A Hybrid LSTM-Based Framework for Accurate and Real-Time DDoS Detection in Cloud Environments

This study presents a comprehensive methodology for advanced Distributed Denial of Service (DDoS) detection in cloud-hosted websites using a hybrid approach combining Covariance Matrix Analysis with Machine Learning (ML) and Deep Learning (DL) models. Publicly available datasets, including CIC-IDS2017 serve as the primary data sources, containing both normal and malicious network traffic patterns. Data preprocessing involves cleaning, encoding, and normalization to ensure data quality and consistency, followed by feature extraction to identify critical network attributes such as packet size, session data, and traffic volume. Covariance Matrix Analysis is employed to capture feature interactions and highlight essential trends, aiding in dimensionality reduction and enhancing model interpretability. The proposed hybrid approach leverages ML models like Support Vector Machine (SVM), K-Nearest Neighbors (KNN), and Random Forests (RF), alongside DL models such as Convolutional Neural Networks (CNN), to accurately detect DDoS attacks. Comparative analysis evaluates the hybrid model against conventional detection techniques, focusing on false positive rates, detection accuracy, and sensitivity to high-volume, low-rate attacks. Performance metrics, including accuracy, precision, recall, F1-score, and ROC-AUC, assess the model’s effectiveness in real-time attack detection across various traffic scenarios. The expected outcomes include the development of a robust, low-computational overhead DDoS detection model, a structured dataset for attack analysis, and the identification of key network features that significantly impact detection accuracy.