Back to Search
Start Over
Multi-Perspective Content Delivery Networks Security Framework Using Optimized Unsupervised Anomaly Detection
- Source :
- IEEE Transactions on Network and Service Management. 19:686-705
- Publication Year :
- 2022
- Publisher :
- Institute of Electrical and Electronics Engineers (IEEE), 2022.
-
Abstract
- Content delivery networks (CDNs) provide efficient content distribution over the Internet. CDNs improve the connectivity and efficiency of global communications, but their caching mechanisms may be breached by cyber-attackers. Among the security mechanisms, effective anomaly detection forms an important part of CDN security enhancement. In this work, we propose a multi-perspective unsupervised learning framework for anomaly detection in CDNs. In the proposed framework, a multi-perspective feature engineering approach, an optimized unsupervised anomaly detection model that utilizes an isolation forest and a Gaussian mixture model, and a multi-perspective validation method, are developed to detect abnormal behaviors in CDNs mainly from the client Internet Protocol (IP) and node perspectives, therefore to identify the denial of service (DoS) and cache pollution attack (CPA) patterns. Experimental results are presented based on the analytics of eight days of real-world CDN log data provided by a major CDN operator. Through experiments, the abnormal contents, compromised nodes, malicious IPs, as well as their corresponding attack types, are identified effectively by the proposed framework and validated by multiple cybersecurity experts. This shows the effectiveness of the proposed method when applied to real-world CDN data.<br />Comment: Accepted and to Appear in IEEE Transactions on Network and Service Management
- Subjects :
- FOS: Computer and information sciences
Feature engineering
Computer Science - Machine Learning
Computer Science - Cryptography and Security
Computer Science - Artificial Intelligence
Computer Networks and Communications
Computer science
Denial-of-service attack
02 engineering and technology
Machine Learning (cs.LG)
law.invention
Computer Science - Networking and Internet Architecture
Attack model
C.2.0
law
Internet Protocol
0202 electrical engineering, electronic engineering, information engineering
Electrical and Electronic Engineering
I.2.6
Networking and Internet Architecture (cs.NI)
business.industry
Node (networking)
ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS
020206 networking & telecommunications
68T01
Artificial Intelligence (cs.AI)
13. Climate action
Unsupervised learning
Anomaly detection
The Internet
business
Cryptography and Security (cs.CR)
Computer network
Subjects
Details
- ISSN :
- 23737379
- Volume :
- 19
- Database :
- OpenAIRE
- Journal :
- IEEE Transactions on Network and Service Management
- Accession number :
- edsair.doi.dedup.....309370a2559b9ef2be3a64153dc0c039