METHOD FOR DETECTING DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACKS

Abstract

ABSTRACT A method (100) for detecting Distributed Denial of Service (DDoS) attacks in network traffic. Further, the method comprising collecting real-time network traffic data from multiple sources using standard protocols, including NetFlow and SNMP. Further, the method (100) comprising the steps of pre-processing the collected data to extract relevant features indicative of potential DDoS attacks, including packet size, packet rate, and protocol type. Further, the method (100) comprising the steps of applying machine learning algorithms to classify the pre-processed data as either benign or malicious. The algorithms include at least one of supervised, unsupervised, or semi-supervised learning techniques. Further, the method (100) comprising the steps of triggering an alert and executing a response action upon detecting a DDoS attack, including methods such as traffic rerouting or rate limiting to mitigate the attack's impact on network infrastructure.

Specification

Description:FIELD OF THE DISCLOSURE
[0001] This invention generally relates to the field of cybersecurity and, in particular, relates to a method for detecting Distributed Denial of Service (DDoS) attacks in network traffic using advanced machine learning algorithms to enhance the accuracy and efficiency of threat identification and mitigation.
BACKGROUND
[0002] The subject matter discussed in the background section should not be assumed to be prior art merely as a result of its mention in the background section. Similarly, a problem mentioned in the background section or associated with the subject matter of the background section should not be assumed to have been previously recognized in the prior art. The subject matter in the background section merely represents different approaches, which in and of themselves may also correspond to implementations of the claimed technology.
[0003] The increasing reliance on digital infrastructure has made organizations vulnerable to various cyber threats, particularly Distribute , Claims:WE CLAIM:
1. A method (100) for detecting Distributed Denial of Service (DDoS) attacks in network traffic, the method comprising the steps of:
collecting real-time network traffic data from multiple sources using standard protocols, including NetFlow and SNMP;
pre-processing the collected data to extract relevant features indicative of potential DDoS attacks, including packet size, packet rate, and protocol type;
applying machine learning algorithms to classify the pre-processed data as either benign or malicious, wherein the algorithms include at least one of supervised, unsupervised, or semi-supervised learning techniques;
triggering an alert and executing a response action upon detecting a DDoS attack, including methods such as traffic rerouting or rate limiting to mitigate the attack's impact on network infrastructure.

2. The method (100) as claimed in claim 1, wherein the machine learning algorithms include at least one of Support Vector Machines (SVM), Random Forests, or Long Short-Term Memory (LSTM) n

Documents