AI-enabled systems

Attack and anomaly detection in containerized systems: approaches based on anomaly analysis and profiling

I. V. Kotenko, M. V. Melnik

St. Petersburg Federal Research Center of the Russian Academy of Sciences, St. Petersburg, Russia

Abstract: The article is a continuation of the study devoted to the detection of attacks and anomalies in container systems, where approaches based on signatures and rules were analyzed. This article provides a classification of methods for detecting attacks and anomalies in container systems using approaches based on anomaly analysis and profiling. A systematic analysis of methods for detecting attacks and anomalies based on deep learning is performed. Their features, advantages and disadvantages are analyzed.

Keywords: container systems, cybersecurity, attack and anomaly detection, deep machine learning, profiling.

DOI: 10.14357/20718594250201

Bibliographic databases:

•