Volume 17, Number 4

Forecasting Future DDoS Attacks using Long Short Term Memory (LSTM) Model

  Authors

Kong Mun Yeen ¹, Rafidah Md Noor ¹, Wahidah Md Shah ², Aslinda Hassan ² and Muhammad Umair Munir ¹, ¹ Universiti Malaya, Malaysia, ² Universiti Teknikal Malaysia Melaka (UTeM), Malaysia

  Abstract

This paper forecasts future Distributed Denial-of-Service (DDoS) attacks using deep learning models. Although several studies address forecasting DDoS attacks, they remain relatively limited compared to detection-focused research. By studying the current trends and forecasting based on newer and updated datasets, mitigation plans against the attacks can be planned and formulated. The methodology used in this research work conforms to the Cross Industry Standard Process for Data Mining (CRISP-DM) model. Leveraging cyberattack data from the COVID-19 period (2019–2020), sourced from Digital Attack Map and compiled by Arbor Networks, the study aims to identify recent attack trends and forecast future activity to support proactive mitigation strategies. The dataset was examined using statistical analysis techniques to identify prevailing patterns, with emphasis on the frequency of attacks, the duration of attack instances, and the maximum throughput recorded during each incident. Compared to other deep learning models, the LSTM model is proposed for its ability to learn long-term temporal patterns in evolving DDoS traffic. The performance of LSTM model was evaluated using Mean Squared Error (MSE) under varying neuron counts and window sizes. While the model demonstrated limited predictive accuracy in terms of absolute values, the visual comparison between the predicted and actual data using line charts revealed close alignment in trend patterns. This suggests that the model captures the underlying temporal dynamics of the data, thereby providing a promising foundation for future model optimization and performance enhancement.

  Keywords

DDoS Attack, COVID-19 Cyberattack, Deep Learning, LSTM