International Journal of Advanced Research in Computer and Communication Engineering

Abstract: Serverless computing has redefined cloud ap- plication deployment by abstracting infrastructure and enabling on-demand, event-driven execution, thereby en- hancing developer agility and scalability. However, main- taining consistent application performance in serverless environments remains a significant challenge. The dynamic and transient nature of serverless functions makes it difficult to distinguish between benign and anomalous behavior, which in turn undermines the effectiveness of traditional anomaly detection methods. These conventional approaches, designed for stateful and long-running ser- vices, struggle in serverless settings where executions are short-lived, functions are isolated, and observability is limited.

In this first comprehensive vision paper on anomaly detection for serverless systems, we systematically explore the unique challenges posed by this paradigm, including the absence of persistent state, inconsistent monitoring granularity, and the difficulty of correlating behaviors across distributed functions. We further examine a range of threats that manifest as anomalies, from classical Denial- of-Service (DoS) attacks to serverless-specific threats such as Denial-of-Wallet (DoW) and cold start amplification. Building on these observations, we articulate a research agenda for next-generation detection frameworks that ad- dress the need for context-aware, multi-source data fusion, real-time, lightweight, privacy-preserving, and edge-cloud adaptive capabilities.
Through the identification of key research directions and design principles, we aim to lay the foundation for the next generation of anomaly detection in cloud-native, serverless ecosystems.

Keywords: Serverless Computing, Cloud Computing, Edge Computing, Function-as-a-service, Anomaly Detec- tion, DoS, Data Fusion, System Monitoring, Observability.

Downloads: | DOI: 10.17148/IJARCCE.2025.141120