NebulOuS is characterised by a dynamic, transient network of interconnected, interoperable and heterogeneous resources. Edge computing reduces latency, bandwidth consumption and operational costs while improving security and reliability by bringing storage and compute resources near the data source, one of the limitations of traditional cloud architectures. Learning at the edge, or artificial intelligence at the edge (AI at the edge), enables real-time decision making and improved data protection, as sensitive information can be processed locally without having to be transmitted to centralised servers, which is one of the key needs and requirements demanded by the dynamic nature of NebulOus.
The anomaly detection landscape in cloud and edge computing encompasses a range of methods and technologies, addressing everything from simple deviations to more complex adversarial and malicious behaviour. In the realm of cybersecurity, bio-inspired algorithms have emerged as a powerful tool to address the challenges of securing computer systems and networks due to their ability to solve complex problems, optimise solutions and adapt to changing environments, this is the operating context of NebulOus. This allows them to detect and respond to emerging threats more effectively, as they can constantly evolve and adjust their strategies according to the changing threat landscape. In addition, these algorithms can also improve the scalability and efficiency of cybersecurity systems by harnessing the power of swarms.
NebulOus and AIS-based detector
Aligned with the NebulOuS approach, a lightweight machine learning solution has been deployed for anomaly detection in Kubernetes clusters operating at the edge. This solution takes a hybrid approach, fusing a traditional machine learning algorithm with a biologically inspired immune algorithm (Negative Selection Algorithm (NSA)). By integrating AI-based anomaly detection with a real-time data collection tool such as Netdata, and embedding these capabilities into KubeVela, the system improves the resiliency and performance management of K8s environments. This integration is especially effective in the dynamic and distributed cloud infrastructure offered by NebulOuS, allowing it to quickly identify and respond to performance issues or security threats, ensuring reliable and secure operations in edge environments.
AIS-based detector may also be used to:
Beyond their deployment in NebulOus, bio-inspired systems for the detection of suspicious or malicious behaviour are one of the main technologies for the deployment of the CyberSecurity Mesh Architecture (CSAM) concept, a key player in the security of IoT infrastructures. The main objective of IoT defence systems and procedures is to minimise human action for security and resilience management, focusing on automation, autonomy, collaboration and intelligence, and meeting the following requirements: Distributed, Decentralised and Multilevel.
Moreover, deploying such IoT solutions involves several constraints in terms of storage, processing, connectivity, and power consumption, which are characteristics of immunological algorithms such as dendritic cell algorithm (DCA), negative selection algorithm (NSA), and clonal selection algorithm (CSA), among others. Therefore, although these algorithms are not new, they are a good bet for IoT security.
