Litcius/Paper detail

SHIL: Self-Supervised Hybrid Learning for Security Attack Detection in Containerized Applications

Yuhang Lin, Olufogorehan Tunde-Onadele, Xiaohui Gu, Jingzhu He, Hugo Latapie

202212 citationsDOI

Abstract

Container security has received much research attention recently. Previous work has proposed to apply various machine learning techniques to detect security attacks in containerized applications. On one hand, supervised machine learning schemes require sufficient labelled training data to achieve good attack detection accuracy. On the other hand, unsupervised machine learning methods are more practical by avoiding training data labelling requirements, but they often suffer from high false alarm rates. In this paper, we present SHIL, a self-supervised hybrid learning solution, which combines unsupervised and supervised learning methods to achieve high accuracy without requiring any manual data labelling. We have implemented a prototype of SHIL and conducted experiments over 41 real world security attacks in 28 commonly used server applications. Our experimental results show that SHIL can reduce false alarms by 39-91% compared to existing supervised or unsupervised machine learning schemes while achieving a higher or similar detection rate.

Topics & Concepts

Computer scienceMachine learningArtificial intelligenceUnsupervised learningSupervised learningConstant false alarm rateSemi-supervised learningContainer (type theory)Labeled dataLabellingArtificial neural networkEngineeringMechanical engineeringSociologyCriminologyNetwork Security and Intrusion DetectionAnomaly Detection Techniques and ApplicationsAdvanced Malware Detection Techniques