Detecting DDOS Attacks Amidst Flash Crowds Using Machine Learning

Authors

  • Maryam Abdulkadir Department of Informatics, Faculty of Computing, Kaduna State University,
  • Muhammad Aminu Ahmad Department of Informatics, Faculty of Computing, Kaduna State University,
  • Ahmad Abubakar Aliyu Department of Informatics, Faculty of Computing, Kaduna State University
  • Sa’adatu Abdulkadir Department of Secure Computing, Faculty of Computing, Kaduna State University Kaduna – Nigeria.
  • Mohammed Ibrahim Department of Secure Computing, Faculty of Computing, Kaduna State University Kaduna – Nigeria.
  • Adamu Abdullahi Department of Secure Computing, Faculty of Computing, Kaduna State University Kaduna – Nigeria.
  • Abubakar Muazu Ahmed Department of Secure Computing, Faculty of Computing, Kaduna State University Kaduna – Nigeria.

DOI:

https://doi.org/10.64290/bima.v9i2A.1061

Keywords:

Flash Crowd, DDoS Detection, Random Forest Classifier, SMOTE

Abstract

In the digital landscape, distinguishing genuine flash crowds from Distributed Denial of Service (DDoS) attacks remains a critical challenge. Flash crowds, characterized by sudden surges of legitimate traffic, often exhibit behavioral patterns similar to DDoS attacks, leading to false positives in detection systems. This research proposes a robust machine learning-based approach for setting apart flash crowds from DDoS attacks, using a multi-classification methodology. The implemented system leverages a Random Forest classifier trained on network traffic data, focusing on key features such as packet size, flow duration, and transmission rates. The dataset is pre-processed to handle anomalies and class imbalance using the Synthetic Minority Over-sampling Technique (SMOTE). Evaluation metrics such as accuracy, precision, recall, and F1-score, demonstrated the system's effectiveness, achieving over 99% accuracy in distinguishing benign traffic from malicious attacks. Additionally, advanced visualizations such as confusion matrices and ROC curves provided actionable insights into the model performance. The new model's scalability and high accuracy make it a promising solution for real-time applications in network anomaly detection, ensuring minimal disruption to legitimate user activities. This study contributes to the ongoing efforts to enhance cyber-security defenses against evolving DDoS threats while preserving the accessibility of web services during legitimate traffic surges.

 

Downloads

Published

2025-06-30

How to Cite

Abdulkadir, M. ., Aminu Ahmad, M., Abubakar Aliyu, A. ., Abdulkadir, S. ., Ibrahim, M., Abdullahi, A. ., & Muazu Ahmed, A. (2025). Detecting DDOS Attacks Amidst Flash Crowds Using Machine Learning. BIMA JOURNAL OF SCIENCE AND TECHNOLOGY GOMBE, 9(2A), 23-33. https://doi.org/10.64290/bima.v9i2A.1061

Issue

Vol. 9 No. 2A (2025): VOLUME 9 ISSUE 2A (JUNE 2025)

Section

Articles