2016). Adaptive anomaly detection in cloud using robust and scalable principal component analysis. In 2016 15th international symposium on parallel and distributed computing (ISPDC), pages 100-106. IEEE. DOI: 10.1109/ISPDC.2016.22.

Al-Bakaa, A. and Al-Musawi, B. (2021). Improving the performance of intrusion detection system through finding the most effective features. In 2021 International Congress of Advanced Technology and Engineering (ICOTEN), pages 1-9. IEEE. DOI: 10.1109/ICOTEN52080.2021.9493564.

Al-Bakaa, A. and Al-Musawi, B. (2022). A new intrusion detection system based on using nonlinear statistical analysis and features selection techniques. Computers & Security, 122:102906. DOI: 10.1016/j.cose.2022.102906.

Alzahrani, M. A., Alzahrani, A. M., and Siddiqui, M. S. (2022). Detecting ddos attacks in iot-based networks using matrix profile. Applied Sciences, 12(16):8294. DOI: 10.3390/app12168294.

Baron, H. (2022). Report by cloud security alliance. Available online [link].

Cheema, P., Alamdari, M. M., Vio, G., Azizi, L., and Luo, S. (2023). On the use of matrix profiles and optimal transport theory for multivariate time series anomaly detection within structural health monitoring. Mechanical Systems and Signal Processing, 204:110797. DOI: 10.1016/j.ymssp.2023.110797.

De Paepe, D., Hautte, S. V., Steenwinckel, B., De Turck, F., Ongenae, F., Janssens, O., and Van Hoecke, S. (2020). A generalized matrix profile framework with support for contextual series analysis. Engineering Applications of Artificial Intelligence, 90:103487. DOI: 10.1016/j.engappai.2020.103487.

Ding, N., Gao, H., Bu, H., Ma, H., and Si, H. (2018). Multivariate-time-series-driven real-time anomaly detection based on bayesian network. Sensors, 18(10):3367. DOI: 10.3390/s18103367.

Firouzi, F., Farahani, B., and Marinšek, A. (2022). The convergence and interplay of edge, fog, and cloud in the ai-driven internet of things (iot). Information Systems, 107:101840. DOI: 10.1016/j.is.2021.101840.

Garg, S., Kaur, K., Kumar, N., Kaddoum, G., Zomaya, A. Y., and Ranjan, R. (2019). A hybrid deep learning-based model for anomaly detection in cloud datacenter networks. IEEE Transactions on Network and Service Management, 16(3):924-935. DOI: 10.1109/TNSM.2019.2927886.

Huang, C., Min, G., Wu, Y., Ying, Y., Pei, K., and Xiang, Z. (2017). Time series anomaly detection for trustworthy services in cloud computing systems. IEEE Transactions on Big Data, 8(1):60-72. DOI: 10.1109/TBDATA.2017.2711039.

Jacobs, A. S., Beltiukov, R., Willinger, W., Ferreira, R. A., Gupta, A., and Granville, L. Z. (2022). Ai/ml for network security: The emperor has no clothes. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, pages 1537-1551. DOI: 0.1145/3548606.3560609.

Liberti, L., Lavor, C., Maculan, N., and Mucherino, A. (2014). Euclidean distance geometry and applications. SIAM review, 56(1):3-69. DOI: 10.1137/120875909.

Liu, H., Li, J., and Gu, D. (2020). Understanding the security of app-in-the-middle iot. Computers & Security, 97:102000. DOI: 10.1016/j.cose.2020.102000.

Lou, P., Yang, Y., and Yan, J. (2019). An anomaly detection method for cloud service platform. In Proceedings of the 2019 4th International Conference on Machine Learning Technologies, pages 70-75. DOI: 10.1145/3340997.3341005.

Madrid, F., Imani, S., Mercer, R., Zimmerman, Z., Shakibay, N., and Keogh, E. (2019). Matrix profile xx: Finding and visualizing time series motifs of all lengths using the matrix profile. In 2019 IEEE International Conference on Big Knowledge (ICBK), pages 175-182. IEEE. DOI: 10.1109/ICBK.2019.00031.

Manimurugan, S. (2021). Iot-fog-cloud model for anomaly detection using improved naïve bayes and principal component analysis. Journal of Ambient Intelligence and Humanized Computing, pages 1-10. DOI: 10.1007/s12652-020-02723-3.

Moustafa, N. and Slay, J. (2015). UNSW-NB15: A comprehensive dataset for network intrusion detection systems (unsw-nb15 network dataset). In 2015 Military Communications and Information Systems Conference (MilCIS), pages 1-6. IEEE. DOI: 10.1109/MilCIS.2015.7348942.

Neto, E. C. P., Dadkhah, S., Ferreira, R., Zohourian, A., Lu, R., and Ghorbani, A. A. (2023). CICIoT2023: A real-time dataset and benchmark for large-scale attacks in iot environment. Sensors.. DOI: 10.3390/s23135941.

Nzanzu, V. P., Adetiba, E., Badejo, J. A., Molo, M. J., Takenga, C., Noma-Osaghae, E., and Suraju, S. (2022). Monitoring and resource management taxonomy in interconnected cloud infrastructures: a survey. TELKOMNIKA (Telecommunication Computing Electronics and Control), 20(2):279-295. DOI: 10.12928/telkomnika.v20i2.20503.

Parameswarappa, P., Shah, T., and Lanke, G. R. (2023). A machine learning-based approach for anomaly detection for secure cloud computing environments. In 2023 International Conference on Intelligent Data Communication Technologies and Internet of Things (IDCIoT), pages 931-940. IEEE. DOI: 10.1109/IDCIoT56793.2023.10053518.

Saljoughi, A. S., Mehrvarz, M., and Mirvaziri, H. (2017). Attacks and intrusion detection in cloud computing using neural networks and particle swarm optimization algorithms. Emerging Science Journal, 1(4):179-191. DOI: 10.28991/ijse-01120.

Satopaa, V., Albrecht, J., Irwin, D., and Raghavan, B. (2011). Finding a "kneedle" in a haystack: Detecting knee points in system behavior. In 2011 31st International Conference on Distributed Computing Systems Workshops, pages 166-171. IEEE. DOI: 10.1109/ICDCSW.2011.20.

Schmidt, F., Suri-Payer, F., Gulenko, A., Wallschläger, M., Acker, A., and Kao, O. (2018). Unsupervised anomaly event detection for cloud monitoring using online arima. In 2018 IEEE/ACM International Conference on Utility and Cloud Computing Companion (UCC Companion), pages 71-76. IEEE. DOI: 10.1109/UCC-Companion.2018.00037.

Scott, B. A., Johnstone, M. N., Szewczyk, P., and Richardson, S. (2024). Matrix profile data mining for bgp anomaly detection. Computer Networks, 242:110257. DOI: 10.1016/j.comnet.2024.110257.

Syed, H. J., Gani, A., Ahmad, R. W., Khan, M. K., and Ahmed, A. I. A. (2017). Cloud monitoring: A review, taxonomy, and open research issues. Journal of Network and Computer Applications, 98:11-26. DOI: 10.1016/j.jnca.2017.08.021.

Yasarathna, T. L. and Munasinghe, L. (2020). Anomaly detection in cloud network data. In 2020 International Research Conference on Smart Computing and Systems Engineering (SCSE), pages 62-67. IEEE. DOI: 10.1109/SCSE49731.2020.9313014.

Yeh, C.-C. M., Kavantzas, N., and Keogh, E. (2017a). Matrix profile vi: Meaningful multidimensional motif discovery. In 2017 IEEE international conference on data mining (ICDM), pages 565-574. IEEE. DOI: 10.1109/ICDM.2017.66.

Yeh, C. C. M., Kavantzas, N., and Keogh, E. (2017b). Matrix profile vi: Meaningful multidimensional motif discovery. In 2017 IEEE International Conference on Data Mining (ICDM), pages 565-574. IEEE. DOI: 110.1109/ICDM.2017.66.

Yeh, C. C. M., Van Herle, H., and Keogh, E. (2016a). Matrix profile iii: the matrix profile allows visualization of salient subsequences in massive time series. In 2016 IEEE 16th International Conference on Data Mining (ICDM), pages 579-588. IEEE. DOI: 10.1109/ICDM.2016.0069.

Yeh, C. C. M., Zhu, Y., Ulanova, L., Begum, N., Ding, Y., Dau, H. A., and Keogh, E. (2016b). Matrix profile i: all pairs similarity joins for time series: a unifying view that includes motifs, discords and shapelets. In 2016 IEEE 16th International Conference on Data Mining (ICDM), pages 1317-1322. DOI: 10.1109/ICDM.2016.0179.

Zebari, R., Abdulazeez, A., Zeebaree, D., Zebari, D., and Saeed, J. (2020). A comprehensive review of dimensionality reduction techniques for feature selection and feature extraction. Journal of Applied Science and Technology Trends, 1(2):56-70. DOI: 10.38094/jastt1224.

Zhang, X., Kim, J., Lin, Q., Lim, K., Kanaujia, S. O., Xu, Y., and Mishra, P. (2019). Cross-dataset time series anomaly detection for cloud systems. In 2019 USENIX Annual Technical Conference (USENIX ATC 19), pages 1063-1076. Available online [link].

Zhu, Y., Yeh, C. C. M., Zimmerman, Z., Kamgar, K., and Keogh, E. (2018a). Matrix profile xi: Scrimp++: time series motif discovery at interactive speeds. In 2018 IEEE International Conference on Data Mining (ICDM), pages 837-846. IEEE. DOI: 10.1109/ICDM.2018.00099.

Zhu, Y., Zimmerman, Z., Senobari, N. S., Yeh, C. C. M., Funning, G., Mueen, A., and Keogh, E. (2016). Matrix profile ii: Exploiting a novel algorithm and gpus to break the one hundred million barrier for time series motifs and joins. In 2016 IEEE 16th International Conference on Data Mining (ICDM), pages 739-748. IEEE. DOI: 10.1109/ICDM.2016.0085.

Zhu, Y., Zimmerman, Z., Shakibay Senobari, N., Yeh, C.-C. M., Funning, G., Mueen, A., Brisk, P., and Keogh, E. (2018b). Exploiting a novel algorithm and gpus to break the ten quadrillion pairwise comparisons barrier for time series motifs and joins. Knowledge and Information Systems, 54:203-236. DOI: 10.1007/s10115-017-1138-x.

Zoghi, Z. (2020). Ensemble Classifier Design and Performance Evaluation for Intrusion Detection Using UNSW-NB15 Dataset. PhD thesis, The University of Toledo. Available online [link].

Downloads

Published

2025-02-03

How to Cite

Al-Mazrawe, A., & Al-Musawi, B. (2025). Enhancing Cloud Network Security with Innovative Time Series Analysis. Journal of Internet Services and Applications, 16(1), 13–24. https://doi.org/10.5753/jisa.2025.4768

Issue

Vol. 16 No. 1 (2025)

Section

Research article

License

Copyright (c) 2025 Journal of Internet Services and Applications

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.