Enhanced Detection and Classification Models for Distributed Denial-of-Service Using Time-Based Features in Cybersecurity
- Authors
-
-
Yusuf T. BAFFA
Department of Software Engineering, Bayero University, Kano, Nigeria
Author
-
Muhammad Y. MUHAMMAD
Department of Computer Science, Bayero University, Kano, Nigeria
Author
-
Aliyu SHUAIBU
Department of Computer Science, Bayero University, Kano, Nigeria
Author
-
- Keywords:
- Deep Learning, CICDDoS2019, Cybersecurity, DDoS detection, time-based features, multiclassification.
- Abstract
-
Distributed Denial-of-Service (DDoS) attacks continue to pose a critical threat to network infrastructure, necessitating robust, advanced and efficient detection systems. This study explores the application of deep learning (DL) models, specifically DNN, DCNN, CNN-LSTM, and CNN-BiLSTM, into intrusion detection systems (IDS) to enhance their ability to detect and classify diverse DDoS attacks. Utilizing the CICDDoS2019 dataset, a comprehensive pre-processing pipeline was applied, including feature elimination, duplicate and zero-value removal and downsampling to address class imbalance. The dataset was partitioned into binary and multiclass tasks, and two feature sets were analysed: a 70-feature baseline set and a 25-feature time-based set. Experiments were conducted across three scenarios: binary classification (DDoS vs. benign), 12-class attack detection, and 13-class classification (attacks + benign). Key findings demonstrate the integration of time-based features significantly enhanced detection precision for stealthy, low-rate attacks such as UDPLag (F1 = 0.99%), detection recall from 0.9965 to 0.9998 and effectively resolved false positives for attacks like Portmap. CNN-BiLSTM showed superior performance in capturing temporal dependencies, particularly for time-sensitive attacks, achieving 0.99% F1-score (13-class) with 20% FP reduction for UDPLag due to its bidirectional processing capability. The study underscores the importance of temporal feature engineering and the superiority of hybrid deep learning models for robust and scalable DDoS intrusion detection. The findings contribute to advancing deep learning-based IDS frameworks, ensuring improved resilience against evolving cyber threats.
- References
- Cover Image
-
- Downloads
- Published
- 13-09-2025
- Section
- Articles
- License
-
Copyright (c) 2025 FUDMA Journal of Engineering and Technology
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
How to Cite
Similar Articles
- Idris M. WADA, Abba IBRAHIM, Genesis ISHAYA, Performance Evaluation of Climate Products with Validation Using Bootstrapping and Climate Extremes in the Hadejia-Jama’are River Basin, Nigeria , FUDMA Journal of Engineering and Technology: Vol. 1 No. 2 (2025): December 2025
- Mohammed U. GARBA, Usman B. ABDULLAHI, Hayatudden S. BARAYAIS, Aisha B. FARUQ, Suleiman IDRIS, Abubakar M. MUHAMMAD, Abubakar S. MOHAMMED, Treatment of Gold Mining Wastewater: A Review of Current Technologies and Future Perspectives , FUDMA Journal of Engineering and Technology: Vol. 1 No. 2 (2025): December 2025
You may also start an advanced similarity search for this article.