The number of business organizations moving towards cloud is increasing very rapidly. The ease of use and the connectivity the cloud provides is highly useful but the risks involved and malicious intrusions are also increasing day by day. Intrusions, malware or security policy violations of curious or malicious users are just but a few. Control assets and information policy are required in order to protect organization assets of the cloud-computing environment. Acceptable use policy is needed to make sure controls and monitoring of services is provided. Acceptable use policy is a set of rules applied by organizational network administrators to restrict the ways in which the network is used and set guidelines as to how it should be used (Fontijn et al., 2015). Different network administrators use different types of network-based and host-based security software to detect malicious activities in the cloud. The main target of the assailants is to make an attack to the presented resources in the Cloud computing settings (Hameed et al., 2016). Intrusion is the act of violating the security policy that pertains to an information system. Intrusion detection can be defined as the act of detecting actions that attempt to compromise the confidentiality, integrity or availability of a resource (Adat, & Gupta, 2018). Various methods can be used to detect intrusions but each one is specific to a specific method. The main goal of an intrusion detection system is to detect the attacks efficiently. Furthermore, it is equally important to detect attacks at the beginning stage in order to reduce their impacts (Schwarz et al., 2017).Most organizations today make use of acceptable use policy to specify the actions prohibited to the users of an organization's IT infrastructure. All users are usually required to adhere to all the policies specified in the acceptable use policy document without exception. Despite the use of existing detection and prevention systems such as IDS, IPS and Firewall to detect and prevent malicious activities and to analyze data that originates from the host computer, some users circumvent detection and prevention tools to access the cloud (Banerjee et., 2018).The greatest challenge with most of the detection and prevention technologies is the generation of false positives or false alerts.The greatest challenge with most of the detection and
