Innovative Machine Learning Strategies for DDoS Detection: A Review

This is a broad survey that investigates the use of machine learning (ML) methods for detecting distributed denial of service (DDoS) attacks. Traditional intrusion detection systems face difficulties in application-layer DDoS attacks because they target legal web traffic forms using standard transmission control protocol connections. This paper reviews different ML methods used in recent studies to tackle these issues. These studies use various data sets, such as UNSW-np-15, CICDDoS2019, and the novel dataset LATAM-DDoS-Internet of Things., which prove the efficacy of the proposed models in terms of accuracy and performance metrics. The second group of studies shows more advanced designs, such as protocol-based deep intrusion detection and autoencoder-multi-layer perceptron. These use deep learning to find features and group attacks. All of these approaches present favorable outcomes when it comes to distinguishing normal, DoS, and DDoS traffic with a high level of accuracy. Furthermore, the review discusses works that emphasize the early detection of noise-robust models and distributed frameworks. Different techniques, such as snake optimizer with ensemble learning, metastability theory, and spark-based anomaly detection, highlight the trend of predicting DDoS attacks, whereas hyperband-tuned deep neural networks and evolutionary support vector machine models show higher accuracy in cloud systems as well as software-defined networking environments. Hence, this review gives a general observation of how DDoS attacks develop on their way and proves that ML techniques help to strengthen network security.