Multischeme feedforward artificial neural network architecture for DDoS attack detection

Arif Wirawan Muhammad, Cik Feresa Mohd Foozy, Kamaruddin Malik


Distributed denial of service attack classified as a structured attack to deplete server, sourced from various bot computers to form a massive data flow. Distributed denial of service (DDoS) data flows behave as regular data packet flows, so it is challenging to distinguish between the two. Data packet classification to detect DDoS attacks is one solution to prevent DDoS attacks and to maintain server resources maintained. The machine learning method especially artificial neural network (ANN), is one of the effective ways to detect the flow of data packets in a computer network. Based on the research that has carried out, it concluded that ANN with hidden layer architecture that contains neuron twice as neuron on the input layer (2n) produces a stable detection accuracy value on Quasi-Newton, Scaled-Conjugate and Resilient-Propagation training functions. Based on the studies conducted, it concluded that ANN Architecture sufficiently affected the Scaled-Conjugate and Resilient-Propagation training functions, otherwise the Quasi-Newton training function. The best detection accuracy achieved from the experiment is 99.60%, 1.000 recall, 0.988 precision, and 0.993 f-measure using the Quasi-Newton training function with 6-(12)-2 neural network architecture.


Architecture; Detection; Distributed denial of service; Multischeme; Neural network


  • There are currently no refbacks.

Bulletin of EEI Stats