Botnet Intrusion Detection: a Modern Architecture to Defend a Virtual Private Cloud

Document Type

Article

Publication Date

Fall 2022

Publication Title

Issues in Information Systems

DOI

10.48009/3_iis_2022_110

Abstract

Advances in artificial intelligence (AI), technology integration, and cloud computing, has resulted in an increase of cybersecurity attacks by botnets over the last few years. Attackers use botnets to overwhelm and compromise networks with a goal of disrupting services or operations, stealing credentials, gaining unauthorized access to critical systems, or to obtain information for theft or ransom. The rise in this AI technology has made the job of protecting networks more challenging for network security analysis and professionals. The migration of companies and organizations into the chaotic cloud environment has really given new power to the botnets that is visualized best by scenes in any of matrix movies. One of the best methods of protection of any network or resource is early detection, which can prevent a network from being compromised or minimizing damage to the network. Two modern tools used in network security are Intrusion Detection Systems (IDS), and Security Incident and Event Management (SEIM) systems. This study proposes and tests a modern architecture to detect Botnet traffic through the implementation of modern security devices to defend against a configured local Botnet in a virtual cloud environment. Our model was successful in detecting and preventing botnet attacks. The model also allowed for the attack data to be stored and classified for report generation

Comments

Georgia Southern University faculty member, Hayden Wimmer co-authored Botnet Intrusion Detection: a Modern Architecture to Defend a Virtual Private Cloud.

Link to Full Text

Share

COinS