Intelligent Multi-Agent Based Detection and Response To Data Exfiltration In Distributed Cloud

The rapid growth of distributed cloud computing has brought unprecedented scalability and flexibility—but it has also exposed new security vulnerabilities, particularly in the form of covert data exfiltration. Traditional intrusion detection and prevention systems often struggle to adapt to the dynamic and decentralized nature of these environments. This paper introduces an autonomous, cooperative Multi-Agent System (MAS) enhanced with federated learning for proactive detection and adaptive response to data exfiltration in distributed cloud infrastructures. The proposed framework integrates seven specialized agents that collaboratively monitor network traffic, extract relevant features, and detect anomalous behavior while preserving data confidentiality through federated model training. Experimental evaluation using a real-world DNS tunneling dataset achieved outstanding results—99.89% accuracy, 99.9% recall, and 99.92% F1-score after only five federated learning rounds. Moreover, the system demonstrated real-time responsiveness and resilience against advanced exfiltration techniques, including DNS, HTTP, and ICMP-based tunneling attacks. These findings highlight the potential of intelligent cooperative agents to strengthen cyber-security in distributed cloud ecosystems.