Journal of Cloud Computing: Advances, Systems and Applications (Jul 2025)

SSLA: a semi-supervised framework for real-time injection detection and anomaly monitoring in cloud-based web applications with real-world implementation and evaluation

  • Seyed Salar Sefati,
  • Bahman Arasteh,
  • Octavian Fratu,
  • Simona Halunga

DOI
https://doi.org/10.1186/s13677-025-00765-6
Journal volume & issue
Vol. 14, no. 1
pp. 1 – 28

Abstract

Read online

Abstract Injection attacks and anomalies pose significant threats to the security and reliability of cloud-based web applications. Traditional detection methods, such as rule-based systems and supervised learning techniques, often struggle to adapt to evolving threats and large-scale, unstructured log data. This paper introduces a novel framework, the Semi-Supervised Log Analyzer (SSLA), designed for real-time injection detection and anomaly monitoring in cloud environments. SSLA uses semi-supervised learning to utilize both labeled and unlabeled data, reducing the reliance on extensive annotated datasets. A similarity graph is built from the log data, allowing for effective anomaly detection using graph-based methods. At the same time, privacy-preserving techniques are integrated to protect sensitive information. The proposed method is evaluated on large-scale datasets, including Hadoop Distributed File System (HDFS) and BlueGene/L (BGL) logs, demonstrating superior performance in terms of precision, recall, and scalability compared to state-of-the-art methods. SSLA achieves high detection accuracy with minimal computational overhead, ensuring reliable, real-time protection for cloud-based web applications.

Keywords