This work proposes a secure and dynamic VM allocation strategy for multi-tenant distributed systems using the Thompson sampling approach. The method proves more effective and secure compared to epsilon-greedy and upper confidence bound methods, showing lower regret levels.,Initially, VM allocation was static, but the unpredictable nature of attacks necessitated a dynamic approach. Historical VM data was analyzed to understand attack responses, with rewards granted for unsuccessful attacks and reduced for successful ones, influencing regret levels.,The paper introduces a Multi Arm Bandit-based VM allocation policy, utilizing a Weighted Average Ensemble Learning algorithm trained on known attacks and non-attacks. This ensemble approach outperforms traditional algorithms like Logistic Regression, SVM, K Nearest Neighbors, and XGBoost.,For suspicious activity detection, a Stacked Anomaly Detector algorithm is proposed, trained on known non-attacks. This method surpasses existing techniques such as Isolation Forest and PCA-based approaches.,Overall, this paper presents an advanced solution for VM allocation policies, enhancing cloud-based system security through a combination of dynamic allocation, ensemble learning, and anomaly detection techniques.
翻译:本研究提出了一种采用Thompson采样方法的安全动态虚拟机分配策略,适用于多租户分布式系统。与ε-贪婪算法和上置信界方法相比,该方法被证明更有效且更安全,显示出更低的遗憾值。虚拟机分配最初是静态的,但攻击的不可预测性要求采用动态方法。通过分析历史虚拟机数据以理解攻击响应机制,对未成功攻击给予奖励,对成功攻击则降低奖励,从而影响遗憾值。本文提出了一种基于多臂老虎机的虚拟机分配策略,采用在已知攻击和非攻击数据上训练的加权平均集成学习算法。该集成方法在性能上超越了传统算法,如逻辑回归、支持向量机、K近邻和XGBoost。针对可疑活动检测,提出了一种堆叠式异常检测器算法,该算法在已知非攻击数据上进行训练。此方法超越了现有技术,如孤立森林和基于主成分分析的方法。总体而言,本文提出了一种先进的虚拟机分配策略解决方案,通过结合动态分配、集成学习和异常检测技术,增强了云基系统的安全性。