How I can prove that SSH attacks are not from my application?

How I can prove that SSH attacks are not from my application? Hi, My ruby on rails web application is hosted on linode. Linode opened an ticket and blamed that my linode server is attacking other servers. Logs also revels that it is a brute force attack for ssh login which is originated from my server. I have studied my source code and checked if there is any malicious script on my server but I found none. How can I prove that attack is not originated from my end? If however attack is originated from my end then how can I detect which process is making the attack? My web application is running on Ubuntu 12.04.