TY - GEN
T1 - Bot-Net Access Detection System Based on Deep Learning Algorithm in Hybrid-Cloud Infrastructure
AU - Variant Wahono, Bari Hade
AU - Esti Anggraini, Ratih Nur
AU - Sarno, Riyanarto
AU - Haryono, Agus Tri
AU - Septiyanto, Abdullah Faqih
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - The escalating adoption of hybrid-cloud infrastruc- ture technology across various fields results in a surge in resource utilization, encompassing server instances, databases, microservices, and other hybrid-cloud-based resources, thereby generating diverse log files. These logs serve various purposes, including classifying information based on urgency levels and facilitating data analysis for model training. Moreover, they play a pivotal role in detecting anomalies, such as DDoS attacks, bot-net access, and malware. This study aims to elucidate the process of gathering log files from various sources and processing them to detect bot-net access (formerly known as brute force attacks) across different protocols like SSH, FTP, and Kerberos. One-Hot Encoding is employed for feature extraction to identify bot-net access and distinguish it from other types of access logs. Sub-sequently, Deep Learning algorithms, including Simple Neural Network (SNN), Deep Neural Network (DNN), Artificial Neural Network (ANN), Convolutional Neural Network (CNN), and Long Short- Term Memory (LSTM) are utilized for detection. Our findings reveal that the Convolutional Neural Network (CNN) emerges as the top performer, achieving the highest average accuracy of 86.681 %. These results advance anomaly detection capabilities in hybrid-cloud environments, thereby enhancing overall security measures.
AB - The escalating adoption of hybrid-cloud infrastruc- ture technology across various fields results in a surge in resource utilization, encompassing server instances, databases, microservices, and other hybrid-cloud-based resources, thereby generating diverse log files. These logs serve various purposes, including classifying information based on urgency levels and facilitating data analysis for model training. Moreover, they play a pivotal role in detecting anomalies, such as DDoS attacks, bot-net access, and malware. This study aims to elucidate the process of gathering log files from various sources and processing them to detect bot-net access (formerly known as brute force attacks) across different protocols like SSH, FTP, and Kerberos. One-Hot Encoding is employed for feature extraction to identify bot-net access and distinguish it from other types of access logs. Sub-sequently, Deep Learning algorithms, including Simple Neural Network (SNN), Deep Neural Network (DNN), Artificial Neural Network (ANN), Convolutional Neural Network (CNN), and Long Short- Term Memory (LSTM) are utilized for detection. Our findings reveal that the Convolutional Neural Network (CNN) emerges as the top performer, achieving the highest average accuracy of 86.681 %. These results advance anomaly detection capabilities in hybrid-cloud environments, thereby enhancing overall security measures.
KW - Arti-ficial Neural Network
KW - Convolutional Neural Network
KW - Deep Neural Network
KW - Long Short-Term Memory
KW - Simple Neural Network
UR - http://www.scopus.com/inward/record.url?scp=85193780790&partnerID=8YFLogxK
U2 - 10.1109/AIMS61812.2024.10512749
DO - 10.1109/AIMS61812.2024.10512749
M3 - Conference contribution
AN - SCOPUS:85193780790
T3 - International Conference on Artificial Intelligence and Mechatronics System, AIMS 2024
BT - International Conference on Artificial Intelligence and Mechatronics System, AIMS 2024
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2024 International Conference on Artificial Intelligence and Mechatronics System, AIMS 2024
Y2 - 22 February 2024 through 23 February 2024
ER -