EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Evidence Detection in Cloud Forensics: Classifying Cyber-Attacks in IaaS Environments using machine learning

Suhaila Abuowaida, Hamza Abu Owida, Suleiman Ibrahim Shelash Mohammad, Nawaf Alshdaifat, Esraa Abu Elsoud, Raed Alazaidah, Asokan Vasudevan and Muhammad Turki Alshurideh

Data and Metadata, 2025, vol. 4, 699

Abstract: Introduction: Cloud computing is considered a remarkable paradigm shift in Information Technology (IT), offering scalable and virtualized resources to end users at a low cost in terms of infrastructure and maintenance. These resources offer an exceptional degree of flexibility and adhere to established standards, formats, and networking protocols while being managed by several management entities. However, the existence of flaws and vulnerabilities in underlying technology and outdated protocols opens the door for malicious network attacks. Methods: This study addresses these vulnerabilities by introducing a method for classifying attacks in Infrastructure as a Service (IaaS) cloud environments, utilizing machine learning methodologies within a digital forensics framework. Various machine learning algorithms are employed to automatically identify and categorize cyber-attacks based on metrics related to process performance. The dataset is divided into three distinct categories—CPU usage, memory usage, and disk usage—to assess each category’s impact on the detection of attacks within cloud computing systems. Results: Decision Tree and Neural Network models are recommended for analyzing disk-related features due to their superior performance in detecting attacks with an accuracy of 90% and 87.9%, respectively. Neural Network is deemed more suitable for identifying CPU behavior, achieving an accuracy of 86.2%. For memory-related features, K-Nearest Neighbor (KNN) demonstrates the best False Negative Rate (FNR) value of 1.8%. Discussion: Our study highlights the significance of customizing the selection of classifiers based on the specific system feature and the intended focus of detection. By tailoring machine learning models to particular system features, the detection of malicious activities in IaaS cloud environments can be enhanced, offering practical insights into effective attack classification.

Date: 2025
References: Add references at CitEc
Citations:

There are no downloads for this item, see the EconPapers FAQ for hints about obtaining it.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:dbk:datame:v:4:y:2025:i::p:699:id:1056294dm2025699

DOI: 10.56294/dm2025699

Access Statistics for this article

More articles in Data and Metadata from AG Editor
Bibliographic data for series maintained by Javier Gonzalez-Argote ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-09-21
Handle: RePEc:dbk:datame:v:4:y:2025:i::p:699:id:1056294dm2025699