Framework for Detecting Application Layer DDoS Attacks Using Machine Learning and Big Data
Abstract
The growing threat of application-layer DDoS attacks and the continuous advancement of attacker techniques highlight the urgency of developing effective detection methods to protect networked systems. This work proposes a machine learning-based detection framework, integrated with a correlationbased Feature Importance technique and big data tool support. Four algorithms — Naive Bayes, Decision Tree, Logistic Regression, and Random Forest — were evaluated for accuracy and runtime. The results highlight the effectiveness of the approach, demonstrating significant gains in computational efficiency and predictive accuracy, particularly after the application of the variable selection technique. This robust and adaptable solution presents itself as a relevant contribution to strengthening the security of critical infrastructures in the face of an increasingly dynamic and challenging cyber landscape.
Keywords:
Computer networks, Cybersecurity, DDoS, Application layer
References
Alkasassbeh, M. (2018). A novel hybrid method for network anomaly detection based on traffic prediction and change point detection. arXiv preprint arXiv:1801.05309.
Awan, M. et al. (2021). Real-Time DDoS Attack Detection System using Big Data Approach. Sustainability 2021, 131, 10743.
Chaudhary, A. and Shrimal, G. (2019). Intrusion detection system based on genetic algorithm for detection of distribution denial of service attacks in MANETs. In Proc. of Int. Conf. on Sustainable Computing in Science, Technology and Management (SUSCOM), Jaipur-India.
Cloudflare Blog (2022a). DDoS Attack Trends for 2022 Q1. [link]. Acessado em 14/11/24.
Cloudflare Blog (2022b). DDoS Attack Trends for 2022 Q2. [link]. Acessado em 14/11/24.
Gong, C. et al. (2019). An improved quantum genetic algorithms and application for ddos attack detection. In 2019 IEEE Int. Conf. on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking, pages 427–434. IEEE.
Google Cloud Blog (2023). Google cloud mitigated largest ddos attack peaking above 398 million rps. [link]. Acessado em 14/11/24.
Imperva Blog (2022). 81% Increase in Large Volume DDoS Attacks. [link]. Acessado em 14/11/24.
Kebede, S. D., Tiwari, B., Tiwari, V., and Chandravanshi, K. (2022). Predictive machine learning-based integrated approach for ddos detection and prevention. Multimedia Tools and Applications, 81(3):4185–4211.
Kumar, V., Sharma, H., et al. (2018). Detection and analysis of ddos attack at application layer using naive bayes classifier. Journal of Computer Engineering & Technology, 9(3):208–217.
Praseed, A. and Thilagam, P. S. (2018). Ddos attacks at the application layer: Challenges and research perspectives for safeguarding web applications. IEEE Communications Surveys & Tutorials, 21(1):661–685.
Praseed, A. and Thilagam, P. S. (2021). Modelling behavioural dynamics for asymmetric application layer ddos detection. IEEE Transactions on Information Forensics and Security, 16:617–626.
Rahal, B. M., Santos, A., and Nogueira, M. (2020). A distributed architecture for ddos prediction and bot detection. IEEE Access, 8:159756–159772.
Raj, R. and Kang, S. S. (2022). Mitigating ddos attack using machine learning approach in sdn. In 2022 4th International Conference on Advances in Computing, Communication Control and Networking (ICAC3N), pages 462–467. IEEE.
Sarraf, S. et al. (2020). Analysis and detection of ddos attacks using machine learning techniques. Am. Sci. Res. J. Eng. Technol. Sci, 66(1):95–104.
Yadav, S. and Selvakumar, S. (2015). Detection of application layer ddos attack by modeling user behavior using logistic regression. In 2015 4th International Conference on Reliability, Infocom Technologies and Optimization (ICRITO)(Trends and Future Directions), pages 1–6. IEEE.
Awan, M. et al. (2021). Real-Time DDoS Attack Detection System using Big Data Approach. Sustainability 2021, 131, 10743.
Chaudhary, A. and Shrimal, G. (2019). Intrusion detection system based on genetic algorithm for detection of distribution denial of service attacks in MANETs. In Proc. of Int. Conf. on Sustainable Computing in Science, Technology and Management (SUSCOM), Jaipur-India.
Cloudflare Blog (2022a). DDoS Attack Trends for 2022 Q1. [link]. Acessado em 14/11/24.
Cloudflare Blog (2022b). DDoS Attack Trends for 2022 Q2. [link]. Acessado em 14/11/24.
Gong, C. et al. (2019). An improved quantum genetic algorithms and application for ddos attack detection. In 2019 IEEE Int. Conf. on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking, pages 427–434. IEEE.
Google Cloud Blog (2023). Google cloud mitigated largest ddos attack peaking above 398 million rps. [link]. Acessado em 14/11/24.
Imperva Blog (2022). 81% Increase in Large Volume DDoS Attacks. [link]. Acessado em 14/11/24.
Kebede, S. D., Tiwari, B., Tiwari, V., and Chandravanshi, K. (2022). Predictive machine learning-based integrated approach for ddos detection and prevention. Multimedia Tools and Applications, 81(3):4185–4211.
Kumar, V., Sharma, H., et al. (2018). Detection and analysis of ddos attack at application layer using naive bayes classifier. Journal of Computer Engineering & Technology, 9(3):208–217.
Praseed, A. and Thilagam, P. S. (2018). Ddos attacks at the application layer: Challenges and research perspectives for safeguarding web applications. IEEE Communications Surveys & Tutorials, 21(1):661–685.
Praseed, A. and Thilagam, P. S. (2021). Modelling behavioural dynamics for asymmetric application layer ddos detection. IEEE Transactions on Information Forensics and Security, 16:617–626.
Rahal, B. M., Santos, A., and Nogueira, M. (2020). A distributed architecture for ddos prediction and bot detection. IEEE Access, 8:159756–159772.
Raj, R. and Kang, S. S. (2022). Mitigating ddos attack using machine learning approach in sdn. In 2022 4th International Conference on Advances in Computing, Communication Control and Networking (ICAC3N), pages 462–467. IEEE.
Sarraf, S. et al. (2020). Analysis and detection of ddos attacks using machine learning techniques. Am. Sci. Res. J. Eng. Technol. Sci, 66(1):95–104.
Yadav, S. and Selvakumar, S. (2015). Detection of application layer ddos attack by modeling user behavior using logistic regression. In 2015 4th International Conference on Reliability, Infocom Technologies and Optimization (ICRITO)(Trends and Future Directions), pages 1–6. IEEE.
Published
2025-05-19
How to Cite
RANGEL NETO, Digenaldo de Brito; MACIEL JR., Paulo Ditarso.
Framework for Detecting Application Layer DDoS Attacks Using Machine Learning and Big Data. In: WORKSHOP ON MANAGEMENT AND OPERATION OF NETWORKS AND SERVICE (WGRS), 30. , 2025, Natal/RN.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2025
.
p. 29-42.
ISSN 2595-2722.
DOI: https://doi.org/10.5753/wgrs.2025.8757.
