Botnet Intrusion Detection: a Modern Architecture to Defend a Virtual Private Cloud

Robert Brinson, Hayden Wimmer, Carl Rebman

Research output: Contribution to journalArticlepeer-review

1 Scopus citations

Abstract

Advances in artificial intelligence (AI), technology integration, and cloud computing, has resulted in an increase of cybersecurity attacks by botnets over the last few years. Attackers use botnets to overwhelm and compromise networks with a goal of disrupting services or operations, stealing credentials, gaining unauthorized access to critical systems, or to obtain information for theft or ransom. The rise in this AI technology has made the job of protecting networks more challenging for network security analysis and professionals. The migration of companies and organizations into the chaotic cloud environment has really given new power to the botnets that is visualized best by scenes in any of matrix movies. One of the best methods of protection of any network or resource is early detection, which can prevent a network from being compromised or minimizing damage to the network. Two modern tools used in network security are Intrusion Detection Systems (IDS), and Security Incident and Event Management (SEIM) systems. This study proposes and tests a modern architecture to detect Botnet traffic through the implementation of modern security devices to defend against a configured local Botnet in a virtual cloud environment. Our model was successful in detecting and preventing botnet attacks. The model also allowed for the attack data to be stored and classified for report generation.

Original languageAmerican English
JournalIssues in Information Systems
Volume23
DOIs
StatePublished - Oct 1 2022

Disciplines

  • Computer Sciences

Keywords

  • Botnet
  • Cloud
  • Cybersecurity
  • IDS
  • SIEM
  • Snort
  • Splunk

Fingerprint

Dive into the research topics of 'Botnet Intrusion Detection: a Modern Architecture to Defend a Virtual Private Cloud'. Together they form a unique fingerprint.

Cite this