DDoS attack detection using optimal scrutiny boosted graph convolutional and bidirectional long short-term memory

Abstract

The distributed denial of service (DDoS) attack occurs when massive traffic from numerous computers is directed to a server or network, causing crashes and disrupting functionality. Such attacks often shut down websites or applications temporarily and remain among the most critical cybersecurity challenges. Detecting DDoS is difficult and must occur before mitigation. Recently, machine learning and deep learning (ML/DL) have been employed for detection; however, architectural limitations restrict their effectiveness against evolving attack methods. This paper presents a novel framework, scrutiny boosted graph convolutional–bidirectional long short-term memory and vision transformer (SBGC-BiLSTM-ViT), which integrates graph convolutional, BiLSTM, and ViT models with machine learning classifiers such as support vector machine (SVM), Naïve Bayes (NB), random forest (RF), and K-nearest neighbors (KNN). The integration enables autonomous extraction of critical features, enhancing precision in detecting and classifying DDoS attacks. To further boost performance, a Bayesian optimization algorithm (BOA) is applied for hyperparameter tuning of SBGC and ML methods. Evaluation on benchmark datasets UNSW-NB15 and CICDDoS2019 demonstrates that the proposed approach achieves higher accuracy and effectively identifies new DDoS variants, outperforming conventional methods.