cff-version: 1.2.0 abstract: "

With the rapid growth of cloud computing, malicious attacks targeting cloud services have become more prevalent. We propose a method for detecting malicious cloud service traffic based on multi-feature fusion, addressing the issues of single feature extraction and weak generalization capabilities in traditional methods. By analyzing the attack patterns of malicious traffic, our model extracts features from both field attributes and statistical attributes of malicious requests. Furthermore, to enhance the generalization ability of the extracted features, a feature fusion algorithm based on an attention mechanism is employed for field feature fusion, and a feature selection algorithm based on the Gini coefficient and random forest is used for statistical feature selection. To balance the contribution of different types of features to the model during training, we propose a dual branch malicious request detection model, which processes and trains field feature vectors and statistical feature vectors through separate branches. After comparing currently available datasets for cloud service attack detection, this paper selects the HTTP dataset CSIC 2010 and a real-world cloud service log dataset for testing and validating the proposed method. Experimental results demonstrate that the proposed method exhibits strong competitiveness and achieves superior classification performance compared to other models.

" authors: - family-names: Chen given-names: Zhouguo - family-names: Deng given-names: Chen orcid: "https://orcid.org/0009-0001-9939-4569" - family-names: Li given-names: Xinze orcid: "https://orcid.org/0000-0002-4063-963X" - family-names: Gao given-names: Xiang - family-names: Hu given-names: Hangyu title: "Code and dataset for malicious cloud service traffic detection based on multi-feature fusion" keywords: version: 1 identifiers: - type: doi value: 10.4121/ae5d2dd8-20c7-46ec-a1da-d97a8122343f.v1 license: MIT date-released: 2025-03-04