Enhancing Network Security: A Hybrid Approach for Detection and Mitigation of Distributed Denial-of-Service Attacks Using Machine Learning Nizo Jaman Shohan (B) , Gazi Tanbhir , Faria Elahi, Ahsan Ullah, and Md. Nazmus Sakib Department of Computer Science and Engineering, World University of Bangladesh, Dhaka, Bangladesh nizojamanshohan@gmail.com, gazitanbhir@gmail.com, fariae2019@gmail.com {ahsan.ullah,nazmus.sakib}@cse.wub.edu.bd Abstract. The distributed denial-of-service (DDoS) attack stands out as a highly formidable cyber threat, representing an advanced form of the denial-of-service (DoS) attack. A DDoS attack involves multiple com- puters working together to overwhelm a system, making it unavailable. On the other hand, a DoS attack is a one-on-one attempt to make a system or website inaccessible. Thus, it is crucial to construct an effec- tive model for identifying various DDoS incidents. Although extensive research has focused on binary detection models for DDoS identifica- tion, they face challenges to adapt evolving threats, necessitating fre- quent updates. Whereas multiclass detection models offer a compre- hensive defense against diverse DDoS attacks, ensuring adaptability in the ever-changing cyber threat landscape. In this paper, we propose a Hybrid Model to strengthen network security by combining the feature- extraction abilities of 1D Convolutional Neural Networks (CNNs) with the classification skills of Random Forest (RF) and Multi-layer Percep- tron (MLP) classifiers. Using the CIC-DDoS2019 dataset, we perform multiclass classification of various DDoS attacks and conduct a com- parative analysis of evaluation metrics for RF, MLP, and our proposed Hybrid Model. After analyzing the results, we draw meaningful conclu- sions and confirm the superiority of our Hybrid Model by performing thorough cross-validation. Additionally, we integrate our machine learn- ing model with Snort, which provides a robust and adaptive solution for detecting and mitigating various DDoS attacks. Keywords: Distributed Denial-of-Service (DDoS) · Machine Learning (ML) · Convolutional Neural Networks (CNNs) · Random Forest (RF) · Multi-layer Perceptron (MLP) · Hybrid Model · Intrusion Detection and Prevention System (IDPS) · Snort c  The Author(s), under exclusive license to Springer Nature Switzerland AG 2024 A. Verma et al. (Eds.): ANTIC 2023, CCIS 2091, pp. 81–95, 2024. https://doi.org/10.1007/978-3-031-64064-3_7