Spotting and Mitigating DDoS Attacks Using Deep Learning for Online Traffic Analysis

Distributed Denial of Service (DDoS) attacks threaten server and network availability with minimal resources. These attacks mimic legitimate traffic, evading Intrusion Detection Systems (IDS) and Intrusion Prevention Systems(IPS). The primary challenge in countering DDoS attacks is achieving early detection as close to their origin. In addition, the persistence of malicious traffic hidden within legitimate traffic remains a common challenge for various mitigation techniques. This paper introduces a modular approach for identifying and mitigating DDoS attacks in both online and offline settings, using deep learning and rule-based techniques. We train the IDS with VGG16, GoogLeNet, Support Vector Machines (SVM), and Random Forest (RF) and evaluate them using the CICDDoS2019 dataset. Our experiments show a detection accuracy of 99.87% offline and 99.67% online. Our methodology outperforms state-of-the-art approaches in offline detection, particularly with VGG16 and GoogLeNet. In our online setup, the mitigation module successfully addresses all attacks detected by our anti-DDoS solution.