Infrastructure anomaly detection: A cloud-native architecture at Germany’s Federal Employment Agency
| dc.contributor.author | Herget,Gebhard | |
| dc.contributor.author | Sultanow,Eldar | |
| dc.contributor.author | Chircu,Alina | |
| dc.contributor.author | Ludsteck,Johannes | |
| dc.contributor.author | Hammer,Sebastian | |
| dc.contributor.author | Koch,Christian | |
| dc.contributor.author | Reuter,Willy | |
| dc.contributor.author | Seßler,Matthias | |
| dc.contributor.editor | Demmler, Daniel | |
| dc.contributor.editor | Krupka, Daniel | |
| dc.contributor.editor | Federrath, Hannes | |
| dc.date.accessioned | 2022-09-28T17:10:50Z | |
| dc.date.available | 2022-09-28T17:10:50Z | |
| dc.date.issued | 2022 | |
| dc.description.abstract | In prior research we explored the use of time series analysis methods to detect one class of information technology (IT) infrastructure anomalies - Distributed Denial of Service (DDoS) attacks. The results of this prior work were a mathematical model and a prototype implementation that were concretely trialed and operated in the data centers of Germany's Federal Employment Agency (FEA). With this paper, we go one step further and generalize as well as optimize the mathematical model and create higher performance and scalability for an updated prototype through targeted use of cloud technologies. The starting point of our generalization is the Exponential Smoothing (E-S) approach, which underlies, for example, the well-known Holt-Winters method. This method is used to predict univariate time series. To detect anomalies (such as DDoS attacks) in infrastructure data, we extend the E-S approach to enable it to forecast multivariate time series. In this optimization of our method and our prototype, we take an exploratory, agile approach. Furthermore, we present a cloud-native architecture stack which we pilot in Azure. | en |
| dc.identifier.doi | 10.18420/inf2022_101 | |
| dc.identifier.isbn | 978-3-88579-720-3 | |
| dc.identifier.pissn | 1617-5468 | |
| dc.identifier.uri | https://dl.gi.de/handle/20.500.12116/39581 | |
| dc.language.iso | en | |
| dc.publisher | Gesellschaft für Informatik, Bonn | |
| dc.relation.ispartof | INFORMATIK 2022 | |
| dc.relation.ispartofseries | Lecture Notes in Informatics (LNI) - Proceedings, Volume P-326 | |
| dc.subject | Time Series | |
| dc.subject | Enterprise Architecture | |
| dc.subject | Exponential Smoothing | |
| dc.subject | Cloud | |
| dc.subject | Azure | |
| dc.subject | Distributed Denial of Service | |
| dc.subject | Infrastructure Anomaly Detection System | |
| dc.title | Infrastructure anomaly detection: A cloud-native architecture at Germany’s Federal Employment Agency | en |
| gi.citation.endPage | 1193 | |
| gi.citation.startPage | 1181 | |
| gi.conference.date | 26.-30. September 2022 | |
| gi.conference.location | Hamburg | |
| gi.conference.sessiontitle | (Agiles) Enterprise Architecture Management in Forschung und Praxis |
Dateien
Originalbündel
1 - 1 von 1