Video recording and post production done by OpenStack Foundation.
Ceilometer, initially meant for billing, has been used for many other innovative and creative purposes in the past. There are many possible uses. However, can we use it to detect fraudulent activity happening in our OpenStack installation?
In this conference we are going discuss how much we can detect using Ceilometer, showing results where we successfully detect some fraudulent activities such as an internal DDoS attack or the now popular Bitcoin mining,discussing what kind of metrics and intervals we need to achieve it and how we can all do it in our own OpenStack deployments.
This work was inspired by the work done by the author, Marc, while as a member of the Big Data TechFund team at Cisco Systems, later continued as a MSc dissertation at the University of Kent, supervised by Dr. Julio Hernandez Castro and mentored by Debo Dutta, a Principal Engineer at Cisco's CTO Cloud Office.