A bizarre synthesized cascaded optimized predictor (BizSCOP) model for enhancing security in cloud systems

Due to growing network data dissemination in cloud, the elasticity, pay as you go options, globally accessible facilities, and security of networks have become increasingly important in today’s world. Cloud service providers, including AWS, Azure, GCP, and others, facilitate worldwide expansion within minutes by offering decentralized communication network functions, hence providing security to cloud is still remains a challenging task. This paper aims to introduce and evaluate the Biz-SCOP model, a novel intrusion detection system developed for cloud security. The research addresses the pressing need for effective intrusion detection in cloud environments by combining hybrid optimization techniques and advanced deep learning methodologies. The study employs prominent intrusion data-sets, including CSE-CIC-IDS 2018, CIC-IDS 2017, and a cloud intrusion dataset, to assess the proposed model’s performance. The study’s design involves implementing the Biz-SCOP model using Matlab 2019 software on a Windows 10 OS platform, utilizing 8 GB RAM and an Intel core i3 processor. The hybrid optimization approach, termed HyPSM, is employed for feature selection, enhancing the model’s efficiency. Additionally, an intelligent deep learning model, C2AE, is introduced to discern friendly and hostile communication, contributing to accurate intrusion detection. Key findings indicate that the Biz-SCOP model outperforms existing intrusion detection systems, achieving notable accuracy (99.8%), precision (99.7%), F1-score (99.8%), and GEO (99.9%). The model excels in identifying various attack types, as demonstrated by robust ROC analysis. Interpretations and conclusions emphasize the significance of hybrid optimization and advanced deep learning techniques in enhancing intrusion detection system performance. The proposed model exhibits lower computational load, reduced false positives, ease of implementation, and improved accuracy, positioning it as a promising solution for cloud security.


Introduction
A new paradigm of Internet-based computing called "cloud computing" liberate customers from complicated underpinning computer systems, software, and protocol frameworks by offering them potentially "indefinite" technical support [1][2][3].One of the newest service developments in the IT industry is cloud computing.The main benefit of cloud computing is that it allows accessibility beyond time or place restrictions.Cloud computing offers reduced costs, versatility when managing storage capacities, as well as support for portable and interactive applications and services [4].Furthermore, cloud solutions are multisource, allowing customers to select multiple providers according to their needs [5,6].In addition to lowering capital costs and power consumption, cloud computing also lowers the need for on-site storage's physical space and operation.Cloud computing serves as "open to every service, " but it tends to not always include unimportant information.Cloud services are available to users to facilitate efficient computation [7,8].Nevertheless, they are able to assault the network and misuse the cloud environment.Cloud computing gives people more freedom and requires fewer facilities expenditure by offering adaptable, automated on-demand services.These services are offered through the Internet utilizing established networking regulations, rules, and formats, all under the direction of various managements [9].Intrusions are often made possible by vulnerabilities and flaws in older protocols and technology underpinning them [10].The goal of cloud computing is to offer rapid network access to a common pool of promptly created and released programmable computer resources with little or no involvement from service providers or management [11,12].Numerous businesses, financial institutions, and governmental bodies are moving towards cloud computing services as they grow more prevalent.Strong security measures are necessary because this transformation further exposed these systems to various threats by cybercriminals and intruders.Multiple cloud service providers offer a variety of security services as mobile applications.The Amazon Web Services (AWS) shop serves as an illustration, offering services with restricted legitimacy and durations depending on the time frame of the service permit.Since cloud computing innovations consist of the confidentiality of data, network services have to focus on cybersecurity.The mechanism of signature or anomaly detection powers modern intrusion detection systems (IDS).An organization's defense against cyberattacks can be strengthened by the use of a cybersecurity scheme [13][14][15][16], which aids in the detection and safety against adversaries.
Previous research works focused on user understanding of cybersecurity, including the adoption of secure passwords, screening or destroying unwanted messages, encryption of data, preserving the confidentiality of login credentials, conservative information access, and notifying security breaches as soon as possible [17].Networking systems are also protected from assaults by malware detection systems, yet the surrounding infrastructure could still have security flaws in them.On the other hand, the cloud offers an incredibly practical and reliable solution for handling the business activities of any sort of organization.Recent advances in cybersecurity place a significant value on using Artificial Intelligence (AI) methods to enhance the security environment.Over time, AI [18][19][20] techniques have been used by the scientific community and attackers both to assault and safeguard computer systems.While security professionals rely on sophisticated learning algorithms to alleviate the growing cyber risks, attackers use efficient tools to steal managerial properties.In addition, hacktivists frequently use a variety of efforts that have been developed with machine learning algorithms that replicate the sounds of people.The literature research indicates that networks have been producing enormous amounts of data frequently.Applying predictive algorithms to differentiate both malicious and benign network instances is essential.In order to solve the ongoing issue, the majority of modern cybersecurity applications have been developed with AI and emphasize uncertain, behavioral, computational, and statistical strategies.It is essential to have a robust distribution environment for analyzing the massive amounts of data generated on the networks [19,21,22].Consequently, utilizing the combined capabilities of cloud computing and machine learning significantly helps in expediting the whole process.A number of researchers have examined the importance of machine learning methods in detecting network intrusions by taking into account the cloud environment because of its flexibility and portability.
Conventional studies employ a range of learning approaches in conjunction with meta-heuristic algorithms [5,23] to classify instances of regular and hostile traffic from the cloud system.According to current studies, machine learning algorithms are not as effective as deep learning techniques in terms of efficiency, accuracy, and detection rate.Deep learning algorithms, however, adhere to intricate designs in order to get better accuracy and performance outcomes.For example, the auto-encoder, adversarial network, stochastic learning models, and other deep neural network types are being utilized more and more in cloud networking systems to guarantee security and privacy.Long prediction times, computational complexity, and imprecise detection are the main problems with traditional security approaches [2].In order to safeguard cloud systems, the proposed research intends to use novel and innovative approaches in the design and development of an intrusion detection framework.
This research introduces the Biz-SCOP model, a novel and distinctive intrusion detection system designed to address the escalating security challenges in cloud environments.The unique contributions lie in the integration of a hybrid optimization technique, HyPSM, for efficient feature selection, and an intelligent deep learning model, C2AE, to discern between friendly and hostile communication.By combining these advanced methodologies, the Biz-SCOP model showcases superior accuracy and performance in identifying diverse attack types.The innovative approach not only enhances the overall efficiency of intrusion detection but also offers a promising solution for mitigating security threats in cloud computing.
The main contributions of the proposed research endeavor are given below: • Examining the incorporation of deep learning methods, including hybrid deep learning approaches [7], to improve the efficiency and accuracy of intrusion detection systems.The primary goal of the proposed research is to come up with a novel and distinctive security framework that will bolster cloud system security against contemporary threats.In order to do this, the study proposes the BizSCOP security model, which is created by combining the capabilities of three distinct and intelligent computational algorithms, including HyPSM, C2AE, and optimized learning rate estimation.Here, the input cloud data is initially obtained from open sources for system construction and analysis.Cloud data is frequently exceedingly vast and includes extraneous information along with missing fields and features.Thus, before categorizing and identifying incursions, preparing the data is essential.In order to do this, duplicate features and information are removed using the standard techniques for data normalization and standardization, which enhances the overall quality of cloud data.The novel and unique HyPSM approach is used to choose the most significant and required features from the preprocessed data in the most effective manner.The HyPSM is a novel optimization method that combines the two contemporary, independent meta-heuristic models of spider monkey and pigeon optimization.
This kind of hybridized model maintains good accuracy while contributing to an increase in the classifier's overall processing speed.Moreover, the intelligent C2AE model is developed to differentiate between instances of friendly and hostile communication depending on the features that have been chosen.This is an advanced deep learning technique developed with the auto-encoder model.Learning computation is done during classification to modify the hyper-parameters, ensuring a good attack prediction.The key advantages of using the recommended BizSCOP model are lower compute load, fewer false positives, ease of implementation, and higher accuracy.
The remaining sections of this paper are divided into the subsequent units: In order to study the most recent state-of-the-art model approaches utilized in the field of intrusion detection and cloud security, Sect. 2 offers a review of the literature.It also talks about the issues and difficulties that traditional approaches encounter.Then, in Sect.3, a concise justification for the suggested SCOP model is provided along with a suitable architecture, flow diagram, and algorithms.In Sect.4, a variety of parameters and current datasets are used to validate and evaluate the experimental findings and performance of the suggested SCOP model.Lastly, in Sect.5, the entire paper summary is provided along with the outcomes, conclusions, and next steps.

Related works
In the realm of intrusion detection systems and cloud security, several models have been proposed to tackle the evolving landscape of cyber threats.However, while these models demonstrate various strengths, they also exhibit limitations that present opportunities for further research and improvement.This section aims to provide an overview of the existing approaches, while also shedding light on their inherent drawbacks that our proposed research seeks to address.
Wang, et al. [24] introduced a novel approach integrating a stacked contractive auto-encoder with SVM, aiming to extract reliable low-dimensional features from network data.Despite its potential for improved effectiveness, the complexity and computational costs associated with this method underscore the need for more efficient solutions.Roy, et al. [25] implemented a hierarchical intrusion detection system utilizing a stacked auto-encoder, emphasizing collaborative learning to minimize input data features for IoT networks.While their approach considers parameters like latency and energy consumption, the limited focus on optimization and resource utilization in cloud environments leaves room for further improvement.Aldallal, et al. [26] proposed a hybrid system employing genetic algorithms and SVM for cyber-attack detection in cloud systems.However, the model's higher false detection rate and reduced accuracy highlight the necessity for more reliable intrusion detection mechanisms.Rajagopal, et al. [27] addressed the challenges of network intrusion detection by introducing a meta-learning classification model with decision jungle.Despite its potential for effective generalization, the model's high computational complexity poses practical implementation challenges, warranting the exploration of alternative approaches.
Lata, et al. [28] conducted a comprehensive analysis of intrusion detection approaches, focusing on feature selection techniques and the shift towards anomalybased detection methods.However, the lack of specific models mentioned impedes a deeper understanding of their effectiveness in real-world scenarios.Balamurugan, et al. [29] proposed a game theory-based deep neural network for cloud system defense, emphasizing the need for robust and scalable security mechanisms.Yet, the model's complexity and dependability issues raise concerns about its practical feasibility.Elmasry, et al. [30] aimed to bolster cloud security against cyberattacks with an integrated intrusion detection framework.Their approach focused on security, robustness, dependability, and scalability.The framework involved phases like feature extraction, hyper-parameter tuning, and ensemble-based classification, utilizing three deep learning approaches.However, a limitation was notedadditional data samples for training increased processing time and complexity.
Mondal, et al. [31] implemented an advanced honeypot encryption algorithm for intrusion identification in cloud systems.The study employed normalization, feature extraction using the GLCM algorithm, and a CNN classifier.Despite achieving elevated attack prediction accuracy, the research faced challenges, including inaccuracies, system complexity, and concerns about dependability.Nadeem, et al. [32] aimed to safeguard cloud systems from DDoS and brute force attacks.While the cloud server served as the data repository, potential malicious attacks and the lack of comprehensive security measures raised concerns about the study's effectiveness.Mayuranathan, et al. [33] utilized a hybrid deep learning technique for cloud system security, achieving high detection accuracy.However, the study did not extensively address potential limitations or challenges associated with the proposed framework.
Vu, et al. [34] employed a deep generative learning algorithms for constructing an improved cloud security framework.In this work, the Conditional Denoising Adversarial Autoencoder (CDAAE) integrated with K-Nearest Neighbor (KNN) model has been applied for predicting the accurate class of intrusion from the given cloud data.Also, the authors have examined and compared the precision and intrusion recognition performance of different auto-encoder models, which includes Generative Adversarial Network (GAN), Variational Auto Encoder (VAE), and Adversarial Auto Encoder (AAE).Wen, et al. [35] implemented a classification approach using a Back Propagation Neural Network (BPNN) to ensure security in cloud systems.In this case, feature optimization is also linked with the Ant Bee Colony (ABC) optimization technique, assisting the classifier in accurately separating the anomalous data.Nevertheless, the accuracy falls short of expectations, which impairs the effectiveness and performance of the system as a whole.
Shafi, et al. [36] examined the effects of DDoS attack detection in cloud systems through the examination of network traffic profile data.In this case, the multi-layered assault detection model is especially designed to describe the cloud systems intrusion traffic.Furthermore, for a thorough examination, this study made use of sixteen distinct intrusion datasets that are openly accessible.Vibhute, et al. [37] established an LSTM-based multi-class intrusion detection framework to strengthen the security of a complicated cloud environment.Additionally, before detecting intrusions, the study's authors selected the relevant features from the input data using a random forest approach.The main benefits of this work are lower loss value and higher precision.Ali, et al. [38] utilized a CNN technique to protect cloud environments from contemporary cyberattacks.This deep learning architecture has been altered to meet the particular security problems in cloud computing.The CNN-based intrusion detection system reported in this research takes advantage of the network's ability to automatically learn hierarchical features from raw data, in contrast to standard IDS systems that rely solely on rule-based or signature-based approaches.Joraviya, et al. [39] developed a host intrusion detection framework with the use of deep learning approach for enhancing the security of containerized cloud systems.Rathod, et al. [40] had conducted a thorough comparison analysis to look into the effectiveness of various machine learning techniques used for cloud intrusion detection.The traditional methods of comparative analysis in this study have included SVM, NN, KNN, and RF.Nevertheless, the effectiveness and success rate of the previously listed methods fall short of expectations.Kumari, et al. [41] employed a conventional SVM classification technique to identify network intrusions in cloud environments.In this instance, the Grid search cross validation mechanism is also used to help determine the type of intrusion and enable informed decisionmaking.Improved intrusion detection performance and accuracy are the main benefits of this effort.
Table 1 presents an overview of some of the most recent intelligence approaches for cloud security that have been developed in earlier works.The model's prediction outcomes and findings are used to highlight the benefits and downsides of each model.
These studies collectively underscore the evolving landscape of intrusion detection and cloud security, highlighting the importance of addressing limitations such as computational complexity, false detection rates, and system dependability.In line with these observations, the objectives of the proposed research contribute towards the development of more efficient and reliable intrusion detection systems for safeguarding cloud environments.

Proposed methodology
This section provides the complete explanation for the proposed security model used to protect cloud systems from harmful and modern cyber-attacks.The original contribution of this paper is to develop a smart and successful security model known as, Bizarre Synthesized Cascaded Optimized Predictor (BizSCOP) for improving cloud security.The proposed system uses smart and innovative algorithms to accurately recognize and classify the type of intrusion from the given data.The technical contribution extends to the incorporation of advanced features, including the utilization of the CSE-CIC-IDS 2018, CIC-IDS 2017, and cloud intrusion datasets, contributing to the diversity and richness of the analysis.The methodology begins with data preprocessing, involving the removal of duplicate features and normalization techniques to enhance the quality of the cloud dataset.A key technical innovation lies in the adoption of the Hybrid Pigeon Spider Monkey (HyPSM) optimization technique for feature selection.This hybridized metaheuristic model efficiently identifies and selects the most relevant features, optimizing the subsequent stages of the intrusion detection process.Figure 1 shows the architecture model of cloud intrusion network, and Fig. 2 depicts the general workflow of the suggested BizSCOP model, which consists of the following operational modules:  For system implementation and analysis, the input cloud data is first acquired from public sources.Cloud data is often very large and contains missing fields and attributes along with unnecessary information.Therefore, preprocessing the data is crucial before classifying and identifying intrusions.To achieve this, the conventional procedures for data normalization and standardization are first used to eliminate any duplicate features or information, hence improving the overall quality of cloud data.In order to choose the most important and necessary features from the preprocessed data in the best possible way, the innovative and exclusive HyPSM approach is put into practice.Pigeon optimization and Spider monkey optimization are two modern, separate meta-heuristic models that are integrated to create the HyPSM, a unique optimization technique.This type of hybridized model helps to increase the classifier's total processing speed while maintaining excellent accuracy.Furthermore, based on the selected features, the intelligent C2AE model is created to distinguish between instances of regular and hostile traffic.This is a sophisticated deep learning method that was created using the auto-encoder model.To guarantee a good attack prediction, learning computation is carried out during classification to adjust the hyper-parameters.Adopting the suggested BizSCOP model has several benefits, the main ones being reduced computing load, fewer false positives, easy implementation, and increased accuracy.

HyPSM model for feature selection
The technique of identifying the most pertinent features for a specific scenario by eliminating the unnecessary features from the common set of attributes is known as feature selection.This method involves selecting a certain number of traits based on their relevancy, which enhances the efficiency of classification techniques while cutting expenses.The cost component accounts for the decrease in storage capacity and the amount of time needed for computation to group the provided data.The development of a successful intrusion detection system for databases stored in the cloud is promoted in this article using new intelligent methods.Numerous optimization strategies are used for feature selection and dimensionality reduction in the earlier research projects.However, the bulk of methods struggle with the particular problems of lowered convergence speed, time consumption, complexity in finding the best optimum solution, and lower efficiency.
Therefore, the goal of the suggested task is to put into practise HybPSM, a cutting-edge and highly successful optimization methodology.Pigeon optimization and spider monkey optimization are two different algorithms whose functionalities are combined to create this technique.The distinctive homing behavior of the pigeon flock serves as the basis for the conceptualization of the pigeon flock algorithm.By replicating the pigeon flock's navigational patterns, the algorithm primarily determines the global best solution to the optimization problem.Pigeons use three primary reference elements for their initial navigation, based on their behavior throughout the homing process.There are three main factors that affect pigeon navigation: (1) the sun's impacts on homing and how well it can guide birds; (2) the geomagnetic field's interference with pigeons; the bird's upper beak has a magnetic induction structure that helps birds detect their flight; and (3) the impact of environment markers on pigeon navigation and identical terrain will facilitate pigeon homing.The list of swarm intelligence-based optimization methods includes the more recent development of the spider monkey optimization algorithm.The Euclidean distances among possible solutions serve as the foundation for updating formulas.The technique has been widely used to deal with challenging optimization issues.Due to their improved convergence rate and efficiency, the proposed technique aims to integrate these approaches for making a unique and hybridized optimization model for feature selection.
In the proposed model, the obtained features F d I from the cloud data is taken as the input, and the selected features S best is produced as the output.During initializa- tion process, the set of uniformly distributed spider monkeys are generated, where each spider monkey is represented as shown in the following form: where, ∫ j represents the j th spider monkey in the swarm, min ∫ j and max ∫ j are lower and upper bounds of the search space in k th dimension, and U rand (0, 1) is a uniformly distributed random number in the range (0, 1).Then, the local leader phase is executed, in which the position update equation is estimated for each member in the group as represented in Eq. ( 2).If the condition U rand is satisfied, the position updated is performed as shown in below: Otherwise, the position is updated as represented in the following model: (1) (3) where, ∫ j [k] is the k th dimension of j th spider monkey, indicates the k th dimension of local leader of the h th group, ∫ r [k] is the k th dimension of a randomly selected SM from the r th group, and U rand (0, 1) is a uni- formly distributed random number in the range (−1, 1) .Consequently, the local leader position is updated according to the time varying transfer function of Pigeon optimization technique as shown in the following mathematical model: Moreover, the global leader phase is also executed, where for each member in the population, the position update is performed as represented in the following equation: Then, the fitness function is computed as shown in below: The global leader position is also updated according to the time varying transfer function of the Pigeon optimization algorithm as illustrated in the following model: During the local leader decision phase, the limit count is set for the local leader, if the condition U rand (0, 1) ≥ pr is satisfied, the new position is computed according to the following equation: Otherwise, the new position is estimated based on the following model: (6) pr j = 0.9 * fit j M n=1 fit n + 0.1 Similar to this, the global leader decision phase is also executed, and the position update is performed in order to obtain the best fitness value, which is mathematically represented as shown in the following equation: Where, fit best indicates the best fitness value.

Cascaded Convolutional Auto Encoder (C 2 AE) for classification
Following feature selection, the Cloud Communication AutoEncoder (C 2 AE) model is introduced, a novel deep learning approach specifically designed to distinguish between friendly and hostile communication patterns within the cloud environment.The intelligent C2AE model employs autoencoder architecture, enhancing its ability to discern intricate patterns in the dataset.During classification, learning computation is applied to modify hyperparameters, ensuring adaptability to dynamic attack scenarios.Numerous deep learning algorithms have been used in previous studies to separate the benign and disruptive events from the provided data based on selected features.However, the traditional deep learning methods have particular issues with longer prediction times, reduced efficiency, unreliability, and a high rate of false positives.Therefore, the goal of the proposed study is to implement an innovative and intelligent classification system for intrusion detection that guarantees performance outcomes and accuracy.A feedforward neural network called an auto-encoder desires, within specific bounds, to recreate the input at its final form.In this technique, the convolutional operation is integrated with the auto encoder for a successful intrusion detection.The architecture model of the proposed C 2 AE technique is shown in Fig. 3.In this technique, the set of selected features ∫ best obtained from the previous stage is considered into account as the input and the classified result φ r is delivered as the output.At first, the input layer is initialized and hidden unit is formulated as represented in the following equation: where, m number of hidden units, and δ k (.) activation function of each hidden neuron.Consequently, the penalty term is estimated as illustrated in the following model: where, ś indicates the number of neurons in the hid- den layer, and KL(.) is the Kullback-Leibler divergence, which is estimated based on the following equation: This penalty function has the following feature: KL(ϑ|ϑ k ) = 0 if ϑ k = ϑ ; Otherwise, it increases mono- tonically as ϑ k diverges from ϑ , which acts as the spar- sity constraint.Consequently, the cost function of the neural network is also estimated according to the following model: where, ℓ a k indicates the label data, W k,t (ℓ a ) is the weight estimation for the label data, and τ is a Kullback constant.It can be changed as follows by adding the sparse penalty term to the cost function: where, ω is the weight of the sparsity penalty.The train- ing process employs the stochastic gradient descent (12) approach, and the parameters W and b can be updated as shown in below: where, ε indicates the learning rate.Moreover, the convo- lutional operation is also performed as represented in the following equation: where, γh ⊒,⌊ and γℓ a k are the deltas of the hidden states and the reconstruction, respectively.By using this classification algorithm, the overall intrusion detection performance of the proposed BizSCOP model is greatly improved in this study.The complete intrusion detection performance of the proposed BizSCOP model in this study is significantly enhanced by employing this classification technique.

Learning rate estimation for hyper parameter tuning
Typically, the hyper parameter tuning is one of the most essential operation in the prediction system.Since, the complexity of classification is greatly reduced with the adoption of hyper parameter tuning, which also supports to improve the overall accuracy of prediction.In the (17 proposed Biz-SCOP model, the initial hyper parameter is estimated at first as shown in the following equation: where, θ and ε denote the momentum and learning rate, respectively, and ∇ f indicates the objective function.
Then, the chain rule formula is also computed as represented in below: In chain rule, which can be updated as shown in the following equation: Then, the learning rate α is obtained as shown in below: where, ε" denotes the learning rate of hypergradient.Finally, the update rule for the learning rate is estimated as shown in below: (20) In order to improve the classifier's overall accuracy and intrusion detection performance, the learning rate is calculated in this study based on this procedure.

Results and discussion
This section uses a variety of metrics to compare and validate the suggested Biz-SCOP model's performance.Testing has been done using a few of the most recent intrusion datasets, including CSE-CIC-IDS 2018 [48], CIC-IDS 2017 [34], and the cloud intrusion dataset [25].These are the open source datasets, each including various forms of attacking instances that can be found in the Kaggle repository.Moreover, the proposed security framework is implemented with the help of Matlab 2019 software and windows 10 OS, where 8 GB RAM and Intel core i3 processor have also been used.When comparing several intrusion detection systems, performance indicators are essential to figure out which one is functioning more efficiently than the rest of them.In this study, the following performance measures are taken into account for evaluation and assessment: Accuracy measures the proportion of correct predictions made by the intrusion detection system.It is calculated as the ratio of the number of correct predictions (true positives and true negatives) to the total number of predictions.
Precision: The precision of a system that detects intrusions is defined as the ratio of properly categorized attacking packets to the overall amount of assault packets.The following model illustrates how precision is represented: Detection Rate: The number of packets that are accurately detected is represented by the detection rate.The following model serves as a representation of it: F1-Measure: The harmonic composition of recall and precision is known as the F-measure.It is shown in the equation that follows: Area Under Curve (AUC): The area under the receiver operating characteristics, or AUC, curve is produced by graphing the sensitivity or true positive rate (TPR) versus the false positive rate (FPR) at different threshold values.A classifier that is flawless will have a score of 100% in the top-left area (FPR = 0).In the upper right hand corner, a worst-case classifier will have a score of 100% (FPR) and 0 (TPR).The AUC score is an estimate of the area under the ROC curve.This calculates the classification model's average quality at various thresholds.The AUC value of a random classifier is 0.5, while the AUC score of an ideal classifier is 1.0.As a result, the majority of predictors have AUC scores that fall around 0.5 to 1.0.
Geometric Mean Score (GMO): The product of classwise responsiveness is the geometric mean, or GEO.This metric seeks to balance accuracy while optimizing efficiency for each class.The product of Sensitivity or Recall and Specificity squared is known as GEO in binary classification.One is the ideal value, and zero is the worst.The GEO score will be zero if the classifier refuses to recognize a minimum of one class.It is calculated as shown in the following model: The ROC of the suggested Biz-SCOP model in relation to various attack kinds is displayed in Fig. 4. The ROC is commonly employed to determine the efficacy of the classifier in identifying and classifying incursions from the given data.The suggested Biz-SCOP model offers a better ROC value for all kinds of assaults in the CSE-CIC-IDS 2018 dataset, according to the estimated results.As a result, as illustrated in Fig. 5, the accompanying confusion matrix is also validated and utilised to assess the classifier's overall prediction performance and efficiency.The results showed that, for intrusion detection, the suggested BizSCOP model could successfully identify and classify true positives, true negatives, false positives, and false negatives.Since, the adoption of hybrid optimization and novel deep learning techniques are the major reasons for gaining an improved performance in the proposed system.Additionally, illustrated in Figs.16 and 17, respectively, some of the most recent hybrid machine learning techniques are also taken into consideration for validating and comparing the outcomes of the suggested Biz-SCOP model in terms of f1-score and MCC.Furthermore, as shown in Fig. 18, the ROC is also contrasted with the traditional methods.All things considered, the comparative evaluations show that the suggested Biz-SCOP model outperforms every method now in use with better outcomes.HyPMS and learning rate computation techniques are integrated, which significantly increases classifier detection and overall accuracy.
Table 2 uses the CIC-IDS 2017 dataset to evaluate the proposed Biz-SCOP model with traditional deep learning techniques, accounting for accuracy, precision, and recall parameters.Additionally, the suggested Biz-SCOP model is compared to a few other auto-encoder-based deep learning techniques based on the parameters of AUC, F1-score, and GEO, as indicated in Tables 3, 4, and 5 respectively.The three most serious cloud threats-Slowloris, TCP land, and Ping of Death-are taken into consideration for this comparison.The comparative results show that the suggested Biz-SCOP model could accurately identify the type of intrusion by locating it and analyzing its properties.
The results of the proposed Biz-SCOP model are verified and investigated during performance assessment using various evaluation metrics.Furthermore, a few cutting-edge methods from the recent past, such as deep learning, machine learning, and other hybridized models, are also taken into consideration when comparing performance.The suggested Biz-SCOP model performs effectively, offering better intrusion detection results for all the datasets taken into consideration in this study, according to the findings and results.Furthermore, it outperforms all current security techniques with an average accuracy of 99.5%, precision, recall, and f1-score of almost 99%.When data handling procedures are followed correctly, incursions are precisely identified together with the relevant class.

Conclusion
This study introduces the innovative Biz-SCOP model, a cloud security framework that revolutionizes intrusion detection.Leveraging public sources for input cloud data, we address the challenges of vast and complex datasets through meticulous data preparation, involving the removal of duplicate features and normalization techniques.A distinctive contribution is the HyPSM approach, a novel hybrid optimization method combining spider monkey and pigeon optimization for effective feature selection.This enhances accuracy while accelerating overall processing speed.The intelligent C2AE model, employing advanced auto-encoder techniques, facilitates the differentiation between friendly and hostile communication.Key advantages include reduced compute load, minimal false positives, implementation ease, and heightened accuracy.This work has employed certain popular datasets CSE-CIC-IDS 2018, CIC-IDS 2017, and cloud intrusion dataset for analysis in order to validate the performance outcomes of the proposed Biz-SCOP model.The results show that the suggested approach works well across all datasets, with an average accuracy gain of up to 99.5% and a loss of only 0.1.Furthermore, as a result, the other performance metrics-precision, recall, and f1-score-also show improvement, with respective values of 99.7%, 99.8%, and 99.9%.The total research leads to the conclusion that the Biz-SCOP model successfully detects and separates the class of intrusion from the given dataset, improving intrusion detection efficiency by up to 99%.However, the proposed work's training and validation procedures still need to be streamlined for faster execution.Additionally, only publicly accessible cloud intrusion datasets are used to evaluate and analyze the suggested system, and a real-time dataset must be used to assess the suggested model's performance.
It is advised that future work explore several avenues.First, the Biz-SCOP model's applicability may be expanded by the creation of a security framework for Internet of Things integrated cloud systems.Further research into how well it performs in dynamic threat environments and the investigation of adaptive learning techniques might advance cloud security solutions over time.By providing a solid framework for future study, this paper helps to ensure that intrusion detection systems remain resilient to new and evolving cyber threats, protecting cloud infrastructures.We are also interested to use a data fusion approach to predict assaults from big data networks and complex cloud environments.

Algorithm 1 .
Hybrid Time varying Pigeon based spider Monkey Optimization (HyPSM) for Feature Selection Tn) (Tp + Tn + Fp + Fn) F1 − score = 2 × (Precision × Recall) Precision + Recall False Positive Rate (FPR): The ROC curve has been defined by the false alarm rate.The following model illustrates the false-positive rate: where, Tp -True positives, Tn -True negatives, Fp - False positives, and Fn -False negatives.

Figure 6
Figure 6 compares the precision and specificity values of the convention hybrid deep learning and proposed BizSCOP model using CSE-CIC-IDS 2018 dataset.Consequently, the accuracy, MCC, and F1-score are also validated and comparing this study as shown in Figs.7 and 8 respectively.Then, the negative prediction value, false negative rate (FNR), false positive rate (FPR), and false detection rate (FDR) are also validated and compared as depicted in Figs. 9, 10, 11 and 12.The overall comparative analysis and findings demonstrate that the proposed BizSCOP could accurately detect and categorize the normal and intrusion data samples by properly

Fig. 6 Fig. 7
Fig. 6 Comparative analysis with other hybrid deep learning techniques

Fig. 17
Fig. 17 MCC comparison with existing machine learning techniques

Table 1
Literature review on recent state of the art models for cloud security [47]Hybrid Ant Bee Colony Optimization -machine learning Cloud intrusion dataset Effective feature selection and ensured attack detection accuracy[46]Hybrid intrusion detection methodology UNSW-NB 15, CICIDS 2017 and NSL-KDD Precise intrusion detection, and high time complexity[47]Hybrid deep neural network Cloud IDS dataset Minimized overall computational time and maximized detection rate

Table 2
Comparative analysis with other deep learning techniques using CICIDS2017 Dataset

Table 3
AUC analysis with several auto-encoder methodologies with respect to different classes of attacks in cloud dataset

Table 4
F1-score analysis with several auto-encoder methodologies with respect to different classes of attacks in cloud dataset

Table 5
GEO analysis with several auto-encoder methodologies with respect to different classes of attacks in cloud dataset