Journal of Advances in Mathematics and Computer Science

Distributed Denial-of-Service (DDoS) attacks continue to pose a significant threat to digital infrastructures, often resulting in degraded service availability and financial losses. Traditional detection systems, which rely on static rule sets, struggle to adapt evolving traffic patterns, resulting in increased false positives and undetected attacks. This paper presents a real-time, machine learning-based framework detecting and mitigating DDoS attacks. The framework incorporates supervised learning algorithms, including Random Forest, XGBoost, and Multi-Layer Perceptron (MLP), trained on the CIC-DDoS2019 dataset using carefully selected network traffic features to enhance detection accuracy. The system architecture integrates Scapy for traffic capture, Apache Kafka for message queuing, and Flask with Plotly for dynamic monitoring. Evaluation results demonstrate superior performance compared to legacy methods across precision, recall, F1-score, false positive rate (FPR), and false negative rate (FNR). Additionally, adaptive models such as Passive-Aggressive and Stochastic Gradient Descent (SGD) enhance robustness against evolving attack vectors. The proposed solution delivers an effective and scalable real-time Defense mechanism suitable for banking, cloud, and enterprise systems. However, the system’s performance remains influenced by the characteristics of the training dataset and may introduce computational overhead during high-throughput traffic analysis. Future work will focus on enhancing computational efficiency and responsiveness to rare or emerging DDoS patterns.