Bot-Net Access Detection System Based on Deep Learning Algorithm in Hybrid-Cloud Infrastructure

The escalating adoption of hybrid-cloud infrastruc- ture technology across various fields results in a surge in resource utilization, encompassing server instances, databases, microservices, and other hybrid-cloud-based resources, thereby generating diverse log files. These logs serve various purposes, including classifying information based on urgency levels and facilitating data analysis for model training. Moreover, they play a pivotal role in detecting anomalies, such as DDoS attacks, bot-net access, and malware. This study aims to elucidate the process of gathering log files from various sources and processing them to detect bot-net access (formerly known as brute force attacks) across different protocols like SSH, FTP, and Kerberos. One-Hot Encoding is employed for feature extraction to identify bot-net access and distinguish it from other types of access logs. Sub-sequently, Deep Learning algorithms, including Simple Neural Network (SNN), Deep Neural Network (DNN), Artificial Neural Network (ANN), Convolutional Neural Network (CNN), and Long Short- Term Memory (LSTM) are utilized for detection. Our findings reveal that the Convolutional Neural Network (CNN) emerges as the top performer, achieving the highest average accuracy of 86.681 %. These results advance anomaly detection capabilities in hybrid-cloud environments, thereby enhancing overall security measures.