Real-Time Anomaly Detection and Attack Mitigation for Cloud-Based Content Delivery Paths Using AI
DOI:
https://doi.org/10.63282/3050-922X.IJERET-V4I1P119Keywords:
Real-Time Anomaly Detection, Cloud Security, Content Delivery Networks (CDN), Edge-To-Origin Delivery Paths, AI-Driven Threat Detection, Streaming Telemetry Analytics, Network Traffic Modeling, Graph-Based Path Intelligence, Deep Learning For Attacks, Automated Attack Mitigation, Adaptive WAF/Rate-Limiting, Concept Drift Handling, Multi-Cloud Edge Computing, Zero-Trust Delivery RoutingAbstract
Cloud-based content delivery paths, which include client apps, edge PoPs, backbone links & origin services, are being attacked and misconfigured in ways that make them very less reliable, more expensive, and less trustworthy. Because CDN traffic changes in milliseconds and failures quickly spread across more regions, finding and fixing problems must happen in actual time, not on these dashboards that show what happened after the fact. This study suggests an actual time AI-driven pipeline that learns what "normal" delivery behavior is and steps in as soon as it sees a risk. Telemetry is gathered from multiple levels, such as edge access logs, request/response headers, TLS and QUIC handshake metadata, cache hit/miss streams, routing along with their BGP updates, queueing and loss statistics, and origin health indicators. These signals are then combined into time-aligned flow windows. A hybrid model stack has self-supervised sequence encoders for traffic patterns with a lot of different values, graph-based predictors for path & PoP connections, and lightweight online changepoint detectors to find sudden changes. When an anomaly is detected, a policy engine ranks the most likely causes, such as L7 floods, cache poisoning these attempts, bot spikes, route leaks, or regional origin brownouts. It then runs mitigation playbooks, which include adaptive rate limiting, dynamic WAF rules, cache key hardening, smart rerouting, or selective origin shielding. The system is tested by playing back multi-region traces at line rate and adding controlled red-team injections. This tests detection delay, false positive rate & end-to-end user effect under load. The results show that detection is substantially faster (with a median time-to-alert of less than a second), that context-aware fusion greatly reduces noisy alerts, and that mitigation works very well with little collateral throttling. Overall, the method gives CDN operators and cloud service providers a way to maintain their delivery paths stable even when things change quickly. It turns raw information into fast, automatic defense. The same cycle of learning and doing may also be used for multi-cloud ingress, SASE edges, and next-gen content routing, which will make internet-scale delivery safer and more independent.
References
[1] Qureshi, Kashif Naseer, Gwanggil Jeon, and Francesco Piccialli. "Anomaly detection and trust authority in artificial intelligence and cloud computing." Computer Networks 184 (2021): 107647.
[2] Mehar, Tariq. "Advanced Cyber Security Measures in Cloud Computing for Video and Media Processing Using Generative AI." (2022).
[3] Kaul, Deepak, and Rahul Khurana. "AI to detect and mitigate security vulnerabilities in APIs: encryption, authentication, and anomaly detection in enterprise-level distributed systems." Eigenpub Review of Science and Technology 5.1 (2021): 34-62.
[4] Ibitoye, Joshua Seyi. "Securing smart grid and critical infrastructure through AI-enhanced cloud networking." International Journal of Computer Applications Technology and Research 7.12 (2018): 517-529.
[5] Dani, Sourabh. Cloud-Centric Real-Time Anomaly Detection Using Machine Learning Algorithms in Smart Manufacturing. Diss. Swinburne, 2022.
[6] Mohammed, M. Riyaz. "Enhancing the Reliability of Cloud-Based Software Systems Using AI-Driven Fault Prediction and Auto-Remediation Techniques." American International Journal of Computer Science and Technology 3.5 (2021): 1-13.
[7] Singh, Baljeet. "Enhancing Real-Time Database Security Monitoring Capabilities Using Artificial Intelligence." International Journal of Current Engineering and Scientific Research (IJCESR) (2017).
[8] Parakala, Adityamallikarjunkumar, and Rangaram Pothula. "AI+ Document Understanding in UiPath: Solving Real Government Problems." International Journal of Artificial Intelligence, Data Science, and Machine Learning 3.3 (2022): 111-122.
[9] Vähäkainu, Petri, et al. "Artificial intelligence in protecting smart building’s cloud service infrastructure from cyberattacks." Cyber Defence in the Age of AI, Smart Societies and Augmented Humanity. Cham: Springer International Publishing, 2020. 289-315.
[10] Abubakar, Rana, et al. "An effective mechanism to mitigate real-time DDoS attack." IEEE Access 8 (2020): 126215-126227.
[11] Dixit, Palak, et al. "Anomaly detection in autonomous electric vehicles using AI techniques: A comprehensive survey." Expert Systems 39.5 (2022): e12754.
[12] Dhayanidhi, Glory. "Research on IoT threats & implementation of AI/ML to address emerging cybersecurity issues in IoT with cloud computing." (2022).
[13] Erigha, Eseoghene Daniel, et al. "Designing Real-Time Video Processing Systems Using Cloud-Based Media Transcoding and Content Distribution Networks." (2022).
[14] Parakala, Adityamallikarjunkumar. "Role Evolution: Developer, Analyst, Lead, Senior." American International Journal of Computer Science and Technology 4.3 (2022): 11-19.
[15] Sunkara, Goutham. "The Role of AI and Machine Learning in Enhancing SD-WAN Performance." SAMRIDDHI: A Journal of Physical Sciences, Engineering and Technology 14.04 (2022): 1-9.
[16] Panga, Naresh Kumar Reddy, and M. Thanjaivadivel. "Adaptive DBSCAN and Federated Learning-Based Anomaly Detection for Resilient Intrusion Detection in Internet of Things Networks." International Journal of Management Research and Business Strategy 10.4 (2020): 39-56.
[17] Lapolli, Ângelo Cardoso, Jonatas Adilson Marques, and Luciano Paschoal Gaspary. "Offloading real-time DDoS attack detection to programmable data planes." 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM). IEEE, 2019.
