An integrated methodology for intrusion detection and mitigation to optimize cloud security

The quick adoption of the cloud computing technology has created new security challenges and they require new approaches to security intrusion monitoring and control. This paper will offer a two-layered AI-based security architecture incorporating AI-based Anomaly Detection (AAD) and Extended Zero Trust (EZT) model to bolster the security of the cloud infrastructure. The given methodology will be based on the most advanced AI models such as deep learning algorithms and machine learning models to identify anomalies and potential threats in dynamic, sophisticated, and real-time cloud environments. The framework was tried on CIC-IDS2018, TONIoT and later on current data including UNSW-NB15 and CICIoT2023 to reflect the increase in attack vectors such as Kubernetes exploits and container escapes. Role-Based Access Control (RBAC) and Multi-Factor Authentication (MFA) and micro-segmentation have been introduced in the implementation of EZT to enforce dynamic policies in the real time scenarios. Experimental performance of 98.6% accuracy in detection with low FPR (False Positive Rate) and 1.3 low-cost computation in the multi-tenant cloud environment was achieved. Adversarial resilience was analyzed and demonstrated 93.4 percent of resilience in poisons and evasion attacks and a statistical validation with 95 percent confidence intervals and mean rate in multiple runs confirmed stability.