TY - EJOU AU - Mishra, Sushruta AU - Mohapatra, Sunil Kumar AU - Sahoo, Kshira Sagar AU - Nayyar, Anand AU - Kim, Tae-Kyung TI - FRF-BiLSTM: Recognising and Mitigating DDoS Attacks through a Secure Decentralized Feature Optimized Federated Learning Approach T2 - Computers, Materials \& Continua PY - 2026 VL - 86 IS - 3 SN - 1546-2226 AB - With an increase in internet-connected devices and a dependency on online services, the threat of Distributed Denial of Service (DDoS) attacks has become a significant concern in cybersecurity. The proposed system follows a multi-step process, beginning with the collection of datasets from different edge devices and network nodes. To verify its effectiveness, experiments were conducted using the CICDoS2017, NSL-KDD, and CICIDS benchmark datasets alongside other existing models. Recursive feature elimination (RFE) with random forest is used to select features from the CICDDoS2019 dataset, on which a BiLSTM model is trained on local nodes. Local models are trained until convergence or stability criteria are met while simultaneously sharing the updates globally for collaborative learning. A centralised server evaluates real-time traffic using the global BiLSTM model, which triggers alerts for potential DDoS attacks. Furthermore, blockchain technology is employed to secure model updates and to provide an immutable audit trail, thereby ensuring trust and accountability among network nodes. This research introduces a novel decentralized method called Federated Random Forest Bidirectional Long Short-Term Memory (FRF-BiLSTM) for detecting DDoS attacks, utilizing the advanced Bidirectional Long Short-Term Memory Networks (BiLSTMs) to analyze sequences in both forward and backward directions. The outcome shows the proposed model achieves a mean accuracy of 97.1% with an average training delay of 88.7 s and testing delay of 21.4 s. The model demonstrates scalability and the best detection performance in large-scale attack scenarios. KW - Bi-directional long short-term memory network; distributed denial of service (DDoS); cybersecurity; federated learning; random forest DO - 10.32604/cmc.2025.072493