DDoSBERT: Fine-tuning variant text classification bidirectional encoder representations from transformers for DDoS detection

The imperative for robust detection mechanisms has grown in the face of increasingly sophisticated Distributed Denial of Service (DDoS) attacks. This paper introduces DDoSBERT, an innovative approach harnessing transformer text classification for DDoS detection. The methodology conducts a detailed exploration of feature selection methods, emphasizing the selection of critical techniques, including Correlation, Mutual Information, and Univariate Feature Selection. Motivated by the dynamic landscape of DDoS attacks, DDoSBERT confronts contemporary challenges such as binary and multi-attack classification and imbalance attack classification. The methodology delves into diverse text transformation techniques for feature selection and employs three transformer classification models: distilbert-base-uncased, prunebert-base-uncased-6-finepruned-w-distilmnli, and distilbert-base-uncased-finetuned-sst-2-english. Additionally, the paper outlines a comprehensive framework for assessing the importance of features in the context of five DDoS datasets, comprised of APA-DDoS, CRCDDoS2022, DDoS Attack SDN, CIC-DDoS-2019, and BCCC-cPacket-Cloud-DDoS-2024 datasets. The experimental results, rigorously evaluated against relevant benchmarks, affirm the efficacy of DDoSBERT, underscoring its significance in enhancing the resilience of systems against text-based transformation DDoS attacks. The discussion section interprets the results, highlights the implications of the findings, and acknowledges limitations while suggesting avenues for future research.