Title: Design And Implementation Of A Machine Learning Based DDoS ATTACKS Detection And Mitigation System For Network Security
Authors: Ibeh Sylvarine Chinasa, Ike Joseph Mgbemfulike and Ogochukwu C. Okeke.
Volume: 9
Issue: 6
Pages: 93-105
Publication Date: 2025/06/28
Abstract:
With the rapid growth of internet-connected systems, Distributed Denial-of-Service (DDoS) attacks have become one of the most prevalent and disruptive threats to network security. Traditional rule-based intrusion detection systems often struggle to identify evolving and sophisticated DDoS attack patterns in real-time. This project presents the design and implementation of a machine learning-based system for the detection and mitigation of DDoS attacks. By leveraging traffic flow features such as packet rates, IP entropy, and protocol usage, the system utilizes supervised learning algorithms-specifically Random Forest and Support Vector Machine (SVM)-to classify traffic as benign or malicious. Real-time packet capturing and feature extraction are integrated into a detection pipeline, which enables timely and automated responses to identified threats. Upon detection, mitigation is carried out through dynamic firewall rules and traffic rate limiting. Experimental results using benchmark datasets such as CICDDoS2019 demonstrate high detection accuracy and low false positive rates, validating the effectiveness of the proposed system. This approach not only enhances the responsiveness of network defense mechanisms but also provides a scalable solution to adapt to emerging attack vectors.