Heuristically enhanced multi-head attention based recurrent neural network for denial of wallet attacks detection on serverless computing environment
Abstract Denial of Wallet (DoW) attacks are a cyber threat designed to utilize and deplete an organization’s financial resources by generating excessive prices or charges in their cloud computing (CC) and serverless computing platforms. These threats are primarily appropriate in serverless manners b...
Saved in:
| Main Authors: | , , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Nature Portfolio
2025-04-01
|
| Series: | Scientific Reports |
| Subjects: | |
| Online Access: | https://doi.org/10.1038/s41598-025-87636-x |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849698522687864832 |
|---|---|
| author | Sarah A. Alzakari Mohammad Alamgeer Abdullah M. Alashjaee Monir Abdullah Khalid Nazim Abdul Sattar Asma Alshuhail Ahmad A. Alzahrani Abdulwhab Alkharashi |
| author_facet | Sarah A. Alzakari Mohammad Alamgeer Abdullah M. Alashjaee Monir Abdullah Khalid Nazim Abdul Sattar Asma Alshuhail Ahmad A. Alzahrani Abdulwhab Alkharashi |
| author_sort | Sarah A. Alzakari |
| collection | DOAJ |
| description | Abstract Denial of Wallet (DoW) attacks are a cyber threat designed to utilize and deplete an organization’s financial resources by generating excessive prices or charges in their cloud computing (CC) and serverless computing platforms. These threats are primarily appropriate in serverless manners because of features such as auto-scaling, pay-as-you-go, restricted control, and cost growth. Serverless computing, frequently recognized as Function-as-a-Service (FaaS), is a CC method that permits designers to construct and run uses without the requirement to accomplish typical server structure. Detecting DoW threats involves monitoring and analyzing the system-level resource consumption of specific bare-metal mechanisms. Efficient and precise detection of internal DoW threats remains a crucial challenge. Timely recognition is significant in preventing potential damage, as DoW attacks exploit the financial model of serverless environments, impacting the cost structure and operational integrity of services. In this study, a Multi-Head Attention-based Recurrent Neural Network for Denial of Wallet Attacks Detection (MHARNN-DoWAD) technique is developed. The MHARNN-DoWAD method enables the detection of DoW attacks on serverless computing environments. At first, the presented MHARNN-DoWAD model performs data preprocessing by using min-max normalization to convert input data into constant format. Next, the wolf pack predation (WPP) method is employed for feature selection. The detection and classification of DoW attacks, the multi-head attention-based bi-directional gated recurrent unit (MHA-BiGRU) model is utilized. Eventually, the improved secretary bird optimizer algorithm (ISBOA)-based hyperparameter choice process is accomplished to optimize the detection results of the MHA-BiGRU model. A comprehensive set of simulations was conducted to demonstrate the promising results of the MHARNN-DoWAD method. The experimental validation of the MHARNN-DoWAD technique portrayed a superior accuracy value of 98.30% over existing models. |
| format | Article |
| id | doaj-art-2be3045b166f45139f35352e4abfbfc4 |
| institution | DOAJ |
| issn | 2045-2322 |
| language | English |
| publishDate | 2025-04-01 |
| publisher | Nature Portfolio |
| record_format | Article |
| series | Scientific Reports |
| spelling | doaj-art-2be3045b166f45139f35352e4abfbfc42025-08-20T03:18:53ZengNature PortfolioScientific Reports2045-23222025-04-0115112110.1038/s41598-025-87636-xHeuristically enhanced multi-head attention based recurrent neural network for denial of wallet attacks detection on serverless computing environmentSarah A. Alzakari0Mohammad Alamgeer1Abdullah M. Alashjaee2Monir Abdullah3Khalid Nazim Abdul Sattar4Asma Alshuhail5Ahmad A. Alzahrani6Abdulwhab Alkharashi7Department of Computer Sciences, College of Computer and Information Sciences, Princess Nourah bint Abdulrahman UniversityDepartment of Information Systems, Applied College at Mahayil, King Khalid UniversityDepartment of Computer Science, College of Science, Northern Border UniversityDepartment of Computer Science and Artificial Intelligence, College of Computing and Information Technology, University of BishaDepartment of Computer Science and Information, College of Science, Majmaah UniversityDepartment of Information Systems, College of Computer Sciences & Information Technology, King Faisal UniversityDepartment of Computer Science and Artificial Intelligence, College of Computing, Umm Al-Qura UniversityDepartment of Computer Science, College of Computing and Informatics, Saudi Electronic UniversityAbstract Denial of Wallet (DoW) attacks are a cyber threat designed to utilize and deplete an organization’s financial resources by generating excessive prices or charges in their cloud computing (CC) and serverless computing platforms. These threats are primarily appropriate in serverless manners because of features such as auto-scaling, pay-as-you-go, restricted control, and cost growth. Serverless computing, frequently recognized as Function-as-a-Service (FaaS), is a CC method that permits designers to construct and run uses without the requirement to accomplish typical server structure. Detecting DoW threats involves monitoring and analyzing the system-level resource consumption of specific bare-metal mechanisms. Efficient and precise detection of internal DoW threats remains a crucial challenge. Timely recognition is significant in preventing potential damage, as DoW attacks exploit the financial model of serverless environments, impacting the cost structure and operational integrity of services. In this study, a Multi-Head Attention-based Recurrent Neural Network for Denial of Wallet Attacks Detection (MHARNN-DoWAD) technique is developed. The MHARNN-DoWAD method enables the detection of DoW attacks on serverless computing environments. At first, the presented MHARNN-DoWAD model performs data preprocessing by using min-max normalization to convert input data into constant format. Next, the wolf pack predation (WPP) method is employed for feature selection. The detection and classification of DoW attacks, the multi-head attention-based bi-directional gated recurrent unit (MHA-BiGRU) model is utilized. Eventually, the improved secretary bird optimizer algorithm (ISBOA)-based hyperparameter choice process is accomplished to optimize the detection results of the MHA-BiGRU model. A comprehensive set of simulations was conducted to demonstrate the promising results of the MHARNN-DoWAD method. The experimental validation of the MHARNN-DoWAD technique portrayed a superior accuracy value of 98.30% over existing models.https://doi.org/10.1038/s41598-025-87636-xMulti-head attentionDenial of WalletServerless Computing EnvironmentImproved Secretary Bird OptimizationFeature selectionRecurrent neural network |
| spellingShingle | Sarah A. Alzakari Mohammad Alamgeer Abdullah M. Alashjaee Monir Abdullah Khalid Nazim Abdul Sattar Asma Alshuhail Ahmad A. Alzahrani Abdulwhab Alkharashi Heuristically enhanced multi-head attention based recurrent neural network for denial of wallet attacks detection on serverless computing environment Scientific Reports Multi-head attention Denial of Wallet Serverless Computing Environment Improved Secretary Bird Optimization Feature selection Recurrent neural network |
| title | Heuristically enhanced multi-head attention based recurrent neural network for denial of wallet attacks detection on serverless computing environment |
| title_full | Heuristically enhanced multi-head attention based recurrent neural network for denial of wallet attacks detection on serverless computing environment |
| title_fullStr | Heuristically enhanced multi-head attention based recurrent neural network for denial of wallet attacks detection on serverless computing environment |
| title_full_unstemmed | Heuristically enhanced multi-head attention based recurrent neural network for denial of wallet attacks detection on serverless computing environment |
| title_short | Heuristically enhanced multi-head attention based recurrent neural network for denial of wallet attacks detection on serverless computing environment |
| title_sort | heuristically enhanced multi head attention based recurrent neural network for denial of wallet attacks detection on serverless computing environment |
| topic | Multi-head attention Denial of Wallet Serverless Computing Environment Improved Secretary Bird Optimization Feature selection Recurrent neural network |
| url | https://doi.org/10.1038/s41598-025-87636-x |
| work_keys_str_mv | AT sarahaalzakari heuristicallyenhancedmultiheadattentionbasedrecurrentneuralnetworkfordenialofwalletattacksdetectiononserverlesscomputingenvironment AT mohammadalamgeer heuristicallyenhancedmultiheadattentionbasedrecurrentneuralnetworkfordenialofwalletattacksdetectiononserverlesscomputingenvironment AT abdullahmalashjaee heuristicallyenhancedmultiheadattentionbasedrecurrentneuralnetworkfordenialofwalletattacksdetectiononserverlesscomputingenvironment AT monirabdullah heuristicallyenhancedmultiheadattentionbasedrecurrentneuralnetworkfordenialofwalletattacksdetectiononserverlesscomputingenvironment AT khalidnazimabdulsattar heuristicallyenhancedmultiheadattentionbasedrecurrentneuralnetworkfordenialofwalletattacksdetectiononserverlesscomputingenvironment AT asmaalshuhail heuristicallyenhancedmultiheadattentionbasedrecurrentneuralnetworkfordenialofwalletattacksdetectiononserverlesscomputingenvironment AT ahmadaalzahrani heuristicallyenhancedmultiheadattentionbasedrecurrentneuralnetworkfordenialofwalletattacksdetectiononserverlesscomputingenvironment AT abdulwhabalkharashi heuristicallyenhancedmultiheadattentionbasedrecurrentneuralnetworkfordenialofwalletattacksdetectiononserverlesscomputingenvironment |