Advancing DDoS attack detection with hybrid deep learning: integrating convolutional neural networks, PCA, and vision transformers

Distributed denial of service (DDoS) attacks pose a significant security risk, particularly with the increasing reliance on cloud computing and information technology (IT). These attacks not only allow unauthorized users to access services but also deny legitimate users the ability to utilize them. Traditional antivirus solutions and firewalls prove insufficient in detecting DDoS attacks within large networks. Intrusion detection systems (IDS) are essential for detecting unauthorized or malicious activities and ensuring the confidentiality, integrity, and availability of services. However, traditional IDS often rely on predefined signatures and patterns, making them susceptible to evasion tactics. In response, this research introduces a deep learning (DL)-based IDS that integrates convolutional neural networks (CNN) with principal component analysis (PCA) and explores the application of vision transformers (ViT). The proposed hybrid model was tested on the CICDDoS2019 dataset, achieving a notable improvement in detection accuracy. Specifically, the CNN-based model initially identified DDoS attacks with an accuracy of 99.72%. Upon integrating ViT, the model’s accuracy further improved to 99.99%. This innovative approach signifies a considerable advancement in the detection capabilities for DDoS attacks and underscores the potential for integrating more sophisticated DL models into cybersecurity defenses.