Next-Generation Cyber Defense: A Novel Ensemble Approach for Distributed Denial of Services Attack Detection

With the continuous evolution of digital technologies, the frequency and sophistication of cyber-attacks, particularly Distributed Denial of Service (DDoS) attacks, have significantly escalated, posing critical threats to global network infrastructures. The challenge lies in differentiating between legitimate network traffic and malicious DDoS traffic as it moves from attackers to targets. Network traffic classification plays a essential role in identifying such anomalies and is vital for safeguarding cyberspace. However, traditional detection techniques are no longer sufficient to manage the increasing complexity and diversity of modern network environments. In response, machine learning (ML) and deep learning (DL) methods have emerged as leading approaches in DDoS detection.

Research Objective: This research aims to develop and evaluate a hybrid CNN-LSTM framework for detecting DDoS attacks using the CICDDoS2019 dataset. The specific objectives are:

• CNN Model Development: Design a CNN model to extract high-level features from the pre-processed data, transforming it into informative feature maps.


• Parallel Execution: Implement parallel execution of feature maps through both the dense layer and LSTM to enhance the model’s efficiency and performance.


• Real-time Detection Capability: Assess the model’s ability to detect DDoS attacks in real-time, focusing on its scalability and robustness in handling large volumes of network traffic.

Methods: The novelty of this work lies in its hybrid parallel deep learning architecture, which effectively addresses the limitations of traditional methods while enhancing the detection of increasingly sophisticated DDoS attacks. The machine learning methods have emerged as leading approaches in DDoS detection. This paper provides a comprehensive comparison of ML and DL algorithms, evaluated on the CICDoS2019 dataset, to identify the most effective model for detecting DDoS attacks. Additionally, a hybrid deep learning model combining Convolutional Neural Networks (CNN) and Long Short-Term Memory (LSTM) is proposed.

Results: This model leverages ML and DL ability to automatically extract and select significant features, achieving a remarkable detection accuracy of 99.84%. This high accuracy underscores the model's potential in real-time DDoS detection.

Conclusion: The findings emphasize the critical role of ML and DL in securing modern network environments and highlight its significance in advancing cyber security defenses. The detection of Distributed Denial of Service (DDoS) attacks using machine learning models, specifically the hybrid CNN-LSTM architecture, demonstrates exceptional performance in both binary and multi-class classification tasks.