Logo image
Back
Malware Detection in Cloud Native Environments
Conference proceeding   Open access

Malware Detection in Cloud Native Environments

Brian S Mitchell, Ansh Chandnani, John M Carter, Danai Roumelioti and Spiros Mancoridis
AICCC '24: Proceedings of the 2024 7th Artificial Intelligence and Cloud Computing Conference, pp 555-564
09 Jul 2025
DOI: https://doi.org/10.1145/3719384.3719465
Featured in Collection :   Research Supported by Drexel Libraries' OA Programs
url
https://doi.org/10.1145/3719384.3719465View
Published, Version of Record (VoR)Open Access via Drexel Libraries Read and Publish Program 2025CC BY V4.0 Open

Abstract

As cloud computing continues to grow, organizations are shifting to software architectures that depend on fully–managed cloud services. Unlike monolithic applications that run on virtual machines, modern cloud native systems are deployed on dynamic Function as a Service (FaaS) platforms, or managed container orchestration runtimes such as Kubernetes. These systems are difficult to monitor for correct operation because the many parts of the application can be terminated or (re)started at any time in the face of errors for resiliency, or for the economic benefits associated with autoscaling. When security vulnerabilities are discovered, the impacted runtime components need to be quickly monitored, identified and patched. This paper introduces a platform we created to observe and measure the health of cloud-native applications by applying machine learning techniques that benchmark normal behavior and can detect when the behavior drifts away from the benchmark due to security attacks. To achieve this goal, our platform must be able to accurately model the distributed and highly dynamic nature of cloud native systems. We present a case study to demonstrate the detection capabilities of our solution against two recent high–profile malware CVEs that target widely deployed open–source cloud software.

Metrics

25 Record Views

Details

Logo image