@Article{cmc.2025.072493,
AUTHOR = {Sushruta Mishra, Sunil Kumar Mohapatra, Kshira Sagar Sahoo, Anand Nayyar, Tae-Kyung Kim},
TITLE = {FRF-BiLSTM: Recognising and Mitigating DDoS Attacks through a Secure Decentralized Feature Optimized Federated Learning Approach},
JOURNAL = {Computers, Materials \& Continua},
VOLUME = {86},
YEAR = {2026},
NUMBER = {3},
PAGES = {--},
URL = {http://www.techscience.com/cmc/v86n3/65469},
ISSN = {1546-2226},
ABSTRACT = {With an increase in internet-connected devices and a dependency on online services, the threat of Distributed Denial of Service (DDoS) attacks has become a significant concern in cybersecurity. The proposed system follows a multi-step process, beginning with the collection of datasets from different edge devices and network nodes. To verify its effectiveness, experiments were conducted using the CICDoS2017, NSL-KDD, and CICIDS benchmark datasets alongside other existing models. Recursive feature elimination (RFE) with random forest is used to select features from the CICDDoS2019 dataset, on which a BiLSTM model is trained on local nodes. Local models are trained until convergence or stability criteria are met while simultaneously sharing the updates globally for collaborative learning. A centralised server evaluates real-time traffic using the global BiLSTM model, which triggers alerts for potential DDoS attacks. Furthermore, blockchain technology is employed to secure model updates and to provide an immutable audit trail, thereby ensuring trust and accountability among network nodes. This research introduces a novel decentralized method called Federated Random Forest Bidirectional Long Short-Term Memory (FRF-BiLSTM) for detecting DDoS attacks, utilizing the advanced Bidirectional Long Short-Term Memory Networks (BiLSTMs) to analyze sequences in both forward and backward directions. The outcome shows the proposed model achieves a mean accuracy of 97.1% with an average training delay of 88.7 s and testing delay of 21.4 s. The model demonstrates scalability and the best detection performance in large-scale attack scenarios.},
DOI = {10.32604/cmc.2025.072493}
}