{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,14]],"date-time":"2026-05-14T02:42:36Z","timestamp":1778726556712,"version":"3.51.4"},"reference-count":35,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2025,1,28]],"date-time":"2025-01-28T00:00:00Z","timestamp":1738022400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,28]],"date-time":"2025-01-28T00:00:00Z","timestamp":1738022400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cluster Comput"],"published-print":{"date-parts":[[2025,6]]},"DOI":"10.1007\/s10586-024-04849-x","type":"journal-article","created":{"date-parts":[[2025,1,28]],"date-time":"2025-01-28T16:15:22Z","timestamp":1738080922000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":12,"title":["Proactive DDoS detection: integrating packet marking, traffic analysis, and machine learning for enhanced network security"],"prefix":"10.1007","volume":"28","author":[{"given":"Subbulakshmi","family":"Pasupathi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Raushan","family":"Kumar","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"L K","family":"Pavithra","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,1,28]]},"reference":[{"key":"4849_CR1","unstructured":"StormWall DDoS Protection and Mitigation|Anti-DDoS service. StormWall. Accessed 04 Mar 2024 [Online]. https:\/\/stormwall.network\/"},{"key":"4849_CR2","doi-asserted-by":"publisher","first-page":"38351","DOI":"10.1109\/ACCESS.2024.3375395","volume":"12","author":"H Wang","year":"2024","unstructured":"Wang, H., Li, Y.: Overview of DDoS attack detection in software-defined networks. IEEE Access 12, 38351\u201338381 (2024). https:\/\/doi.org\/10.1109\/ACCESS.2024.3375395","journal-title":"IEEE Access"},{"key":"4849_CR3","doi-asserted-by":"publisher","first-page":"17982","DOI":"10.1109\/ACCESS.2024.3360868","volume":"12","author":"NS Musa","year":"2024","unstructured":"Musa, N.S., Mirza, N.M., Rafique, S.H., Abdallah, A.M., Murugan, T.: Machine learning and deep learning techniques for distributed denial of service anomaly detection in software defined networks\u2014current research solutions. IEEE Access 12, 17982\u201318011 (2024). https:\/\/doi.org\/10.1109\/ACCESS.2024.3360868","journal-title":"IEEE Access"},{"issue":"1","key":"4849_CR4","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1186\/1687-417X-2013-5","volume":"2013","author":"V Aghaei-Foroushani","year":"2013","unstructured":"Aghaei-Foroushani, V., Zincir-Heywood, A.N.: IP traceback through (authenticated) deterministic flow marking: an empirical evaluation. EURASIP J. Inf. Secur. 2013(1), 5 (2013). https:\/\/doi.org\/10.1186\/1687-417X-2013-5","journal-title":"EURASIP J. Inf. Secur."},{"key":"4849_CR5","doi-asserted-by":"publisher","first-page":"2524","DOI":"10.1109\/TIFS.2021.3054522","volume":"16","author":"R Biswas","year":"2021","unstructured":"Biswas, R., Kim, S., Wu, J.: Sampling rate distribution for flow monitoring and DDoS detection in datacenter. IEEE Trans. Inf. Forens. Secur. 16, 2524\u20132534 (2021). https:\/\/doi.org\/10.1109\/TIFS.2021.3054522","journal-title":"IEEE Trans. Inf. Forens. Secur."},{"issue":"5","key":"4849_CR6","doi-asserted-by":"publisher","first-page":"577","DOI":"10.1109\/TPDS.2007.1014","volume":"18","author":"R Chen","year":"2007","unstructured":"Chen, R., Park, J.-M., Marchany, R.: A divide-and-conquer strategy for thwarting distributed denial-of-service attacks. IEEE Trans. Parallel Distrib. Syst. 18(5), 577\u2013588 (2007). https:\/\/doi.org\/10.1109\/TPDS.2007.1014","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"issue":"9","key":"4849_CR7","doi-asserted-by":"publisher","first-page":"799","DOI":"10.1109\/TPDS.2005.114","volume":"16","author":"TKT Law","year":"2005","unstructured":"Law, T.K.T., Lui, J.C.S., Yau, D.K.Y.: You can run, but you can\u2019t hide: an effective statistical methodology to trace back DDoS attackers. IEEE Trans. Parallel Distrib. Syst. 16(9), 799\u2013813 (2005). https:\/\/doi.org\/10.1109\/TPDS.2005.114","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"issue":"3","key":"4849_CR8","doi-asserted-by":"publisher","first-page":"204","DOI":"10.1109\/LCOMM.2006.1603385","volume":"10","author":"Guang Jin","year":"2006","unstructured":"Jin, Guang, Yang, Jiangang: Deterministic packet marking based on redundant decomposition for IP traceback. IEEE Commun. Lett. 10(3), 204\u2013206 (2006). https:\/\/doi.org\/10.1109\/LCOMM.2006.1603385","journal-title":"IEEE Commun. Lett."},{"issue":"9","key":"4849_CR9","doi-asserted-by":"publisher","first-page":"861","DOI":"10.1109\/TPDS.2003.1233709","volume":"14","author":"Minho Sung","year":"2003","unstructured":"Sung, Minho, Jun, Xu.: IP traceback-based intelligent packet filtering: a novel technique for defending against internet DDoS attacks. IEEE Trans. Parallel Distrib. Syst. 14(9), 861\u2013872 (2003). https:\/\/doi.org\/10.1109\/TPDS.2003.1233709","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"issue":"5","key":"4849_CR10","doi-asserted-by":"publisher","first-page":"1418","DOI":"10.1109\/TC.2015.2439287","volume":"65","author":"S Yu","year":"2016","unstructured":"Yu, S., Zhou, W., Guo, S., Guo, M.: A feasible IP traceback framework through dynamic deterministic packet marking. IEEE Trans. Comput. 65(5), 1418\u20131427 (2016). https:\/\/doi.org\/10.1109\/TC.2015.2439287","journal-title":"IEEE Trans. Comput."},{"issue":"4","key":"4849_CR11","doi-asserted-by":"publisher","first-page":"567","DOI":"10.1109\/TPDS.2008.132","volume":"20","author":"Yang Xiang","year":"2009","unstructured":"Xiang, Yang, Zhou, Wanlei, Guo, Minyi: Flexible deterministic packet marking: an IP traceback system to find the real source of attacks. IEEE Trans. Parallel Distrib. Syst. 20(4), 567\u2013580 (2009). https:\/\/doi.org\/10.1109\/TPDS.2008.132","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"issue":"2","key":"4849_CR12","doi-asserted-by":"publisher","first-page":"789","DOI":"10.1109\/TIFS.2011.2169960","volume":"7","author":"M-H Yang","year":"2012","unstructured":"Yang, M.-H., Yang, M.-C.: RIHT: a novel hybrid IP traceback scheme. IEEE Trans. Inf. Forens. Secur. 7(2), 789\u2013797 (2012). https:\/\/doi.org\/10.1109\/TIFS.2011.2169960","journal-title":"IEEE Trans. Inf. Forens. Secur."},{"issue":"10","key":"4849_CR13","doi-asserted-by":"publisher","first-page":"1853","DOI":"10.1109\/JSAC.2006.877138","volume":"24","author":"A Yaar","year":"2006","unstructured":"Yaar, A., Perrig, A., Song, D.: StackPi: new packet marking and filtering mechanisms for DDoS and IP spoofing defense. IEEE J. Sel. Areas Commun. 24(10), 1853\u20131863 (2006). https:\/\/doi.org\/10.1109\/JSAC.2006.877138","journal-title":"IEEE J. Sel. Areas Commun."},{"key":"4849_CR14","doi-asserted-by":"publisher","first-page":"116358","DOI":"10.1109\/ACCESS.2019.2924633","volume":"7","author":"LA Trejo","year":"2019","unstructured":"Trejo, L.A., Ferman, V., Medina-Perez, M.A., ArredondoGiacinti, F.M., Monroy, R., Ramirez-Marquez, J.E.: DNS-ADVP: a machine learning anomaly detection and visual platform to protect top-level domain name servers against DDoS Attacks. IEEE Access 7, 116358\u2013116369 (2019). https:\/\/doi.org\/10.1109\/ACCESS.2019.2924633","journal-title":"IEEE Access"},{"key":"4849_CR15","doi-asserted-by":"publisher","first-page":"28934","DOI":"10.1109\/ACCESS.2023.3260256","volume":"11","author":"WI Khedr","year":"2023","unstructured":"Khedr, W.I., Gouda, A.E., Mohamed, E.R.: FMDADM: a multi-layer DDoS attack detection and mitigation framework using machine learning for stateful SDN-based IoT networks. IEEE Access 11, 28934\u201328954 (2023). https:\/\/doi.org\/10.1109\/ACCESS.2023.3260256","journal-title":"IEEE Access"},{"key":"4849_CR16","doi-asserted-by":"publisher","first-page":"119862","DOI":"10.1109\/ACCESS.2023.3327620","volume":"11","author":"A Ahmim","year":"2023","unstructured":"Ahmim, A., Maazouzi, F., Ahmim, M., Namane, S., Dhaou, I.B.: Distributed denial of service attack detection for the internet of things using hybrid deep learning model. IEEE Access 11, 119862\u2013119875 (2023). https:\/\/doi.org\/10.1109\/ACCESS.2023.3327620","journal-title":"IEEE Access"},{"key":"4849_CR17","doi-asserted-by":"publisher","first-page":"5039","DOI":"10.1109\/ACCESS.2019.2963077","volume":"8","author":"S Dong","year":"2020","unstructured":"Dong, S., Sarem, M.: DDoS attack detection method based on improved KNN with the degree of DDoS attack in software-defined networks. IEEE Access 8, 5039\u20135048 (2020). https:\/\/doi.org\/10.1109\/ACCESS.2019.2963077","journal-title":"IEEE Access"},{"key":"4849_CR18","doi-asserted-by":"publisher","first-page":"49794","DOI":"10.1109\/ACCESS.2022.3173319","volume":"10","author":"J Halladay","year":"2022","unstructured":"Halladay, J., et al.: Detection and characterization of DDoS attacks using time-based features. IEEE Access 10, 49794\u201349807 (2022). https:\/\/doi.org\/10.1109\/ACCESS.2022.3173319","journal-title":"IEEE Access"},{"key":"4849_CR19","doi-asserted-by":"publisher","first-page":"122495","DOI":"10.1109\/ACCESS.2021.3109490","volume":"9","author":"AO Sangodoyin","year":"2021","unstructured":"Sangodoyin, A.O., Akinsolu, M.O., Pillai, P., Grout, V.: Detection and classification of DDoS flooding attacks on software-defined networks: a case study for the application of machine learning. IEEE Access 9, 122495\u2013122508 (2021). https:\/\/doi.org\/10.1109\/ACCESS.2021.3109490","journal-title":"IEEE Access"},{"key":"4849_CR20","doi-asserted-by":"publisher","first-page":"42236","DOI":"10.1109\/ACCESS.2021.3062909","volume":"9","author":"A Aljuhani","year":"2021","unstructured":"Aljuhani, A.: Machine learning approaches for combating distributed denial of service attacks in modern networking environments. IEEE Access 9, 42236\u201342264 (2021). https:\/\/doi.org\/10.1109\/ACCESS.2021.3062909","journal-title":"IEEE Access"},{"key":"4849_CR21","doi-asserted-by":"publisher","first-page":"154864","DOI":"10.1109\/ACCESS.2021.3128701","volume":"9","author":"AA Elsaeidy","year":"2021","unstructured":"Elsaeidy, A.A., Jamalipour, A., Munasinghe, K.S.: A hybrid deep learning approach for replay and DDoS attack detection in a smart city. IEEE Access 9, 154864\u2013154875 (2021). https:\/\/doi.org\/10.1109\/ACCESS.2021.3128701","journal-title":"IEEE Access"},{"key":"4849_CR22","doi-asserted-by":"publisher","first-page":"163412","DOI":"10.1109\/ACCESS.2021.3131014","volume":"9","author":"F Hussain","year":"2021","unstructured":"Hussain, F., et al.: A two-fold machine learning approach to prevent and detect IoT botnet attacks. IEEE Access 9, 163412\u2013163430 (2021). https:\/\/doi.org\/10.1109\/ACCESS.2021.3131014","journal-title":"IEEE Access"},{"issue":"10","key":"4849_CR23","doi-asserted-by":"publisher","first-page":"8658","DOI":"10.1109\/JIOT.2023.3245153","volume":"10","author":"MM Kamaldeep","year":"2023","unstructured":"Kamaldeep, M.M., Dutta, M.: Feature engineering and machine learning framework for DDoS attack detection in the standardized internet of things. IEEE Internet Things J. 10(10), 8658\u20138669 (2023). https:\/\/doi.org\/10.1109\/JIOT.2023.3245153","journal-title":"IEEE Internet Things J."},{"key":"4849_CR24","doi-asserted-by":"publisher","first-page":"21443","DOI":"10.1109\/ACCESS.2022.3152577","volume":"10","author":"Ismail","year":"2022","unstructured":"Ismail, et al.: A machine learning-based classification and prediction technique for DDoS attacks. IEEE Access 10, 21443\u201321454 (2022). https:\/\/doi.org\/10.1109\/ACCESS.2022.3152577","journal-title":"IEEE Access"},{"key":"4849_CR25","doi-asserted-by":"publisher","first-page":"155859","DOI":"10.1109\/ACCESS.2020.3019330","volume":"8","author":"JA Perez-Diaz","year":"2020","unstructured":"Perez-Diaz, J.A., Valdovinos, I.A., Choo, K.-K.R., Zhu, D.: A flexible SDN-based architecture for identifying and mitigating low-rate DDoS attacks using machine learning. IEEE Access 8, 155859\u2013155872 (2020). https:\/\/doi.org\/10.1109\/ACCESS.2020.3019330","journal-title":"IEEE Access"},{"key":"4849_CR26","doi-asserted-by":"publisher","first-page":"51810","DOI":"10.1109\/ACCESS.2023.3280122","volume":"11","author":"D Mohammed Sharif","year":"2023","unstructured":"Mohammed Sharif, D., Beitollahi, H., Fazeli, M.: Detection of application-layer DDoS attacks produced by various freely accessible toolkits using machine learning. IEEE Access 11, 51810\u201351819 (2023). https:\/\/doi.org\/10.1109\/ACCESS.2023.3280122","journal-title":"IEEE Access"},{"issue":"1","key":"4849_CR27","doi-asserted-by":"publisher","first-page":"1878","DOI":"10.1186\/s40064-016-3569-3","volume":"5","author":"JW Seo","year":"2016","unstructured":"Seo, J.W., Lee, S.J.: A study on efficient detection of network-based IP spoofing DDoS and malware-infected Systems. SpringerPlus 5(1), 1878 (2016). https:\/\/doi.org\/10.1186\/s40064-016-3569-3","journal-title":"SpringerPlus"},{"issue":"1","key":"4849_CR28","doi-asserted-by":"publisher","first-page":"56","DOI":"10.1186\/s40537-022-00616-0","volume":"9","author":"K Kumari","year":"2022","unstructured":"Kumari, K., Mrunalini, M.: Detecting Denial of Service attacks using machine learning algorithms. J. Big Data 9(1), 56 (2022). https:\/\/doi.org\/10.1186\/s40537-022-00616-0","journal-title":"J. Big Data"},{"issue":"1","key":"4849_CR29","doi-asserted-by":"publisher","first-page":"249","DOI":"10.1186\/s13638-018-1267-2","volume":"2018","author":"X An","year":"2018","unstructured":"An, X., Su, J., L\u00fc, X., Lin, F.: Hypergraph clustering model-based association analysis of DDOS attacks in fog computing intrusion detection system. EURASIP J. Wirel. Commun. Netw. 2018(1), 249 (2018). https:\/\/doi.org\/10.1186\/s13638-018-1267-2","journal-title":"EURASIP J. Wirel. Commun. Netw."},{"issue":"1","key":"4849_CR30","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1186\/1687-1499-2011-50","volume":"2011","author":"S Lee","year":"2011","unstructured":"Lee, S., Kim, G., Kim, S.: Sequence-order-independent network profiling for detecting application layer DDoS attacks. EURASIP J. Wirel. Commun. Netw. 2011(1), 50 (2011). https:\/\/doi.org\/10.1186\/1687-1499-2011-50","journal-title":"EURASIP J. Wirel. Commun. Netw."},{"issue":"1","key":"4849_CR31","doi-asserted-by":"publisher","first-page":"9","DOI":"10.1186\/s13635-018-0079-6","volume":"2018","author":"J Gera","year":"2018","unstructured":"Gera, J., Battula, B.P.: Detection of spoofed and non-spoofed DDoS attacks and discriminating them from flash crowds. EURASIP J. Inf. Secur. 2018(1), 9 (2018). https:\/\/doi.org\/10.1186\/s13635-018-0079-6","journal-title":"EURASIP J. Inf. Secur."},{"issue":"1","key":"4849_CR32","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1186\/s42400-022-00128-7","volume":"5","author":"K Jia","year":"2022","unstructured":"Jia, K., Liu, C., Liu, Q., Wang, J., Liu, J., Liu, F.: A lightweight DDoS detection scheme under SDN context. Cybersecurity 5(1), 27 (2022). https:\/\/doi.org\/10.1186\/s42400-022-00128-7","journal-title":"Cybersecurity"},{"issue":"1","key":"4849_CR33","doi-asserted-by":"publisher","first-page":"90","DOI":"10.1186\/s13638-021-01957-9","volume":"2021","author":"S Yu","year":"2021","unstructured":"Yu, S., Zhang, J., Liu, J., Zhang, X., Li, Y., Xu, T.: A cooperative DDoS attack detection scheme based on entropy and ensemble learning in SDN. EURASIP J. Wirel. Commun. Netw. 2021(1), 90 (2021). https:\/\/doi.org\/10.1186\/s13638-021-01957-9","journal-title":"EURASIP J. Wirel. Commun. Netw."},{"issue":"1","key":"4849_CR34","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1186\/s40537-023-00692-w","volume":"10","author":"S Salmi","year":"2023","unstructured":"Salmi, S., Oughdir, L.: Performance evaluation of deep learning techniques for DoS attacks detection in wireless sensor network. J. Big Data 10(1), 17 (2023). https:\/\/doi.org\/10.1186\/s40537-023-00692-w","journal-title":"J. Big Data"},{"issue":"1","key":"4849_CR35","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1186\/s13677-022-00308-3","volume":"11","author":"Y Fu","year":"2022","unstructured":"Fu, Y., Duan, X., Wang, K., Li, B.: Low-rate Denial of Service attack detection method based on time-frequency characteristics. J. Cloud Comput. 11(1), 31 (2022). https:\/\/doi.org\/10.1186\/s13677-022-00308-3","journal-title":"J. Cloud Comput."}],"container-title":["Cluster Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-024-04849-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10586-024-04849-x\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-024-04849-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,20]],"date-time":"2025-05-20T21:53:25Z","timestamp":1747778005000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10586-024-04849-x"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,1,28]]},"references-count":35,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2025,6]]}},"alternative-id":["4849"],"URL":"https:\/\/doi.org\/10.1007\/s10586-024-04849-x","relation":{},"ISSN":["1386-7857","1573-7543"],"issn-type":[{"value":"1386-7857","type":"print"},{"value":"1573-7543","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,1,28]]},"assertion":[{"value":"9 July 2024","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"16 October 2024","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"22 October 2024","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"28 January 2025","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}],"article-number":"210"}}