Contact Us
Journal Statistics & Approval Details
Recent Published Paper
Our Author's Feedback
 •  SJIF Impact Factor: 8.067       •  ISRA Impact Factor 7.894       •  Hard Copy of Certificates to All Authors       •  DOI by Crossref for all Published Papers       •  Soft Copy of Certificates- Within 04 Hours       •  Authors helpline No: +91-8813907089(Whatsapp)       •  No Publication Fee for Paper Submission       •  Hard Copy of Certificates to all Authors       •  UGC Approved Journal: IJRASET- Click here to Check       •  Conference on 18th and 19th Dec at Sridevi Womens Engineering College     
ISSN: 2321-9653
Estd : 2013

Ijraset Journal For Research in Applied Science and Engineering Technology

Distributed Denial of Service (DDoS) Attack Mitigation using AI

Authors: Aman Kumar, Aman Roy, Ankur Babu, Himesh Chaudhary, Dr. Saumya Chaturvedi, Ms. Poonam Verma, Dr. Sureshwati

DOI Link: https://doi.org/10.22214/ijraset.2025.69632

Certificate: View Certificate

Abstract

Distributed Denial of Service(DDoS) attacks have been the major threats for the Internet and can bring great loss to companies and governments. With the development of emergingtechnologies, suchascloudcomputing, InternetofThings(IoT), artificialintelligence techniques, attackers can launch a huge volume of DDoS attacks with a lower cost, and it is much harder to detect and prevent DDoS attacks, because DDoS traffic is similar to normal traffic. Naive Bayes and Random Forest trees are two examples of artificial intelligence techniques that have been used to detect and categorize DDoS attacks using machine learning algorithms. The paper provides advice on artificial intelligence techniques to be employed in DDoS attack detection and prevention, as well as a summary of the most recent developments in DDoS attack detection utilizing AI techniques.

Introduction

Distributed Denial of Service (DDoS) attacks use multiple distributed sources to overwhelm a target, denying legitimate users access to services. These attacks target system resources and network bandwidth and are difficult to detect because attack traffic often mimics normal traffic. DDoS attacks can vary in traffic volume and duration, with evolving complexity due to cloud computing, IoT, and AI technologies.

DDoS Attack Types and Features

  • IP spoofing: Attackers disguise as trusted sources.

  • Flooding attacks: Overwhelm servers by sending excessive traffic, including:

    • TCP flood (sending numerous SYN requests)

    • ICMP flood (Smurf attack)

    • UDP flood

    • DNS amplification (using DNS servers to amplify traffic)

Detection and Prevention

  • Detection is challenging due to similarities between attack and legitimate traffic.

  • Key detection features: packet count, size, rate, and traffic variance.

  • Machine learning classifiers help distinguish normal vs. attack traffic by analyzing these features.

Artificial Intelligence in DDoS Detection

  • AI techniques like machine learning (SVM, neural networks, Naive Bayes) are widely used.

  • Deep learning models (CNN, RNN, LSTM, GRU) show improved detection by learning traffic patterns.

  • AI enables early detection and mitigation through anomaly detection and classification.

Trends in DDoS Attacks

  • Increasing attack volume, speed, and complexity.

  • Multi-vector attacks using multiple attack types are becoming more common, complicating detection.

Applications and Case Studies

  • Various AI-based detection systems have been developed using neural networks, big data platforms (Hadoop), and machine learning algorithms.

  • Approaches include real-time monitoring, spoofed traffic detection (using hop count), immune system-inspired algorithms, and hybrid multi-factor detection.

  • AI models improve accuracy in identifying and classifying attack types while reducing false positives.

Conclusion

DDoS assaults are one of the biggest risks to the Internet and can cause significant financial losses for both governments and businesses. Emerging technologies like cloud computing, the Internet of things, and artificial intelligence approaches have made it more difficult to identify and mitigate DDoS assaults and allowed attackers to launch them at a low cost. Naive Bayes and Random Forest trees are two examples of artificial intelligence techniques that have been used to detect and categorize DDoS attacks using machine learning algorithms. In the paper, we provide an overview of the most recent developments in artificial intelligence-based DDoS attack detection. Features including the number of packets, average packet size, time interval variance, packet size variance, number of bytes, packet rate, and bit rate can all be utilized to identify DDoS attacks. For their superior performance, we suggest using Naive Bayes and random forest trees among those artificial intelligence algorithms to distinguish between malicious and legitimate communications. DDoS assaults can be detected more accurately and efficiently by combining multiple machine algorithms.

References

[1] X. Yuan, C. Li and X. Li, Deep Defense: Identifying DDoS Attack via Deep Learning, IEEE International Conference on Smart Computing (SMARTCOMP), Hong Kong, 2017 [2] M. Guri, Y. Mirsky and Y. Elo vici, DDoS: Attacks, Analysis and Mitigation, 2017 IEEE European Symposium on Security and Privacy (Europe), Paris, France, 2017; [3] R. F. Fouladi, C. E. Kayatta’s and E. Ana rim, Frequency based DDoS attack detection approach using naive Bayes classification, 39th International Conference on Telecommunications and Signal Processing (TSP), Vienna, 2016; [4] C. J. Hsieh and T. Y. Chan, Detection DDoS attacks based on neural-network using Apache Spark, International Conference on Applied System Innovation (ICASI), Okinawa, 2016; [5] Zijin Ren, Xiangyang Liu, Runge Ye, Tao Zhang, Security and Privacy on Internet of Things, IEEE 7th International Conference on Electronics Information and Emergency Communication (ICEIEC 2017), Shenzhen, 2017; [6] B. S. Kiruthika Devi, G. Preetha, G. Selvaraj and S. Mercy Shalinie, an impact analysis: Real time DDoS attack detection and mitigation using machine learning, International Conference on Recent Trends in Information Technology, Chennai, 2014. [7] G. Ramadhan, Y. Kurniawan and Chang-Soo Kim, Design of TCP SYN Flood DDoS attack detection using artificial immune systems, 6th International Conference on System Engineering and Technology (ICSET), Bandung, 2016; [8] Josep L. Barral, Nicolas Poggi, Adaptive distributed mechanism against flooding network attacks based on machine learning, New York; [9] T. Zhao, A Neural-Network Based DDoS Detection System Using Hadoop and HBase, IEEE 17th International Conference on High Performance Computing and Communications, New York, 2015; [10] Lalit Meitei, Chandrika Johnson Singh, Detection of DDoS DNS Amplification Attack Using Classification Algorithm, International Conference on Informatics and Analytics, New York; [11] J. D. Ndi wile, A. Govardhan, Web Server Protection against Application Layer DDoS Attacks Using Machine Learning and Traffic Authentication, IEEE 39th Annual Computer Software and Applications Conference, Taichung, 2015; [12] D. Perkovich, M. Periša, Artificial neuron network implementation in detection and classification of DDoS traffic, 24th Telecommunications Forum (TELFOR), Belgrade, 2016.

Download Paper

Paper Id : IJRASET69632

Publish Date : 2025-04-24

ISSN : 2321-9653

Publisher Name : IJRASET

DOI Link : Click Here

Whatsapp Submit Paper Online