Volume 8, Issue 5, May 2023 International Journal of Innovative Science and Research Technology ISSN No:-2456-2165 IJISRT23MAY1447 www.ijisrt.com 1821 Leveraging Machine Learning and Deep Learning Technologies for Predicting Distributed Denial of Service Attacks: A Systematic Review Analysis Jean Paul NDAYIZIGIYE Student at UDOM, Master in IT Department of Information and Systems Technology, University of Dodoma(UDOM), Tanzania Dr. Mohamedi Mjahidi, Dr. Gilbert Gilbert Lecturer, College of Information and Virtual Education (CIVE), UDOM Abstract:- Technologies, especially Fourth Industrial Revolution Technologies (4thIRTs) like Big Data Analytics (BDA), Artificial Intelligence (AI), and Cloud Computing (CC), among others, have led to exponential growth in intrusions and assaults across Internet-based technologies. One of the fatal dangers rising is the distributed denial of service (DDoS) assault that may shut down Internet-based systems and applications in no time. The attackers are changing their skills frequently and consequently avoiding the existing detection mechanisms. Since the number of files created and stored has expanded manifolds, the standard detection systems are not suited for identifying modern DDoS attacks. With the emergence of network-based computing technologies like cloud computing, fog computing, and IoT (Internet of Things), the context of digitizing confidential data over the network is being adopted by various organizations where the security of that sensitive data is considered a major concern. Over the past decade, there has been massive growth in the usage of the internet, along with technological advancements that demand the development of efficient security algorithms that can withstand various patterns of security breaches. The work systematically evaluates the prominent literature, specifically in deep learning, to identify DDoS using machine learning techniques. Keywords:- DDoS Attack, Machine Learning, Deep Learning,VolumetricAttacks, Network Intrusion Detection System, PICO, PRISMA, SLRA. I. INTRODUCTION A distributed denial of service (DDoS) assault sends floods of attack packets to the target resources, rendering them inaccessible to normal users on the network and the victim host (Vishwakarma & Jain, 2020). A DoS attack radiates from a single source and floods resources that serve genuine traffic (Vishwakarma & Jain, 2020; Mirkovic & Reiher, 2004). Currently, one of the most prevalent network assaults is distributed denial-of-service. The damage caused by a DDoS assault is getting worse as computer and communication technology advance so quickly. Therefore, it is more crucial than ever to research DDoS attack detection (Umarani & Sharmila, 2015). DDOS is a server attack where the main goal is to deny authorized users access to the source. In this case, it completely disables one user source. Multiple digital devices which are connected are more vulnerable Hackers may also aim for personal information and data that protects them from unauthorized additions (Kitchenham & Brereton, 2013). Nowadays some related research has been conducted and certain advancements have been made. However, there is yet no detection system with a detection accuracy that is sufficient, due to the diversity of DDoS attack tactics and the fluctuating amount of attack traffic. Now a days with the advent of 4G, and 5G networks and economic smart devices there is a massive growth in the usage of the internet that has become a part of daily life. A vast range of services provided over the internet in diverse application areas such as business, entertainment, education, etc. made it a vital component in framing various business models. This context made security over wireless networks the most important factor while using the internet from unsecured connections (Siddiqui et al., 2021; Umarani & Sharmila, 2015). Different security algorithms and frameworks are developed to enable protection from Internet-based attacks while devising high-performance IDS (Intrusion detection systems) which act as a defensive wall while confronting the attacks over internet-based devices. Distributed architecture-based computing environments like cloud computing and IoT are more prone to DDoS attacks in which multiple devices are coordinated to launch attacks over distributed targets. DDOS attacks are primarily launched in the context of exhausting the connectivity and the processing of the target server resources which enables access constraints for legitimate users to utilize the services provided by the target server which leads to the partial unavailability or total unavailability of the services. The phenomenon of distributed computing is based on the one-to-many dimension in which these types of attacks may cause a possible amount of damage to the server resources (Lam et al., 2006). It is observed from the previous research studies that the damage capacity, as well as the disrupting nature of the DDoS attacks, is gradually increased with the rate of internet usage. As an outcome of several research studies, there are several statistical mechanisms to detect intrusions in the network traffic by