Mitigating DDoS Attacks: A Machine Learning Approach for Enhanced Detection and Response

Distributed Denial of Service (DDoS) assaults continue to be among the most dangerous risks on the Internet. With the advances in equipment for spotting and mitigating these attacks, crackers have improved their skills in originating new DDoS attack types with the intent of cloning normal traffic behavior therefore becoming silently powerful. The so-called low-rate DoS assaults are a portion of these effective DDoS attack types that aim to archive limited network traffic. This paper proposes a machine learning algorithm for the mitigation of DDoS outbreaks in the application layer. Our scheme seeks to increase the exactness and efficacy of DDoS attack detection by employing the robustness of machine learning procedures which include neural networks and support vector machines, in combination with superior feature engineering and real-time monitoring. Our outcomes show that, of the four Machine Learning algorithms, Maximum Learning Performance (MLP) results in the best sorting marks. Particularly MLP leads to an F1-score of 98.04% for legitimate traffic, 99.30% for attack traffic on emulated movement, and an F1-score of 99.87% for target traffic and 99.95% for legitimate transportation on real traffic. When it concerned the procedure of distinguishing emulated traffic using FL, MLP, and EC, we were capable of gaining an F1-score of 98.80% for malware traffic and 99.60% for valid movement; but, when it related to real traffic, we were managed to obtain an F1-score of 100% for the assault traffic and 100% for normal traffic.