One of the essential technologies worldwide is cloud computing. Increasing demand for its various Amazon Web Services (AWS) services make it more vulnerable to different types of attacks, such as DoS, DDoS, Infiltration, and others). The full list of attack types used in this study is presented in the classification section. Protecting cloud systems and their data mainly depends on various security technologies, including intrusion detection systems that monitor network traffic to detect suspicious activity or potential threats. This research proposes a model to contribute to solving the problem of identifying malicious activities in cloud networks. This model has three stages: the initial stage is pre-processing, encompassing data cleaning, normalization, and labelling. Stage two involved intersecting the outputs of the correlation and Information Gain methods to obtain a set of common features. Then these features were further filtered using the Chi-square method to identify the most relevant features. Lastly, a proposed classification technique was used utilizing (CNN -XGBoost) to classify traffic in the network into normal and abnormal. Experiment results on CSE-CIC-IDS2018 dataset showed that the proposed model achieved an accuracy of 99.3%, outperforming traditional filter-based feature selection.