Validating DDoS Detection Algorithms for Denial of Wallet Attacks in Serverless Architectures

Abstract

In the era of cloud computing and serverless architectures, the security of applications and services has become a critical challenge. Serverless computing, often referred to as function as a service (FaaS), is a cloud computing model that allows developers to build and run applications without the need to manage traditional server infrastructure. Serverless architectures have gained popularity in cloud computing due to their flexibility and ability to scale automatically based on demand. These architectures are based on executing functions without the need to manage the underlying infrastructure. Denial of wallet (DoW) attacks refer to a type of cyberattack that aims to exploit and exhaust the financial resources of an organization by triggering excessive costs or charges within their cloud or serverless computing environment, exploiting characteristics such as the pay-as-you-go model, auto-scaling, limited control, and cost amplification. This research aims to assess existing methods for detecting distributed denial of service (DDoS) attacks and extend their application to detect denial of wallet (DoW) threats, leveraging a dataset tailored to serverless architectures. We investigate various strategies and techniques that employ entropy, machine learning and deep learning algorithms to enable early detection of DDoS and DoW attacks in serverless environments. This research provides insights into the options that are available for detecting DoW attacks in serverless environments, allowing security professionals and developers to make decisions on the most appropriate solutions to protect their applications and cloud services.

1. Introduction

Serverless architectures provide notable benefits in scalability and resource efficiency by enabling organizations to execute code in response to events without the burden of managing the underlying server infrastructure. However, this inherent flexibility can also heighten the vulnerability of serverless applications to potential attacks [1]. The automatic scaling of resources may allow malicious actors to exploit this feature, leading to resource consumption that exceeds the limits initially established for the application [2]. This duality of benefits and risks necessitates careful consideration in the design and implementation of serverless systems [3]. This study emphasizes the relationship between distributed denial of service (DDoS) and denial of wallet (DoW) threats. The latter represent an extension of DDoS attacks, specifically targeting an organization’s financial resources by exploiting the consumption of resources in cloud-based environments and their economic impact. Additionally, the research highlights the emergence of hybrid attacks where both DDoS and DoW are combined, leading to the development of a novel and more complex threat model [4], as discussed in AI edge cloud service provisioning for knowledge management smart applications [5].

Distinct from conventional distributed denial of service (DDoS) attacks [6], the objective of denial of wallet (DoW) attacks is to specifically target an organization’s financial resources. By leveraging the auto-scaling and pay-as-you-go characteristics inherent in cloud-based environments, attackers are able to generate a substantial volume of requests that result in a significant inflation of operating costs without necessarily leading to service downtime. Furthermore, the landscape is evolving to include hybrid attacks, which combine both DDoS and DoW vectors, resulting in a more complex threat model. It is imperative to acknowledge that conventional detection mechanisms frequently overlook the unique vulnerabilities inherent to serverless environments. Consequently, the development of customized detection methodologies assumes paramount importance for ensuring financial viability.

The objective of this research is to evaluate the efficacy of the current methodologies for detecting distributed denial of service (DDoS) attacks and to expand their application to the detection of denial of wallet (DoW) threats. This endeavor will utilize a dataset specifically designed to accommodate serverless architectures. The dataset under consideration provides a robust foundation for the present study insofar as it captures serverless-specific metrics. Such metrics include, but are not limited to, function execution times, concurrent active functions, and dynamic resource consumption (CPU and memory). It is vital to note that these metrics are critical for distinguishing between legitimate workload spikes and malicious financial drain.

This study investigates various strategies and techniques that employ statistics, machine learning and deep learning algorithms with a view to enabling early detection of DDoS and DoW attacks in serverless environments. Furthermore, an investigation is conducted into the evolution of these detection approaches to accommodate the unique characteristics of serverless architectures. A critical evaluation is then performed to ascertain their benefits and limitations when compared to traditional attack detection mechanisms. In order to validate the aforementioned methods via experimental means, the present study utilizes a publicly available dataset. This dataset is entitled “Generation of a Dataset for DoW Attack Detection in Serverless Architectures”. It is evident that the prevailing proposals for the detection of DoW attacks exhibit considerable deficiencies, particularly with regard to their computational expense. The existing models are predominantly designed to address conventional DDoS attacks; however, they do not take into account the particularities of serverless architectures, such as their automatic scalability, lack of control over the underlying infrastructure, and resource consumption. Moreover, conventional solutions are often too general or reactive, thus rendering them ineffective against DoW attacks. The latter operate in a more discreet and subtle manner, exploiting the characteristics of applications deployed in a serverless environment. The selection of appropriate statistical and artificial intelligence algorithms, including machine learning, neural networks, and deep learning, is essential for the detection and classification of DDoS/DoW attacks in serverless architectures. The performance of the model in detecting DoW attacks must be evaluated. A thorough analysis of the evaluation results is required, alongside a discussion of the implications of the proposed methods.

Whilst prior studies have comprehensively investigated conventional DDoS detection methodologies, the mitigation of DoW attacks within serverless contexts cannot depend exclusively on volume-based heuristics. This is due to the fact that malevolent requests frequently impersonate authentic traffic, thereby gradually depleting financial resources. Consequently, as opposed to proposing novel underlying mathematical algorithms, the primary theoretical and practical contributions of this research lie in the contextual adaptation and validation of sequence-based models for financial exhaustion. The present study makes a specific contribution to the existing literature by

• Establishing a theoretical baseline for financial anomaly detection: A demonstration is made of the fact that infrastructure-level metrics (e.g., CPU scaling and concurrent function executions) act as direct financial indicators in pay-as-you-go models, thus shifting the detection paradigm from service availability to economic sustainability.
• Validating temporal dependency capture: It is demonstrated that sequence-based deep learning models (particularly Bi-LSTM) possess the unique capability to discern the subtle temporal dependencies of financial drain, thereby differentiating between legitimate workload spikes and covert economic sabotage.
• Comprehensive multi-metric benchmarking: The present study provides an exhaustive comparison of statistical, machine learning and deep learning methods. In this study, traditional evaluation metrics are expanded to include serverless-specific operational constraints, such as computational cost and latency.

The following structure is employed: The first section provides a contextual introduction, while the second chapter offers a comprehensive overview of the existing literature on the subject. The third chapter presents the models for detecting attacks in serverless architectures, and the fourth chapter details the experimental setup, the fifth chapter presents the results, and the final chapter offers conclusions. The present study makes a novel contribution by offering a comparison of various methods for detecting the denial of wallet (DoW) threat in serverless architectures. As cloud and serverless computing continue to gain prominence, it is becoming increasingly apparent that a robust understanding of the mechanisms to safeguard applications and services from cyberattacks is imperative. A range of strategies for detecting such attacks are analyzed, including both statistical methods and artificial intelligence techniques, with the aim of identifying malicious patterns and reducing the risks associated with these threats.

2. State of the Art

A primary concern is the vulnerability to denial of service (DoS) and denial of wallet (DoW) attacks. Distributed denial of service (DDoS) attacks are designed to overload a system’s resources, rendering it inaccessible to legitimate users. Conversely, DoW attacks leverage the pay-per-use model characteristic of serverless platforms, generating a substantial volume of requests that escalate operating costs significantly, thereby impacting the economic sustainability of deployed applications and services. This type of attack exploits the scalable and usage-based nature of serverless architectures, generating high financial costs without interrupting service availability [4].

In the contemporary digital era, where information traverses global networks and online platforms, cybersecurity has emerged as a paramount concern for organizations across various sectors. The growing adoption of serverless architectures presents both novel challenges and opportunities in the detection and mitigation of distributed denial of service (DDoS) attacks. Typical DDoS attacks are shown in Figure 1, while denial of wallet (DoW) attacks are illustrated in Figure 2. These attacks, orchestrated by adversaries with diverse objectives, aim to exhaust the resources of online applications or services, leading to significant disruptions in accessibility and functionality. Distributed denial of service (DDoS) defense is a profound research problem. In recent years, adversaries tend to complicate their attack strategies by crafting vast DDoS variants [6].

Security in cloud environments, and serverless architectures in particular, is a growing concern as more organizations adopt this technology. Distributed denial of service (DDoS) and denial of wallet (DoW) attacks continue to be major threats to the availability of cloud services.

The objective of such attacks is to exhaust the victim’s resources, such as processing time or bandwidth, with a view to preventing them from carrying out transactions or accessing their funds. The FaaS (function as a service) model has provided the foundation for the development of a cloud computing paradigm known as serverless, wherein applications are executed through the utilization of independent functions. These functions are automatically deployed and managed by the cloud service provider.

In the context of cloud environments, distributed denial of service (DDoS) and denial of wallet (DoW) attacks in serverless environments can be of particular concern. This is due to the elasticity and resource sharing characteristic of the cloud, which has the capacity to amplify the impact of the attack on multiple customers or services hosted on the same infrastructure.

2.1. Attack Vectors in Serverless Architectures

The adoption of serverless architectures confers a distinct advantage from a security perspective as organizations are no longer encumbered with concerns regarding infrastructure, network, or host security. Serverless architectures offer a variety of event sources that can initiate the execution of a function. This has the effect of increasing the potential attack surface and consequently introduces complexities when attempts are made to protect serverless functions against event data injections.

With regard to the attack vectors of serverless applications, the OWASP Serverless Security Top 10 [7] and the OWASP Top 10 Interpretation for Serverless [8] are the principal references for the vectors of serverless functions offered by cloud providers.

Table 1. DDoS/DoW attack vectors.

Description	Potential Impact
Data injection in function events
Malicious data injected into function triggers, leading to unauthorized code execution [9].	Malicious code execution, data theft, unauthorized resource access.
Broken authentication
Exploits authentication vulnerabilities to gain unauthorized access [10].	Sensitive data access, data manipulation, account compromise.
Insecure deployment configuration
Exploits incorrect or vulnerable deployment configurations [11].	Data access, manipulation, infrastructure compromise.
Functions with elevated privileges
Exploits functions with excessive permissions [12].	Data leakage, infrastructure compromise, privilege escalation.
Inadequate control and recording
Exploits lack of visibility to carry out undetected malicious actions [13].	Data loss, infrastructure compromise, privilege escalation.
Insecure third-party dependencies
Exploits vulnerabilities in third-party libraries [14].	Data leakage, function compromise, privilege escalation.
Insecure storage of secrets
Access to insecurely stored API keys, passwords, and certificates [15].	Account compromise, unauthorized infrastructure access.
Distributed denial of service (DDoS)
Multiple compromised systems generate malicious traffic [16].	Service interruption, reputation damage.
Denial of wallet (DoW)
Exhausts funds via excessive requests in pay-per-use model [17].	Increased costs, account suspension, service interruption.
Manipulating execution flow
Alters function execution sequence [18].	Unauthorized function execution, data corruption, service interruption.
Inadequate exception handling
Exploits error handling weaknesses to reveal sensitive information [19].	Data leakage, unauthorized access, vulnerability exploitation.

provides a detailed description of the attack vectors.

2.2. Algorithms for Detecting DDoS/DoW Attacks

In recent years, there has been growing interest in developing new techniques for detecting DDoS attacks on serverless architectures. The most recent research techniques include:

Machine learning methods and neural networks: machine learning techniques and neural networks are based on learning normal and malicious traffic patterns [20].

• Statistical anomaly detection methods that compare malicious traffic patterns with legitimate traffic using behavioral analysis techniques and a mathematical model where statistical parameters, such as packet arrival times, bandwidth exhaustion, and buffer size, are analyzed mathematically. Entropy variations are used to identify the origin of DDoS attacks and for anomaly detection. Entropy variation is defined as the change in the randomness of network traffic flows.
• Methods based on differential equations: These propose a mathematical model based on differential equations to analyze DDoS attacks on highly protected systems, such as the main servers in organizations, and poorly protected systems, such as user devices [21].
• Game theory-based methods: These show that the attack model has two equilibrium points, one where the probability of attack is low or zero and another where the probability of attack is high. A threshold variable is used as the main parameter to determine whether attacks are successful or not [22].

In this work, we mainly address the first two techniques, machine learning methods and neural networks, but also statistical anomaly detection methods. These were chosen for their ability to adapt to the dynamic and scalable nature of serverless architectures.

2.2.1. Statistical Methods for Detecting DDoS/DoW Attacks

Statistical methods, by analyzing anomalies in traffic and application behavior, allow deviations from a pattern to be identified. Statistical methods are of pivotal importance in the identification of such attacks as they facilitate the analysis of traffic patterns and the detection of anomalies that could be indicative of an attack. The most common and effective statistical algorithms for detecting DDoS/DoW attacks are shown in

Table 2. Statistical methods for detecting DDoS/DoW attacks.

Algorithms Based on Distribution Models
The employment of such algorithms, including Poisson and Gaussian distribution models, facilitates the identification of variations in data flows, thereby establishing unusual thresholds that could signal the occurrence of attacks. This, in turn, enables the prompt detection and mitigation of threats [23].
Algorithms based on time-series models
The employment of algorithms such as autoregressive integrated moving average (ARIMA) and hidden Markov models (HMMs) is attributable to their capacity to model and predict network traffic patterns. ARIMA employs historical data to predict future traffic values, facilitating the identification of deviations that may signal an attack. Hidden Markov models (HMMs) represent network traffic as a sequence of hidden states. Changes in the probabilities of these states can be indicative of anomalous activity [24].
Algorithms based on the analysis of data randomness
These are statistical methods that are utilized for the purpose of detecting anomalies in network traffic by measuring the randomness of data. A substantial increase in entropy is indicative of anomalous behavior as DDoS attacks characteristically result in elevated variability in network traffic [25]. Shannon entropy: Can be defined as the average amount of information contained in a dataset. In the context of DDoS (distributed denial of service) attacks, entropy can be calculated from the distribution of IP (Internet Protocol) addresses, ports, protocols, or traffic volumes. By observing the entropy for each type of event, high variations for each type of event could be flagged as possible DDoS/DoW attacks. Data flow-based entropy, also termed data flow entropy (DFE), is predicated on traffic characteristics [26]. Conditional entropy: This is a measure of the remaining uncertainty of a variable given knowledge of another variable. In the context of DDoS (distributed denial of service) attacks, conditional entropy can be utilized to analyze the relationship between different characteristics of network traffic [27]. Rényi entropy: This is a generalization of Shannon entropy that allows sensitivity to be adjusted to different probability levels. By varying a parameter, it is possible to assign greater or lesser weight to events according to their probability. In the context of DDoS (distributed denial of service) attacks, Rényi entropy can be utilized for the detection of attacks that do not cause drastic changes in Shannon entropy but do affect the distribution of less probable events [28].

.

Figure 3 shows a schematic representation of the classification performed with the different types of algorithms.

Algorithms based on time-series models and those based on data randomness differ fundamentally in their approaches and objectives. Algorithms based on time-series models are more effective at detecting anomalies related to changes in the temporal behavior of traffic, such as unusual trends or sudden spikes, while entropy-based algorithms are better suited to identifying anomalies related to changes in the distribution and randomness of traffic, such as the dispersion of characteristics or the falsification of source addresses.

2.2.2. Machine Learning Methods and Neural Networks for Detecting DDoS/DoW Attacks

The detection of DDoS/DoW attacks has evolved significantly with the incorporation of machine learning and neural networks, which are emerging as tools for discerning complex and anomalous patterns in network traffic, enabling more accurate and efficient identification of these threats. The following AI algorithms, considered to be the most prominent for this purpose, are shown in

Table 3. Summary of key techniques and their contributions.

Classic Supervised Algorithms
A set of conventional machine learning (ML) methodologies are employed for the purpose of categorizing or labeling input data into predefined classes or categories. However, their threat detection capabilities are limited as they tend to be less effective at identifying complex non-linear patterns in large volumes of data and have a greater tendency to produce false positives [29,30,31].
Decision Tree: Tree-based model that splits data into branches based on feature values, creating interpretable rules for classification.
Naïve Bayes: Probabilistic classifiers based on Bayes’ theorem assuming feature independence.
Random Forest: An ensemble machine learning approach that constructs multiple decision trees during training and outputs the mode of their predictions for classification tasks. Each tree is built from a random subset of data and features, reducing overfitting and improving generalization. Random forest is highly effective for detecting DDoS attacks due to its ability to handle high-dimensional data and identify complex patterns in network traffic with robust accuracy.
Gradient Boosting: An ensemble learning technique that builds multiple weak prediction models sequentially, where each new model corrects errors made by previous ones. It combines predictions through weighted voting to create a strong predictive model, particularly effective for classification and regression tasks in cybersecurity applications. Gradient boosting optimizes a loss function by iteratively adding models that follow the negative gradient, resulting in superior performance for anomaly detection in network infrastructure.
K-Nearest Neighbors (KNN): Instance-based learning that classifies data points based on the majority class of their k nearest neighbors in the feature space.
Neural Network (NN)
It is a type of artificial neural network architecture consisting of several layers of neurons, each connected to every neuron in the adjacent layers [32].
Multilayer Perceptron (MLP): A type of neural network that has proven effective in a variety of classification problems, including the detection of DDoS attacks. It detects DDoS attacks in network infrastructure.
Deep Neural Network
A type of artificial neural network with multiple layers (RNN) between the input and output layers [33].
LSTM (Long Short-Term Memory): Specialized RNN architecture with memory cells and gating mechanisms (input, forget, and output gates) that can learn long-term dependencies and avoid vanishing gradient problems, making them ideal for sequential data analysis in time-series attack detection.
BI-LSTM (Bidirectional LSTM): Processes sequences in both forward and backward directions simultaneously, capturing context from past and future states for improved pattern recognition in network traffic analysis.
GRU: A simplified variant of LSTM with fewer parameters, combining forget and input gates into a single update gate. GRUs are computationally efficient while maintaining the ability to capture long-term dependencies, making them suitable for real-time DDoS detection in resource-constrained IoT and fog computing environments.

.

Figure 4 presents a schematic representation of the classification employed in this analysis.

2.2.3. Hybrid Methods for Detecting DDoS/DoW Attacks

In other works, the authors propose a hybrid DDoS attack detection mechanism that combines convolutional neural networks (CNNs), the Bi-LSTM model, and an attention mechanism. CNNs are utilized for the extraction of spatial features from network data, while Bi-LSTM networks are employed for the capture of temporal sequential patterns. Furthermore, the attention mechanism enables the model to concentrate on the most pertinent features, thereby enhancing the precision of DDoS attack detection. The proposed approach has been demonstrated to outperform traditional methods in terms of performance, achieving greater accuracy and efficiency in detection. In summary, while a distributed denial of service (DDoS) attack seeks to affect the overall cloud or serverless infrastructure, a DoW attack focuses on exploiting specific vulnerabilities in digital wallets within these environments, directly impacting the management and security of digital assets, such as sensitive financial data.

3. Models for Detecting DoW Attacks

This section has analyzed the evolution and emergence of new attack vectors in serverless architectures, highlighting how the flexibility and scalability inherent in this computing model also present new areas of vulnerability. Distributed denial of service (DDoS) and denial of service (DoS) attacks have been identified as significant threats in serverless environments. In these environments, the use of automation and pay-per-use models can be exploited to cause service interruptions or maliciously inflate operating costs.

At this juncture, it is imperative to underscore the necessity of formulating robust strategies for the early detection of such attacks. This necessitates a rigorous evaluation of the role played by statistical and artificial intelligence algorithms based on neural networks. In the context of the dichotomy between statistical algorithms or machine learning and neural network algorithms, a discernible trade-off emerges between computational cost and detection capability. Statistical algorithms are distinguished by their simplicity and minimal resource requirements, which result in high efficiency in data processing. This renders them optimal for linear patterns and simple relationships. However, their potential is constrained by their capacity to discern complex and non-linear patterns, which can lead to less precise anomaly detection.

Conversely, neural networks, despite demanding substantially higher computational costs due to the intricacy of their architecture and the necessity for voluminous datasets, are distinguished by their capacity to learn hierarchical representations and discern more intricate patterns.

3.1. Events in Serverless Functions

This paradigm enables developers to concentrate exclusively on the logic and functionality of the application without being encumbered by server administration concerns. The function as a service (FaaS) computing model is the basis for a new cloud computing paradigm, termed serverless, which is being developed as a code execution model. This model frees developers from server management and resource allocation, delegating these responsibilities to the cloud provider [32].

The differences between a distributed denial of service (DDoS) attack and a denial of wallet (DoW) attack are significant due to the specific characteristics of these platforms. A DDoS attack in this context seeks to saturate the resources available in the cloud or serverless environments, such as computing capacity, bandwidth, or scalability limits, with the aim of preventing legitimate access to cloud-hosted services. This can lead to temporary or permanent inaccessibility of critical applications, negatively impacting availability and user experience. Conversely, a wallet denial of service (DoW) attack in cloud/serverless architectures is designed to target the digital wallets utilized within these environments. This attack exhausts the storage, processing, or cryptographic key access resources in digital wallets, which can lead to the loss or blocking of digital funds, affecting the integrity and availability of financial assets stored in the cloud.

In the context of serverless architectures, functions are executed in response to specific triggers. These triggers may include events such as a synchronous HTTP request or an asynchronous call, which are initiated as a consequence of a message being sent to a queue or a record being updated in a database. The event E denotes the triggering of the call and each alteration in the present state of the application. The following categorization has been employed in order to organize the most common types of events according to their nature (direct interaction, asynchronous, storage, time, and other services) [33].

1. Storage events: Serverless functions can be triggered by events in cloud storage services, such as Amazon S3 or Google Cloud Storage. Object storage: Functions triggered by changes in object storage (S3, Cloud Storage, or Azure Blob Storage), such as the creation, modification, or deletion of files. Database changes: Some serverless platforms allow the configuration of events based on changes in a database. For example, a function can be triggered when a new record is inserted into a database.

2. Direct events (request/response): These refer to triggering events that invoke a serverless function in response to a synchronous request or query. In this case, the service or client that initiates the event expects an immediate response from the serverless function once it has finished executing. HTTP/API gateway: These functions are triggered when an HTTP request, such as a GET or POST request, is received. They can be used to build APIs, microservices, and web applications. RPC/service calls: Functions invoked directly by other services or applications using RPC (remote procedure call) mechanisms or calls to platform-specific services.

3. Asynchronous (message-based) events: These refer to triggering events that invoke a serverless function in response to the arrival of a message at a messaging system. Unlike direct events, the service or client sending the message does not expect an immediate response from the serverless function. Message queues: Message queues, such as Amazon Simple Queue Service (SQS) or Google Cloud Pub/Sub, can be used to trigger serverless functions when a message is sent to the queue. This allows for the construction of asynchronous and distributed processing systems. Data streams: Real-time streaming services, such as Amazon Kinesis, Azure Stream Analytics, or Google Cloud Dataflow, enable continuous data ingestion and processing. These services can generate events when new data records are received in a data stream.

4. Scheduled events (time): These refer to triggering events that invoke a serverless function at specific times or at predefined regular intervals without the need for explicit action by a user or external service at that time. These events allow you to automate tasks and processes that must be performed periodically. Timers/Cron Jobs: Functions that run at defined time intervals (CloudWatch Events Rules, Cloud Scheduler, or Azure Logic Apps).

5. Platform events and external services: Some serverless platforms allow integration with external services, such as payment systems, authentication services, or notifications. Serverless functions can be triggered when events occur in these external services. Platform events: Functions triggered by events generated by the serverless platform itself, such as configuration changes, deployments, or alarms. Integrations with external services: These are functions triggered by events from services external to the serverless platform (SaaS and third-party APIs).

3.2. Development of the Statistical Model

Anomaly detection is a common application of this technique due to the fact that anomalous behaviors tend to have higher entropy than normal behaviors. The most relevant statistical approaches are analyzed, with a discussion of the advantages and disadvantages of each approach, and are shown in

Table 4. Advantages and disadvantages of statistical algorithms.

Distribution-Based Algorithms
Advantages	Disadvantages
Conceptually simple and efficient. Good for detecting changes in overall volume or frequency.	They require a specific distribution to be assumed, which is unrealistic for complex data. They are sensitive to the accuracy of the estimated parameters (mean and variance). They may not capture complex relationships or temporal dependencies.
Time series-based algorithms
Advantages	Disadvantages
Capture temporary dependencies. Can predict future values. Good for detecting changes in patterns over time.	They can be computationally expensive (training; parameter tuning). They require a longer data history. They may assume stationarity or predictable patterns.
Randomness-based algorithms (entropy)
Advantages	Disadvantages
Sensitive to changes in transaction diversity. They can detect attacks that maintain normal volumes but change the composition (e.g., DDoS with varied but anomalous IPs; DoW with event variability and function calls).	Requires choosing the appropriate characteristics to calculate entropy. Needs to establish a threshold or normal range of entropy. Could fail if an attack perfectly mimics the normal distribution of characteristics (difficult).

. The aim is to select the best method, with a focus on its applicability to the detection of anomalies in transactions, such as invocations in a serverless architecture.

While all three approaches may be considered adequate for the identification of anomalies in serverless architectures, algorithms based on randomness, specifically entropy, offer a particular advantage for the detection of anomalies in related transactions, such as network traffic or serverless invocations, for the following reasons:

1. Ability to analyze the internal structure of transactions: Unlike distribution models or time series, entropy analyses the internal structure and diversity of characteristics within a set of transactions in a time window. It measures, for example, how many different IP addresses are active, how distributed calls are among different functions, or how predictable the next transaction is given the current one.

2. Sensitivity to diversity in transactions: Unlike distribution models or time series, entropy is more sensitive to the diversity of transactions.

3. Complementarity: Unlike distribution models or time series, entropy is capable of detecting changes in the intrinsic characteristics of transactions. An attacker could attempt to maintain normal traffic volume to evade detection based on distribution or time series, but it would be more difficult to maintain the normal distribution of internal characteristics, which is what entropy measures.

3.3. Entropy-Based Model

Entropy has been utilized as a metric for the identification of denial of service attacks. Of all the entropies studied, Shannon entropy was selected due to its reduced propensity for producing false positives. In a similar manner to how variations in entropy can be measured in order to detect anomalies in the distribution of traffic characteristics, it is also possible to apply this methodology to measuring variations in the quantity and behavior of events. By analyzing changes in entropy in events triggered by serverless function calls, it is possible to identify unusual patterns that could indicate a DoW attack. For instance, a sudden increase in the entropy of events being executed and function calls could indicate that an attacker is generating a large number of random events to exhaust the resources of the serverless function. This approach facilitates the utilization of the concept of entropy to discern minute alterations in event behavior, thereby providing an augmented layer of security for serverless applications [34].

In the context of serverless events, the entropy threshold can be used to assess how random the generated events are. Serverless events are typically driven by triggers that activate a serverless function in the cloud. These triggers can be events such as an HTTP request, a database update or a change in a message queue. The concepts of window size and threshold value are introduced at this point depending on the period of time over which the possible events occurring within the event flow are to be analyzed. Window size refers to the amount of data or elements that are considered for analysis at a specific moment in time. In the context of DoS attack detection, the window size is the set of events moving through the input dataset that determines how many events are considered in each iteration. While a larger window size can better capture redundancies over time, it may also require more computational resources.

We propose implementing an algorithm that calculates the threshold and evaluates whether the entropy value for each event type is above or below the respective upper or lower thresholds. Additionally, we employ a configuration parameter, ANOMALY-COUNT-THRESHOLD, which is empirically defined and represents a design decision regarding the sensitivity of the detection system.

Table 5. Summarizes the two scenarios in attack detection.

Case	Interpretation
Low Entropy	Rare and predictable events. Normal behavior. No threat.
High Entropy	Many different events. Potential attack: entropy_potential_attack > ANOMALY_COUNT_THRESHOLD.

summarizes the two scenarios of entropy-based attack detection. Low entropy indicates that behavior is normal and not threatening. The most critical case is high entropy, where the diversity and volume of events suggest a potential attack, such as a DDoS attack. This triggers alerts when the threshold is repeatedly exceeded. ANOMALY-COUNT-THRESHOLD is designed to reduce false positives. Real systems may experience momentary fluctuations or ’noise’ that cause entropy to fall outside the range in a single window, which does not necessarily constitute a real attack. Therefore, by requiring the anomaly to persist for a certain number of occurrences defined by this parameter, the aim is to confirm that the deviation from normal behavior is sustained and is therefore more likely to be indicative of an attack.

3.3.1. Model Based on Machine Learning Methods and Neural Network Algorithms

While entropy provides early warning based on anomalies, AI models (e.g., neural networks or decision tree-based algorithms) can be used to classify traffic types more accurately and reduce false positive rates.

The effectiveness of the dataset in detecting attacks can be assessed using the confusion matrix, as illustrated in

Table 6. The confusion matrix is influenced by the rates of false positives (FPs), true positives (TPs), false negatives (FNs), and true negatives (TNs) and ”bot” label to classified attacks. Green background is right classification.

Observation/ Prediction	Positive	Negative
Positive	Attack traffic detected (bot = 1) and classified as attack correctly (TP).	Attack traffic detected (bot = 1) and classified as non-attack wrongly (FN).
Negative	Legitimate traffic (bot = 0) and classified as legitimate traffic wrongly (FP).	Legitimate traffic (bot = 0) and classified as legitimate traffic correctly (TN).

. A confusion matrix serves as a comprehensive summary tool for evaluating the performance of a classification model. It encapsulates both the numbers of correct and incorrect predictions, providing a detailed breakdown of these values across each class. The hit or detection rate is defined as the frequency with which the algorithm successfully predicts an attack window. The main diagonal (green) indicates values that are correctly predicted by the classification algorithm. The secondary diagonal (red) includes values that the classifier erroneously predicts.

False negative sequences occur when an attack goes undetected despite its actual presence, often attributed to the insufficient generation of events within the specified time window. Conversely, false positives arise when an attack is erroneously identified despite the absence of any genuine attack activity.

The primary evaluation criteria employed in this research are accuracy and precision, specifically focusing on the identification of true attacks (hit rate) and the rejection of legitimate traffic (false positive rate). Achieving a high hit rate coupled with a low false positive rate is essential at this stage. To assess these metrics effectively, the confusion matrix is commonly utilized.

3.3.2. Model Based on Artificial Intelligence Algorithms

The machine learning algorithms to be employed are of the supervised variety. The distinction between supervised and unsupervised algorithms lies in the utilization of a pre-classified dataset for training, enabling supervised algorithms to perform identification and classification tasks. In contrast, unsupervised algorithms seek to organize data into multiple clusters, with the objective of extracting patterns from the data. With regard to the detection capacity of these algorithms, a comparison will be made regarding their respective advantages and disadvantages in

Table 7. Advantages and disadvantages of machine learning algorithms.

Decision Tree
Advantages	Disadvantages
Decision trees are easy to understand and interpret and can detect simple patterns in data.	Decision trees tend to be prone to overfitting, especially on large and complex datasets.
Random Forest
Advantages	Disadvantages
Random forest is an extension of decision trees that combines multiple trees to reduce overfitting. It can handle large and complex datasets, as well as irrelevant features.	Although it is more resistant to overfitting than a single decision tree, it may not be the best model for detecting highly sophisticated DoS or DoW attacks.
Gradient Boosting
Advantages	Disadvantages
Gradient boosting is a technique that allows for the analysis of more complex patterns in data. It can handle datasets that are not balanced.	It can be more complex to adjust and configure compared to decision trees and random forest. Compared to these, it may require more training time.
Naive Bayes
Advantages	Disadvantages
The naive Bayes algorithm is simple and computationally efficient. Furthermore, it can handle categorical and binary features, which is useful in detecting DDoS and DoW attacks, where features may be categorical in nature, such as traffic type or event types. Naive Bayes can also perform well even with relatively small datasets.	Due to the assumption of independence between features, naive Bayes is less capable of capturing complex relationships, which means that it may miss patterns in the data that other more advanced algorithms could detect.
KNN Classifier
Advantages	Disadvantages
It is simple to implement and understand. It does not require a complex training process as it stores training data and makes predictions based on the proximity of neighbors. It is effective for small- to medium-sized datasets.	Computationally more expensive with larger datasets as it requires calculating distances between all points. Its performance can be affected by irrelevant features or unequal scales between variables. Furthermore, the choice of the number of neighbors can significantly affect the results.

.

3.3.3. Neural Network-Based Model

In light of the sequential nature of serverless transactions and the limitations of conventional machine learning algorithms, the utilization of recurrent neural networks (RNNs) holds considerable promise in overcoming these constraints. This is due to the inherent capability of RNNs in modeling temporal data sequences, a task of paramount importance in the context of processing transactions that are related and dependent on each other over time [35].

Recurrent networks, especially LSTM, Bi-LSTM, and GRU, are designed to process sequential data, maintaining a ‘memory’ that allows them to remember past information and use it to predict or classify future data. This capability is important for detecting anomalies in serverless transaction sequences, where temporal context is essential. Advantages and disadvantages of deep learning algorithms for detecting DDoS/DoW attacks are shown in

Table 8. Advantages and disadvantages of deep learning algorithms for detecting DDoS/DoW attacks.

Multilayer Perceptron (MLP)
Advantages	Disadvantages
Easy implementation and training. Good performance on static data.	Does not handle time sequences. Ignores time dependencies in data.
Long Short-Term Memory (LSTM)
Advantages	Disadvantages
Handles long-term dependencies. Prevents gradient fading; ideal for complex temporal patterns.	Higher computational cost. More hyperparameters to adjust.
Bidirectional Long Short-Term Memory (Bi-LSTM)
Advantages	Disadvantages
Bidirectional context capture (past and future). Improved accuracy in detecting temporal anomalies.	Higher computational cost than LSTM. Complexity in implementation.
Gated Recurrent Unit (GRU)
Advantages	Disadvantages
Similar to LSTM but with fewer parameters. Resource-efficient. Good balance between performance and complexity.	It may be less accurate than LSTM in very long dependencies.

.

4. Experimentation

The objective of the experiment was to ascertain the processing times in each scenario and to analyze the impact of statistical algorithms, machine learning and deep learning. The experiment focuses on a transaction dataset, using a serverless architecture to explore its responsiveness, scalability and efficiency in performing processing and analysis tasks, evaluating its effectiveness in detecting attacks.

4.1. Resources

All experimental procedures were carried out utilizing the Python programming language within the Google Colab environment, taking advantage of graphics processing units (GPUs) and tensor processing units (TPUs) to expedite intensive computational workloads. To establish a comparative performance baseline, local testing was also conducted on a machine featuring an Intel Core i5-10210U processor, 8 GB of RAM, and the Windows 11 Professional operating system. The software ecosystem was built upon Python version 3.10.12, integrating the latest releases of essential scientific and machine learning libraries, including NumPy, Pandas, Scikit-learn, TensorFlow, and Keras.

Since no cloud provider offers a dataset of serverless transactions and DoW attack attempts, based on real-world operations, we must use a synthetically generated dataset to conduct our experiments and train the algorithms for DoW detection. This dataset has been generated by combining a DoW simulator to obtain synthetic normal and malicious traffic data [16] and a collection of Microsoft Azure Function invocations [36]. This resulting dataset contains serverless requests and simulates DDoS/DoW attacks [37]. The three main objects in the data are functions, applications, and users. In addition, metadata on function calls, execution times and memory usage are provided. Figure 5 shows the distribution of transactions in the dataset.

4.2. Selection of Features

The causal relationship between these 13 selected features and DoW attacks is rooted in the fundamental mechanics of serverless billing models. In contrast to conventional infrastructure, the financial outlay of serverless functions is calculated on the basis of the number of invocations, the duration of execution, and the allocated memory and CPU. Consequently, features such as maxcpu, avgcpu, and ActiveFunctions are not merely performance metrics; they are direct financial indicators. In the event of an attacker executing a DoW attack, functions are systematically triggered to maximize concurrent executions (ActiveFunctions AtRequest) and sustain high processing loads (p95maxcpu). The implementation of these particular infrastructure-level attributes within the models is predicated on the theoretical premise that it will imbue the algorithms with the capacity to discern anomalous financial consumption patterns, superseding the capacity to detect mere traffic volume spikes. The selection of features for experimentation is delineated in

Table 9. Selection of 13 features of serverless events.

Execution & Timing Metrics
Function Trigger	Specific event source that initiated the function execution (HTTP request, a timer, a message queue trigger…).
Submit Time	Timestamp marking exactly when the function invocation request was submitted to the serverless platform.
Response Delay	The total duration from the moment the request was submitted until the response was received.
Invocation Delay	Latency between the request submission and the actual start of the function’s code execution.
ActiveFunctions:
ActiveFunctions	The total number of function instances that were running (active) within the application during the sampling period.
ActiveFunctions AtRequest	The count of concurrent function executions running at the exact moment the new request was received.
ActiveFunctions AtResponse	The count of concurrent function executions running at the moment the request was completed and the response was sent.
Resource Consumption (CPU)
maxcpu	The peak percentage of CPU utilization recorded during the function’s execution lifecycle.
avgcpu	The average (mean) percentage of CPU utilization throughout the duration of the function execution.
p95maxcpu	The 95th percentile of the maximum CPU usage. This is a statistical measure used to understand peak performance while excluding the most extreme 5% of outliers.
Infrastructure/Hardware Attributes
Vmcore countbucket	A categorical classification (bucket) indicating the number of CPU cores available on the underlying virtual machine (VM) that hosted the function instance.
Vmmemory bucket	A categorical classification (bucket) indicating the amount of RAM (memory) available on the underlying VM.
vmcategory	The category or tier of the underlying virtual machine (e.g., General Purpose, Compute Optimized, or Burstable) used to execute the workload.

.

4.3. Statistical Algorithms

In order to calibrate the entropy formula, the objective is to maximize precision and accuracy while minimizing false negatives (FNs). In order to accomplish this objective, a series of tests are conducted, incorporating a range of window sizes with respect to the number of events to be processed, in conjunction with various threshold values.

4.3.1. Statistical Algorithm Setup

The relationship between entropy and window size is proportional to variability; the entropy value will be lower for smaller windows. An extended time window will capture greater variability. Consequently, the entropy will be higher, and more information will be taken into account. This will increase the possibility of detecting an attack using more resources.

In addition to threshold considerations, it is imperative to take into account the temporal cost associated with the size of the analysis window. As the window size increases, the volume of data to be processed in each iteration increases significantly, which directly leads to higher computational and time costs. While larger windows could offer a broader view of system transactions, it is important to avoid this increase in time cost resulting in inefficient operations.

As demonstrated in Figure 6 of the above graph, the trend persists whereby an elevated threshold value corresponds to a reduced percentage of transactions suspected of being attacks.

4.3.2. Analysis of Results of Statistical Algorithms

As demonstrated in Figure 7, the relationship between the percentage of false negatives and the threshold for different window sizes is illustrated.

In consideration of the findings, it is evident that the optimal combination to ensure near-perfect detection (0.44% false negatives) and the highest percentage of detection of transactions suspected of attack (83.08%) is to employ a window size of 480 min with a threshold of 10.

4.4. Machine Learning and Neural Network Algorithms

The subsequent explanation will concern the training algorithm that will be applied to the dataset. The objective is to extract the most salient features and perform an encoding process prior to training our model, dividing the data into training data and test data.

4.4.1. Model Training

Supervised learning algorithms facilitate the training of a model through the utilization of a labeled dataset, wherein each data instance is assigned to one of the predefined classes (‘threat’ or ‘no threat’). The following section delineates the methodology to be employed in the identification of cyber threats [38].

Of all the phases mentioned above, one of the most critical is related to model training. In this phase, the objective is to generate an artificial intelligence model that studies, applies, and learns the patterns of the input data in order to estimate the results based on the input data studied. Therefore, the present study investigates the correlations in the input data that give rise to the output data. In order to achieve this, optimization methods are applied to adjust the parameters (both the weight vector applied to each neuron and the variables to be used). This learning process will result in the model being trained with the optimal combinations of each variable.

In order to achieve this objective, it is necessary to measure the results obtained so that improvements can be applied to make the model as accurate as possible. In this second phase, decisions must be made regarding the processing of input data and its characteristics, the type of classification model to be used to obtain the results, and the loss functions to be applied to each layer of the network when using deep learning algorithms. Figure 8 provides a synopsis of the preprocessing, training and testing processes on a dataset, while

Table 10. List of steps and processes required to train the model.

Step	Process
1	Data Collection
	The first step is to collect a dataset containing examples of normal and malicious activities. This data must be labeled so that it is known when a threat occurs and when it does not. This labeled data is essential for training the supervised learning model.
2	Data Preprocessing
	The data must be cleaned and preprocessed to remove noise and ensure that it is in a format suitable for training. This may include data normalization and selection of relevant features.
3	Data Splitting
	The labeled dataset is divided into two parts: a training set and a test set. The training set is used to train the model, while the test set is used to evaluate its performance.
4	Learning & Modeling
	Model selection: A machine learning algorithm suitable for the cyber threat detection problem is chosen. Some common algorithms include decision trees, logistic regression, and naive Bayes.
	Model training: The labeled training set is used to train a supervised learning model to learn to distinguish between normal and malicious behavior based on the extracted features.
	Cross-validation and hyperparameter tuning: Cross-validation and hyperparameter tuning can be performed to optimize the performance of the model, ensuring that it is able to generalize correctly and avoid overfitting.
5	Model Evaluation
	Once the model has been trained, its performance is evaluated using the test suite. Metrics such as accuracy, completeness, F1-score and confusion matrix are calculated to measure the effectiveness of the model in detecting threats. The goal is to ensure that the model can effectively detect DoW threats without generating too many false positives.
6	Trained Model
	Tuning and optimization: If the model does not meet the desired performance requirements, adjustments can be made to the algorithm, feature selection or model parameters to improve the accuracy of the model.
	Real-time deployment: Once the model has been successfully trained and evaluated, it can be deployed in production as part of a real-time threat detection system.
	Continuous updating: Cyber threat detection is a constantly evolving field. Therefore, it is important to update and maintain the model as new threats emerge and data changes over time.

meticulously enumerates each step that was followed in the diagram.

The strategy of dividing a labeled dataset into training and test sets is a fundamental practice in supervised learning. The primary objective is to construct a model that is capable of generalizing effectively to novel and unseen data as opposed to merely memorizing the training data (a process known as overfitting). The prevailing division in the extant literature, which allocates 70% of resources to training and 30% to testing, is a common heuristic [39].

4.4.2. Machine Learning Algorithms

Following the training of the algorithms, the effectiveness of the selected machine learning algorithms will be verified. These include decision trees, random forests, naive Bayes, gradient boost classifiers, k-nearest neighbors (KNN) and neural networks such as multilayer perceptrons (MLPs) and recurrent neural networks (RNNs). The selection of these algorithms is predicated on their prevalence in analogous research and the efficacy demonstrated in generating outcomes.

Serverless architectures, defined by their transient and event-driven characteristics, facilitate the generation of sequences of interdependent transactions. The execution of Lambda functions, for instance, has the capacity to instigate a series of events where the sequence and temporal parameters are of consequence for comprehending the system’s behavior. In this context, attacks manifest as anomalous sequential patterns, where a series of sudden changes in traffic may be indicative of an intrusion. Conventional machine learning algorithms, including decision trees and support vector machines (SVMs), approach these transactions as isolated data points, disregarding temporal relationships. This limitation restricts their ability to detect attacks that depend on sequential context, as demonstrated in studies highlighting the importance of temporal analysis in detecting anomalies in distributed systems.

Analysis of Results for Machine Learning Models

In order to ensure a realistic evaluation of the model, the data will be divided into training and test sets in a sequential manner, respecting the temporal order of the transactions. This is due to the inherent interconnectedness of transactions, which can be attributed to either temporal patterns or contextual dependencies. In the event of a random division, there is a risk that the model would ’learn’ future information during training, which would generate a biased and unrepresentative evaluation of performance in real scenarios. The temporal sequence is maintained to ensure that the model is trained with historical data and tested with subsequent information, thus simulating a more realistic environment. As previously stated, the primary evaluation criterion is to ascertain accuracy and precision values, both in the identification of authentic attacks (hit rate) and in the rejection of legitimate traffic (false positive rate). It is therefore vital to achieve a high hit rate and a low false positive rate.

As illustrated in Figure 9, the machine learning models that were analyzed for classification tasks have yielded a range of results. Specifically, we can see that the algorithms that give the best results in terms of precision are decision tree (0.934) and neighbors (0.956). In terms of accuracy values, the algorithms with the best results are decision tree (0.739) and gradient boosting (0.865).

4.4.3. Neural Network Algorithms

In the ensuing sections, the configuration established in the neural networks will be demonstrated, and the dataset generated and the 13 features mentioned previously will be utilized.

Multilayer Perceptron Setup

The configuration for the multilayer perceptron (MLP) model will use three layers, with 64 neurons in the first layer, 32 in the second, and one neuron in the output layer, as demonstrated in the configuration established in

Table 11. Layers of the MLP neural network and parameters in each layer.

Layer	Inputs	Layer 1	Layer 2	Layer 3	Output
Input Shape	13	13→64	64→32	32→1	–
Output Shape	–	64	32	1	1
# Param	–	896	2080	33	2011
Layer 1 (Hidden 1)
Input with 13 features to a dense layer with 64 neurons (13→64).
Layer 2 (Hidden 2)
Reduces dimensionality from 64 to 32 neurons (64→32).
Layer 3 (Hidden 3)
Dense layer that generates a single characteristic prior to output (32→1).
Output
Final neuron with logistic activation (sigmoid) (1→1).

.

LSTM Setup

For the LSTM model, the configuration will comprise two hidden layers of 64 neurons, a fully connected layer of 64 neurons with a ReLU activation function, and a fully connected layer of 1 neuron with a sigmoid activation function in order to represent the prediction results [40]. As illustrated in

Table 12. Layers of the LSTM neural network and parameters in each layer.

Layer	Inputs	Layer 1	Layer 2	Layer 3	Layer 4	Output
Input Shape	None, 13, 1	N, 13, 64	None, 64	None, 64	None, 1
Output Shape		None, 13, 64	None, 64	None, 64	None, 1	1
# Param		16,896	33,024	4160	65	54,145
Inputs: None, 13, 1
Input tensor with time sequences of length 13 and a single variable.
Layer 1 (LSTM_2)
Processes the sequence step by step and returns the complete sequence.
Layer 2 (LSTM_3)
Compresses temporal information, returning only the last hidden state.
Layer 3 (Dense_2)
Dense layer with ReLU activation to refine extracted patterns.
Layer 4 (Dense_3)
Sigmoid activation for final prediction.

, the layers and implementation of the LSTM neural network architecture are delineated.

An examination of the results obtained across twenty epochs reveals no substantial enhancement in terms of accuracy and loss values. As illustrated in

Table 13. Layers of Bi-LSTM neural network and parameters in each layer.

Layer	Inputs	BI-LSTM 1	BI-LSTM 2	Dense	Output
Input Shape	None, 13, 1	None, 13, 128	None, 128	None, 1
Output Shape		None, 13, 128	None, 128	None, 1	1
# Param		33,792	98,816	129	132,737
Input
13-step sequence, 1 feature.
Layer 1 (Bi-LSTM 1)
64 units per direction, returns the complete sequence.
Layer 2 (Bi-LSTM 2)
64 units per direction, returns last step.
Layer 3 (Dense)
Full connection, sigmoid activation.
Output
Shape (None, 1)

, the loss and accuracy values were evaluated using training and test data for various epoch values. As demonstrated in Figure 10, the plot provides a comprehensive overview of the LSTM model’s accuracy and loss values over the course of 5 to 20 epochs.

The loss function is a metric that quantifies the discrepancy between the predictions made by a neural network model and the actual values. The primary function of this system is to calculate the discrepancy between the predicted and actual outputs. The optimization algorithm employs this function to recalibrate the network’s weights through a process known as backpropagation, with the objective of minimizing the error. Between epochs 5 and 20, a decline in loss function values is observed, accompanied by an increase in accuracy values. This indicates that the model is undergoing a learning process. The enhancement in test values in comparison to training values (train) indicates that the LSTM architecture is generalizing correctly.

BI-LSTM Setup

In the context of utilizing the Bi-LSTM model, the implementation entails the incorporation of two bidirectional layers, in conjunction with a fully connected layer comprising a single neuron, endowed with an activation function that assumes the sigmoid configuration. The parameter values that have been determined are the optimal values that have been ascertained through a series of comparative experiments. As illustrated in Table 13 and Figure 11, the layers and implementation of the Bi-LSTM neural network architecture are presented. The following section will provide a detailed exposition of the function of each layer.

As demonstrated in Figure 11, the accuracy and loss values of the Bi-LSTM model over the course of 20 epochs are presented. Following a thorough examination of the results, it was determined that the optimal number of epochs to employ would be 20. This decision was informed by the observation that, beyond this threshold, there was no substantial enhancement in the accuracy values. Furthermore, it was noted that the loss and accuracy values for both training and testing reached a state of stability.

Between epochs 5 and 20, a decline in loss function values is observed, accompanied by an increase in accuracy values. This indicates that the model is undergoing a learning process. The enhancement in test values in comparison to training values (train) indicates that the Bi-LSTM architecture is generalizing correctly.

GRU Setup

The configuration of the neural network comprises a GRU layer of 64 neurons, followed by a dropout layer with a dropout rate of 0.5, which is added to prevent overfitting of the model. The network also contains a fully connected layer with 10 neurons that performs a global classification of the model. The output of the system is determined by the activity of a single neuron (the dense layer) that employs a sigmoid activation function for the purpose of binary classification, i.e., the classification of the flow as either legitimate or malicious. In this study, the number of neurons in the GRU layer was increased.

The parameter values that have been determined are the optimal values that have been ascertained through a series of comparative experiments. As illustrated in

Table 14. Layers of the GRU-based neural network and parameters in each layer.

Layer	Inputs	GRU	Dropout	Dense 1	Output
Input Shape	None, 13, 1	None, 13, 1	None, 64	None, 64
Output Shape		None, 64	None, 64	None, 1	1
# Param		12,864	0	650	13,525
Layer 1 (GRU)
Processes the input time sequence and returns a feature vector (last hidden state).
Layer 2 (Dropout)
Dropout rate of 0.5 (50%), randomly deactivates neurons to prevent overfitting.
Layer 3 (Dense 1)
Fully connected layer with 10 neurons for intermediate processing.
Layer 4 (Dense 2/Output)
Single neuron with sigmoid activation function for binary classification.

, the layers and implementation of the GRU neural network architecture are demonstrated. The following section delineates the function of each layer in turn.

As demonstrated in Figure 12, the GRU model’s precision and loss values exhibit a plateau after 20 epochs, indicating a lack of substantial enhancement in accuracy values. Consequently, the loss and accuracy values for both training and testing reach a state of stability.

Between epochs 5 and 20, a decline in loss function values is observed, accompanied by an increase in accuracy values. This indicates that the model is undergoing a learning process. The enhancement in training values in comparison to test values indicates that the GRU architecture is generalizing correctly.

Analysis of Results for Neural Network-Based Models

A comparison of long short-term memory (LSTM) networks with gate recurrent unit (GRU) networks is made, with both architectures specifically designed to mitigate the gradient vanishing problem commonly found in traditional recurrent neural networks (RNNs). Despite the efficacy of both models in the handling of sequential data, a significant disparity emerges with regard to their architectural structures and computational efficiency. The selection of either LSTM or GRU networks is contingent upon the particular requirements of the task at hand, particularly with regard to the complexity of the problem being addressed. While long short-term memory (LSTM) networks have been demonstrated to be effective in modeling long-term dependencies, gated recurrent units (GRUs) have been shown to offer significant advantages in terms of resource efficiency and computational costs. A key benefit of utilizing GRU as opposed to LSTM lies in the reduction in parameters, which enhances computational efficiency and mitigates memory requirements. Consequently, GRUs can be trained more expeditiously, rendering them particularly advantageous in environments where resources are limited. Moreover, the architectural simplicity of GRUs is a contributing factor to their appeal. In contrast to LSTMs, which utilize three gates (input, output, and forget), GRUs employ only two gates: update and reset. This simplified design has two key benefits. Firstly, it renders the model easier to understand and implement. Secondly, it reduces the likelihood of overfitting given that GRUs generally have fewer parameters than LSTMs. Consequently, they are frequently more appropriate for smaller datasets or in circumstances where data regularization is difficult. Moreover, the accelerated training times associated with GRUs underscore their efficacy, particularly in real-time applications or when dealing with substantial volumes of data.

As illustrated in Figure 13, the results obtained by the neural network models analyzed for classification tasks following 20 iterations for each model are presented.

As demonstrated in the graph above, the model that demonstrates the strongest performance is the Bi-LSTM model. The efficacy of Bi-LSTM stems from its integration of the information retention capabilities of LSTM for extended sequences with bidirectional analysis. This analysis facilitates the processing of sequences in both directions, thereby enabling the system to comprehend more intricate dependencies. Moreover, the model’s superior accuracy of 0.98 indicates its capacity to mitigate false positives more effectively than competing models.

5. Results and Discussion

The application of entropy, ML and DL techniques in detecting DDoS/DoW attacks proves highly effective in identifying abnormal patterns in network traffic or system behavior, which often signal attempts at financial sabotage. Nevertheless, the success of these techniques heavily relies on the quality of the input data, as well as the careful selection of algorithms and features. Additionally, the integration of multiple detection techniques is frequently employed to enhance the accuracy and completeness of the threat detection process, offering a more robust defense against increasingly sophisticated attacks.

In this research, we investigated and compared various machine learning (ML) and deep learning (DL) approaches to detect anomalies within serverless architecture environments. While these algorithms are widely recognized for their effectiveness in mitigating standard distributed denial of service (DDoS) attacks, this study specifically verifies their applicability and efficacy in detecting denial of wallet (DoW) attacks.

DoW attacks differ from traditional DDoS in their intent—targeting financial exhaustion rather than service availability—but they share sequential traffic characteristics. The results below demonstrate how these models perform when tasked with identifying these specific financial sabotage patterns.

5.1. General Performance Comparison

The experimental results provide a comprehensive comparison between traditional machine learning (ML) models and deep learning (DL) architectures.

Table 15. Performance comparison of statistical, machine learning, and deep learning methods.

Algorithm	Precision	Accuracy	FPR	FNR	Trans. Time (s)	Comp. Cost	Latency
Entropy	0.8308	0.8308	0.000	0.004	7.77 × 10−5	Very Low	Very Low
Decision Tree	0.9348	0.7399	0.045	0.352	2.80 × 10−4	Very Low	Low
Random Forest	0.7921	0.6484	0.147	0.439	2.63 × 10−4	Low	Low
Gradient Boost	0.9006	0.8656	0.094	0.152	2.73 × 10−4	Med.	Med.
Naive Bayes	0.7018	0.6347	0.248	0.415	2.20 × 10−4	Very Low	Very Low
KNN	0.9565	0.6371	0.022	0.509	5.10 × 10−4	Med.	Med.
MLP	0.7130	0.6920	0.272	0.323	2.58 × 10−4	Low	Low
LSTM	0.8420	0.9360	0.185	0.012	1.36 × 10−3	High	High
BI-LSTM	0.9810	0.9850	0.019	0.013	1.35 × 10−3	Very High	Very High
GRU	0.7650	0.7150	0.210	0.317	9.66 × 10−4	High (lower than LSTM)	Med.

(filtered for algorithmic performance) summarizes the prediction times, precision, and accuracy.

As demonstrated in Table 15, the computational cost and latency metrics were estimated based on the inference complexity and the number of trained parameters for each algorithm. Models categorized as having a very low computational cost, such as entropy, decision tree, and naive Bayes, rely on direct calculations and simple splits, thus obviating the necessity for complex weight matrices. Low-cost models, including random forest and MLP (with approximately 2000 parameters), require only lightweight matrix operations. A medium cost is assigned to algorithms such as gradient boosting and KNN, which involve processing sequential ensembles (e.g., 150 trees) or performing extensive distance searches across the training dataset during inference. As would be anticipated, deep learning architectures inherently necessitate greater resources. LSTM and GRU are categorized as high cost due to their recurrent computation processes involving gating mechanisms, although GRU remains slightly more efficient than LSTM (13,525 vs. 54,145 parameters). Finally, the Bi-LSTM model incurs a very high computational cost and latency as it processes the sequences bidirectionally, essentially doubling the computational workload during real-time traffic evaluation.

5.2. Analysis of Deep Learning (DL) Models

The findings demonstrate that deep learning models exhibit superior resilience against attack variations compared to traditional methods. Specifically, the Bi-LSTM (bidirectional long short-term memory) model emerged as the top performer. Bi-LSTM Superiority: Achieving an accuracy of 98.50% and a precision of 98.10%, Bi-LSTM outperformed all the other models. Its ability to process data sequences in both directions (forward and backward) allows it to capture complex dependencies in traffic patterns. This confirms that the deep analysis required to detect volumetric DDoS attacks is equally, if not more, effective for detecting the subtle sustained resource consumption of DoW attacks. LSTM vs. GRU: While GRU offered faster processing times (180.91 ms) compared to LSTM (254.57 ms) due to its simpler architecture, it failed to achieve comparable accuracy in this specific dataset (71.50% vs. 93.60% for LSTM). This suggests that, for DoW detection, the full gating mechanism of LSTMs is necessary to retain long-term dependencies regarding function invocation costs.

5.3. Analysis of Traditional Machine Learning Models

Traditional ML algorithms offered faster execution times but generally lower detection rates compared to the deep learning counterparts. Gradient Boosting: This was the most balanced performer among the traditional algorithms, achieving an accuracy of 86.56% with a very competitive prediction time (51.18 ms). It represents a viable lightweight alternative if computational resources are strictly limited. The K-Nearest Neighbors (KNN) Anomaly: KNN demonstrated the highest precision among the ML models (95.65%) but a low overall accuracy (63.71%). This indicates high specificity but low sensitivity; when KNN flags a transaction as an attack, it is almost certainly correct, but it fails to detect a significant portion of actual attacks (high false negatives). Decision Tree: While offering high precision (93.48%), the overall accuracy (73.99%) suggests that simple decision boundaries are insufficient for capturing the dynamic nature of serverless threats.

5.4. Verification of DDoS Algorithms for DoW Detection

A critical outcome of this study is the validation of DDoS detection methodologies for denial of wallet scenarios. Contextual Transfer: Algorithms like LSTM and Bi-LSTM are traditionally used to detect traffic spikes (DDoS). This study proves that, by training these models on serverless metrics (CPU usage, execution duration, and memory limits), they effectively transition to detecting financial spikes. Sequential Importance: DoW attacks often manifest as a sequence of legitimate-looking requests that collectively drain the wallet. The high performance of sequence-based models (Bi-LSTM) confirms that analyzing the temporal context of transactions is the key to identifying these financial attacks, just as it is for identifying traffic floods.

5.5. Practical Deployment and Architectural Integration

The integration of the proposed detection models into a real-world serverless monitoring pipeline necessitates the consideration of specific cloud constraints. From an architectural standpoint, the most effective approach entails the deployment of lightweight models (e.g., gradient boosting) directly at the API gateway level for the purpose of initial real-time traffic filtering. The deployment of more complex deep learning models (e.g., Bi-LSTM) can be achieved asynchronously via event-driven triggers (e.g., AWS CloudWatch or Azure Event Grid) for the analysis of aggregated logs. A critical challenge in serverless environments is the cold start phenomenon. In the context of a cold start, execution delays are known to occur, and it is at this point that traditional anomaly detection algorithms may incorrectly flag the occurrence as an attack. The feature selection process, with a particular emphasis on the incorporation of invocation delay and response delay, facilitates the neural networks’ acquisition of the ability to discern between standard cold start latency and the sustained resource exhaustion that is characteristic of DoW attacks.

6. Conclusions

The comparison reveals a clear trade-off between computational cost and security assurance. While traditional ML models like gradient boosting provide rapid inference, they lack the comprehensive detection capabilities that are required for modern serverless threats. The Bi-LSTM model stands out as the definitive solution in this study. Its near-perfect accuracy (98.50%) validates that deep learning architectures are not only capable of handling standard network intrusions but are highly effective tools for securing serverless infrastructures against the emerging threat of denial of wallet attacks. The application of machine learning and deep learning techniques for detecting DoW attacks proves highly effective in identifying abnormal patterns in network traffic and system behavior, which often signal attempts at financial sabotage (DoW). The success of these techniques relies heavily on the quality of input data and the careful selection of algorithms. This study confirms that detection methodologies traditionally used for network stress attacks can be successfully adapted to identify financial exhaustion threats in serverless architectures. A series of experiments were conducted on a serverless transaction dataset to evaluate the performance of various detection models. The results demonstrate a clear hierarchy in effectiveness. While the statistical entropy method provided a functional baseline for detection, the advanced deep learning models significantly outperformed both statistical and traditional ML approaches in terms of accuracy and precision. Specifically, traditional machine learning models, such as gradient boosting and multilayer perceptron (MLP), exhibited a high degree of efficacy, with accuracy rates frequently exceeding 85%. These models provide robust solutions for anomaly detection, offering a favorable balance between performance and computational complexity, making them suitable for scenarios where resources are moderately constrained. However, the deep learning approaches—particularly recurrent neural networks (RNN) and long short-term memory (LSTM) networks—demonstrated the greatest potential. By capturing complex sequential relationships within the data, these models excelled at handling the intricate patterns of denial of wallet (DoW) attacks. The Bi-LSTM model, in particular, established itself as the superior method, verifying that the ability to analyze the temporal context of transactions is critical for distinguishing between legitimate workload spikes and malicious financial drain. While these techniques require more computational resources and meticulous hyperparameter tuning, their high hit rate and low false positive rate justify their implementation in dynamic high-risk serverless environments. The accuracy of detecting and mitigating these attacks plays a crucial role in maintaining the security and availability of online systems. Effective mitigation requires distinguishing and blocking malicious traffic while allowing legitimate traffic to flow. As attackers constantly refine their methods to bypass detection, security measures must evolve dynamically. This research highlights that, while traditional ML is adequate, the shift toward deep learning is necessary to counter sophisticated attacks that exploit the specific billing models of cloud computing. As cyber threats continue to evolve, employing a diverse range of detection strategies will be essential for safeguarding the integrity of digital infrastructures against both DDoS and DoW attacks. Additionally, fostering collaboration and investing in up-to-date security solutions will be vital to ensure the availability of online services in an ever-changing landscape.

Notwithstanding the highly promising results, a limitation of this study is the reliance on a single synthetically generated dataset. While the DoW simulator effectively mimics serverless environments, synthetic data cannot entirely rule out dataset bias or the risk of overfitted optimality. Consequently, while these findings provide a strong baseline, further validation against live real-world serverless traffic is required to confirm generalizability.

7. Algorithm Availability

In order to ensure scientific reproducibility, the standard implementations of the algorithms were used, available in public repositories (accessed on 10 May 2026).

• Decision Tree
  https://scikit-learn.org/stable/modules/tree.html
• Random Forest Classifier
  https://scikit-learn.org/stable/modules/generated/sklearn.ensemble.RandomForestClassifier.html
• Logistic Regression
  https://scikit-learn.org/stable/modules/generated/sklearn.linear_model.LogisticRegression.html
• Gradient Boosting Classifier
  https://scikit-learn.org/stable/modules/generated/sklearn.ensemble.GradientBoostingClassifier.html
• Naive Bayes
  https://scikit-learn.org/stable/modules/naive_bayes.html
• K-Nearest Neighbors Classifier
  https://scikit-learn.org/stable/modules/generated/sklearn.neighbors.KNeighborsClassifier.html
• MLP Classifier
  https://scikit-learn.org/stable/modules/generated/sklearn.neural_network.MLPClassifier.html
• LSTM
  https://keras.io/api/layers/recurrent_layers/lstm/
• GRU
  https://keras.io/api/layers/recurrent_layers/gru/