Submit

Login Login

Register Register

Home / Journals / CMC / Online First / doi:10.32604/cmc.2025.072493
Journal Menu
Special Issues
Table of Content

All issues

Online First

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Open Access

ARTICLE

FRF-BiLSTM: Recognising and Mitigating DDoS Attacks through a Secure Decentralized Feature Optimized Federated Learning Approach

Sushruta Mishra1, Sunil Kumar Mohapatra2, Kshira Sagar Sahoo3, Anand Nayyar4, Tae-Kyung Kim5,*
1 School of Computer Engineering, Kalinga Institute of Industrial Technology (Deemed to be University), Bhubaneswar, 751024, Odisha, India
2 Department of Computer Science and Engineering, Centurion University of Technology and Management, Bhubaneswar, 761211, Odisha, India
3 Department of Computer Science and Engineering, SRM University-AP, Amaravati, 522240, Andhra Pradesh, India
4 School of Computer Science, Duy Tan University, Da Nang, 550000, Vietnam
5 Department of Management Information Systems, Chungbuk National University, Cheongju-Si, 28644, Chungcheongbuk-Do, Republic of Korea
* Corresponding Author: Tae-Kyung Kim. Email: email
(This article belongs to the Special Issue: Advances in Machine Learning and Artificial Intelligence for Intrusion Detection Systems)

Computers, Materials & Continua https://doi.org/10.32604/cmc.2025.072493

Received 28 August 2025; Accepted 21 October 2025; Published online 18 November 2025

Abstract

With an increase in internet-connected devices and a dependency on online services, the threat of Distributed Denial of Service (DDoS) attacks has become a significant concern in cybersecurity. The proposed system follows a multi-step process, beginning with the collection of datasets from different edge devices and network nodes. To verify its effectiveness, experiments were conducted using the CICDoS2017, NSL-KDD, and CICIDS benchmark datasets alongside other existing models. Recursive feature elimination (RFE) with random forest is used to select features from the CICDDoS2019 dataset, on which a BiLSTM model is trained on local nodes. Local models are trained until convergence or stability criteria are met while simultaneously sharing the updates globally for collaborative learning. A centralised server evaluates real-time traffic using the global BiLSTM model, which triggers alerts for potential DDoS attacks. Furthermore, blockchain technology is employed to secure model updates and to provide an immutable audit trail, thereby ensuring trust and accountability among network nodes. This research introduces a novel decentralized method called Federated Random Forest Bidirectional Long Short-Term Memory (FRF-BiLSTM) for detecting DDoS attacks, utilizing the advanced Bidirectional Long Short-Term Memory Networks (BiLSTMs) to analyze sequences in both forward and backward directions. The outcome shows the proposed model achieves a mean accuracy of 97.1% with an average training delay of 88.7 s and testing delay of 21.4 s. The model demonstrates scalability and the best detection performance in large-scale attack scenarios.

Keywords

Bi-directional long short-term memory network; distributed denial of service (DDoS); cybersecurity; federated learning; random forest

  • 499

    View

  • 85

    Download

  • 0

    Like

Related articles
Copyright© 2026 Tech Science Press
© 1997-2026 TSP (Henderson, USA) unless otherwise stated

Share Link