Stacked Anomaly Detector Guided Side Channel Attacks Detection in Multi Tenant Distributed Systems

Abstract

With the growing demand of cloud-based services and products, there has been an exponential rise in supply of big cloud infrastructure services of multi-tenant distributed systems, pressing a need for scaling the infrastructure up, appropriately. With a growing atypical pattern of sophisticated cyber-attacks, distributed cloud infrastructure systems also become vulnerable despite strong security measures. In the multi-tenant system, a type of attack targeted through side channels shared memories, configurations, and network access, is on the rise. The aggregated analyses of such side channel parameters can lead to the discovery of attacks. This paper proposes a novel, an ensemble side-channel attack detection approach, consisting of a stack of multiple heterogeneous anomaly detectors that works well with several types of side-channel attacks, especially in an ambient computing setup. Stacked methods offer an advantage of better detection of failures compared to a single anomaly detector. We implement this technique for a strong class of anomaly detectors and run intensive tests on a variety of side-channel attack datasets. The result shows the advantages of having an ensemble detector over single detector method. The performed method is proved to work well on the given dataset.