Predicting DDoS Attacks Preventively Using Darknet Time-Series Dataset


  • Swati Patel Research Scholar, Birkbeck University of London, Malet Street, WC1E 7HX, London, United Kingdom
  • Pooja Patil Automation Developer, Credit Acceptance, Southfield, MI 48034, Michigan, United States


Distributed Denial of Service, Long Short Term Memory, Weka, Information Gain


The cyber crimes in today’s world have been a major concern for network administrators. The number of DDoS attacks in the last few decades is increasing at the fastest pace. Hackers are attacking the network, small or large with this common attacks named as DDoS. The consequences of this attack are worse as it disrupts the service provider’s trust among its customers. This article employs machine learning methods to estimate short-term consequences on the number and dimension of hosts that an assault may target. KDD Cup 99, CIC IDS 2017 and CIC Darknet 2020 datasets are used for building a prediction model. The feature selection for prediction is based on KDD Cup 99 and CIC IDS 2017 dataset; CIC Darknet 2020 dataset is used for prediction of impact of DDoS attack by employing LSTM (Long Short Term Memory) algorithm. This model can help network administrators to identify and preventively predict the attacks within five minutes of the commencement of the potential attack.


M. Mohammadi et al., “A comprehensive survey and taxonomy of the SVM-based intrusion detection systems,” 2021 Journal of Network and Computer Applications, vol. 178, pp. 1-24, 2021.

T. Thomas et al., “Machine learning and cybersecurity, in: Machine Learning

Approaches in Cyber Security Analytics,” Springer Singapore, pp. 37–47, Dec. 2019.

J. Tidy. “Ukraine cyber-attack: Government and embassy websites targeted.” [Nov. 09, 2022].

NCSC.GOV.UK. “UK government assess Russian involvement in DDoS attacks on Ukraine.”, Feb 2022 [Nov. 09, 2022].

J. Kponyo et al., “Lightweight and host-based denial of service (DoS) detection and defense mechanism forresource-constrained IoT devices,” Internet of Things, vol. 12, 2020.

J. Singh and S. Behal, “Detection and mitigation of DDoS attacks in SDN: A comprehensive review, research challenges and future directions,” Comp. Sci. Rev, vol. 37, 2020.

Y. Liu, C. Wu, Y. Wang, and X. Chen, “An improved deep learning model for DDoS attack detection using CIC darknet dataset,” in 2021 IEEE International Conference on Internet of Things and Intelligence System (IoTaIS), pp. 465-469, 2021.

A. Ali, I. Ahmed, H. Tariq, and N. Nadeem, “A machine learning-based detection approach for DDoS attacks using CIC Darknet dataset,” in 2021 IEEE 16th International Conference on Computer Science & Education (ICCSE), pp. 549-554, 2021.

M. Javed, F. Ahmad, and M. Usman, “A hybrid machine learning approach for detection and mitigation of DDoS attacks using CIC Darknet dataset,” in 2021 3rd International Conference on Innovative Computing and Cutting-edge Technologies (ICICCT), pp. 177-181, 2021.

A. Ghaffar, M. Imran, and M. Khalid, “Anomaly detection using ensemble learning and deep neural networks for DDoS attack detection on CIC Darknet dataset,” in 2021 IEEE International Conference on Artificial Intelligence and Computer Applications (ICAICA), pp. 62-66, 2021.

R. Alshammari, H. Al-Frajat, & M. Al-Fayyadh, “Hybrid SVM and random forest approach for DDoS attack detection,” Journal of Ambient Intelligence and Humanized Computing, 10(3), pp. 1003-1012, 2019.

A. Sharma, & D. P. Mohapatra, “Predicting DDoS attacks using deep neural network,” Journal of Network and Computer Applications, vol. 116, pp. 1-10, 2018.

M. Goyal, R. Singh, & D. Singh, “Machine learning-based hybrid approach for DDoS attack detection,” Cluster Computing, 22(4), pp. 9461-9474, 2019.

M. T. Khan, S. W. Kim, S. Hussain, J. H. Park, “Machine learning-based DDoS attack detection using network traffic features,” IEEE Access, 8, pp. 107124-107136, 2020.

Rajawat, S., Kumar, S., & Singh, K. (2022). Dark Web Structural Patterns Mining Using Neural Networks and S3VM for Criminal Network Activity Prediction. Journal of Network and Computer Applications, 2022, 107906.

Abu Al-Haija, Q., Al-Qadi, M., Al-Ma’aitah, A., & Al-Omari, A. (2022). Darknet Traffic Detection Using Random Forest Method. Journal of Information Security and Applications, 2022, 107996.

Habibi Lashkari, A., Dehghantanha, A., Parizi, R. M., & Choo, K. K. R. (2020). Investigating Tor and VPN Traffic Classification with Convolutional Neural Networks. IEEE Access, 8, 23490-23503.

Sarwar, S., Nazir, M., Siddique, M. A., Ahmad, I., & Kwak, K. S. (2021). Detection of Malicious Traffic on the TOR Network using Deep Learning Techniques. Information Sciences, 2021, 112956.

Iliadis, J., & Kaifas, T. (2021). A Comparative Study of Machine Learning Techniques for Darknet Traffic Classification. IEEE Access, 9, 124430-124445.

Demertzis, K., Bountris, P., & Tziritas, G. (2021). Agnostic Neural Networks: Towards Automatic Model Selection for Traffic Classification. Computer Networks, 2021, 108308.

Sarkar, S., Das, B., & Roy, S. (2020). Distinguishing Tor Traffic from Other Traffic using Deep Neural Networks. Journal of Cybersecurity, 2020, 6(1), tyaa002.

Hu, X., Xu, J., Zhang, Y., & Wu, H. (2020). Darknet Traffic Classification Based on Multi-Source Data Fusion and Deep Learning. Journal of Ambient Intelligence and Humanized Computing, 2020, 1-17.

Niranjana, S., Selvakanmani, S., & Ramesh, S. (2020). A review on data formats for darknet traffic analysis. Journal of Ambient Intelligence and Humanized Computing, 11(10), 4271-4286.

Ozawa, S., Satoh, T., & Kitagawa, H. (2020). Detecting cyberattacks from large-scale darknet traffic using association rule learning. Computers & Security, 97, 101921.

Škrjanc, I., Pernek, I., & Šarac, Z. (2017). Large-scale cyber-attack monitoring using Cauchy possibility clustering. Applied Soft Computing, 52, 474-483.

Cviti?, I., Stipan?i?, M., & Pe?ari?, M. (2021). Anomaly detection in network traffic using machine learning techniques. Computer Networks, 197, 108054.

Mishra, R., Kumar, A., & Tiwari, A. (2021). Detection of DDoS attack using deep learning and machine learning techniques: A survey. Computers & Electrical Engineering, 88, 107024.

Balkanli, B., Kocak, M. N., & Sen, S. (2015). Detecting backscatter DDoS attacks: A decision-tree-based approach. IEEE Transactions on Parallel and Distributed Systems, 26(3), 721-732.

Ali, M. A., Erbad, A., Yaqoob, I., & Ahmed, A. (2016). DDoS detection system using deep neural networks. In 2016 IEEE Trustcom/BigDataSE/ISPA (pp. 760-767). IEEE.

Furutani, T., Ikuse, D., & Kinoshita, T. (2014). DDoS attack detection by SVM-based classification of backscatter traffic. In 2014 International Conference on Advanced Information Networking and Applications Workshops (pp. 408-413). IEEE.

Kumar, N., Nandanwar, Y. S., & Rangarajan, K. (2019). A machine learning framework for identifying threats in network traffic. Computers & Security, 86, 144-157.

I. Sharafaldin, et al., “Developing Realistic Distributed Denial of Service (DDoS) Attack Dataset and Taxonomy,” IEEE 53rd International Carnahan Conference on Security Technology, Chennai, India, 2019.

J. Read et al.,“Classifier chains for multi-label classification,” Machine Learning, vol. 85, no. 3, pp.333-359, 2011.




How to Cite

Patel, S., & Patil, P. (2023). Predicting DDoS Attacks Preventively Using Darknet Time-Series Dataset. International Journal of Computer (IJC), 47(1), 92–102. Retrieved from