{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,9]],"date-time":"2026-04-09T12:50:15Z","timestamp":1775739015074,"version":"3.50.1"},"reference-count":35,"publisher":"MDPI AG","issue":"6","license":[{"start":{"date-parts":[[2023,3,22]],"date-time":"2023-03-22T00:00:00Z","timestamp":1679443200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Shanxi Scholarship Council of China","award":["2021-038"],"award-info":[{"award-number":["2021-038"]}]},{"name":"Shanxi Scholarship Council of China","award":["20210302123130"],"award-info":[{"award-number":["20210302123130"]}]},{"name":"Applied Basic Research Project of Shanxi Province","award":["2021-038"],"award-info":[{"award-number":["2021-038"]}]},{"name":"Applied Basic Research Project of Shanxi Province","award":["20210302123130"],"award-info":[{"award-number":["20210302123130"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>Distributed Denial of Service (DDoS) attacks, advanced persistent threats, and malware actively compromise the availability and security of Internet services. Thus, this paper proposes an intelligent agent system for detecting DDoS attacks using automatic feature extraction and selection. We used dataset CICDDoS2019, a custom-generated dataset, in our experiment, and the system achieved a 99.7% improvement over state-of-the-art machine learning-based DDoS attack detection techniques. We also designed an agent-based mechanism that combines machine learning techniques and sequential feature selection in this system. The system learning phase selected the best features and reconstructed the DDoS detector agent when the system dynamically detected DDoS attack traffic. By utilizing the most recent CICDDoS2019 custom-generated dataset and automatic feature extraction and selection, our proposed method meets the current, most advanced detection accuracy while delivering faster processing than the current standard.<\/jats:p>","DOI":"10.3390\/s23063333","type":"journal-article","created":{"date-parts":[[2023,3,22]],"date-time":"2023-03-22T06:35:28Z","timestamp":1679466928000},"page":"3333","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":40,"title":["An Intelligent Agent-Based Detection System for DDoS Attacks Using Automatic Feature Extraction and Selection"],"prefix":"10.3390","volume":"23","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4206-4999","authenticated-orcid":false,"given":"Rana","family":"Abu Bakar","sequence":"first","affiliation":[{"name":"College of Data Science, Taiyuan University of Technology, Taiyuan 030024, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xin","family":"Huang","sequence":"additional","affiliation":[{"name":"College of Data Science, Taiyuan University of Technology, Taiyuan 030024, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Muhammad Saqib","family":"Javed","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Virtual University of Pakistan, Lahore 58000, Pakistan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3917-4705","authenticated-orcid":false,"given":"Shafiq","family":"Hussain","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of Sahiwal, Sahiwal 57000, Pakistan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9734-1191","authenticated-orcid":false,"given":"Muhammad Faran","family":"Majeed","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Kohsar University Murree, Murree 47150, Pakistan"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2023,3,22]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Collier, B., Thomas, D.R., Clayton, R., and Hutchings, A. (2019, January 21\u201323). Booting the Booters: Evaluating the Effects of Police Interventions in the Market for Denial-of-Service Attacks. Proceedings of the Internet Measurement Conference, Amsterdam, The Netherlands.","DOI":"10.1145\/3355369.3355592"},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"101645","DOI":"10.1016\/j.cose.2019.101645","article-title":"A Dynamic MLP-Based DDoS Attack Detection Method Using Feature Selection and Feedback","volume":"88","author":"Wang","year":"2020","journal-title":"Comput. Secur."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"e96","DOI":"10.1002\/spy2.96","article-title":"Utilization of Blockchain for Mitigating the Distributed Denial of Service Attacks","volume":"3","author":"Singh","year":"2020","journal-title":"Secur. Priv."},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Dai, T., and Shulman, H. (2021, January 6\u201310). SMap: Internet-Wide Scanning for Spoofing. Proceedings of the Annual Computer Security Applications Conference, Virtual.","DOI":"10.1145\/3485832.3485917"},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"108600","DOI":"10.1016\/j.compeleceng.2023.108600","article-title":"An Intrusion Detection Method to Detect Denial of Service Attacks Using Error-Correcting Output Codes and Adaptive Neuro-Fuzzy Inference","volume":"106","author":"Majidian","year":"2023","journal-title":"Comput. Electr. Eng."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Alduailij, M., Khan, Q.W., Tahir, M., Sardaraz, M., Alduailij, M., and Malik, F. (2022). Machine-Learning-Based DDoS Attack Detection Using Mutual Information and Random Forest Feature Importance Method. Symmetry, 14.","DOI":"10.3390\/sym14061095"},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3379499","article-title":"A Taxonomy of Supervised Learning for IDSs in SCADA Environments","volume":"53","author":"Suaboot","year":"2020","journal-title":"ACM Comput. Surv."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1016\/j.cose.2008.08.003","article-title":"Anomaly-Based Network Intrusion Detection: Techniques, Systems and Challenges","volume":"28","year":"2009","journal-title":"Comput. Secur."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"108156","DOI":"10.1016\/j.compeleceng.2022.108156","article-title":"Recurrent Deep Learning-Based Feature Fusion Ensemble Meta-Classifier Approach for Intelligent Network Intrusion Detection System","volume":"102","author":"Ravi","year":"2022","journal-title":"Comput. Electr. Eng."},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"108708","DOI":"10.1016\/j.comnet.2021.108708","article-title":"Swarm Intelligence Inspired Intrusion Detection Systems\u2014A Systematic Literature Review","volume":"205","author":"Nasir","year":"2022","journal-title":"Comput. Netw."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"e7866096","DOI":"10.1155\/2022\/7866096","article-title":"DDoS Attack Detection by Hybrid Deep Learning Methodologies","volume":"2022","author":"Xinlong","year":"2022","journal-title":"Secur. Commun. Netw."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"586","DOI":"10.1109\/TETC.2016.2606384","article-title":"A Comprehensive Study of Security of Internet-of-Things","volume":"5","author":"Mosenia","year":"2017","journal-title":"IEEE Trans. Emerg. Top. Comput."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Melo, R.V., Douglas de Macedo, D.J., Mario Dantas, A.R., and Luis de Bona, C.E. (July, January 29). A Novel Immune Detection Approach Enhanced by Attack Graph Based Correlation. Proceedings of the 2019 IEEE Symposium on Computers and Communications (ISCC), Barcelona, Spain.","DOI":"10.1109\/ISCC47284.2019.8969772"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"607","DOI":"10.1007\/s12065-019-00340-4","article-title":"A Cognitive Mechanism for Mitigating DDoS Attacks Using the Artificial Immune System in a Cloud Environment","volume":"14","author":"Prathyusha","year":"2021","journal-title":"Evol. Intell."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"3655","DOI":"10.1007\/s00521-016-2317-5","article-title":"Taxonomy of DoS and DDoS Attacks and Desirable Defense Mechanism in a Cloud Computing Environment","volume":"28","author":"Gupta","year":"2017","journal-title":"Neural Comput. Appl."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"107168","DOI":"10.1016\/j.comnet.2020.107168","article-title":"New Hybrid Method for Attack Detection Using Combination of Evolutionary Algorithms, SVM, and ANN","volume":"173","author":"Hosseini","year":"2020","journal-title":"Comput. Netw."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1142\/9789811201967_0001","article-title":"Introduction to Machine Learning","volume":"85","author":"Rokach","year":"2019","journal-title":"Ensemble Learning"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"152","DOI":"10.1016\/j.jocs.2017.03.006","article-title":"Anomaly-Based Intrusion Detection System through Feature Selection Analysis and Building Hybrid Efficient Model","volume":"25","author":"Aljawarneh","year":"2018","journal-title":"J. Comput. Sci."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"2484","DOI":"10.1002\/sec.1484","article-title":"Intrusion Detection in Mobile Ad Hoc Networks: Techniques, Systems, and Future Challenges","volume":"9","author":"Kumar","year":"2016","journal-title":"Secur. Commun. Netw."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"2471","DOI":"10.1109\/TVT.2008.2010049","article-title":"A Dynamic Anomaly Detection Scheme for AODV-Based Mobile Ad Hoc Networks","volume":"58","author":"Nakayama","year":"2009","journal-title":"IEEE Trans. Veh. Technol."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"391","DOI":"10.1007\/s10844-015-0387-y","article-title":"Machine Learning for Intrusion Detection in MANET: A State-of-the-Art Survey","volume":"46","author":"Nishani","year":"2016","journal-title":"J. Intell. Inf. Syst."},{"key":"ref_22","unstructured":"Maglogiannis, I.G. (2007). Emerging Artificial Intelligence Applications in Computer Engineering: Real Word AI Systems with Applications in EHealth, HCI, Information Retrieval and Pervasive Technologies, IOS Press."},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Doshi, R., Apthorpe, N., and Feamster, N. (2018, January 24). Machine Learning DDoS Detection for Consumer Internet of Things Devices. Proceedings of the 2018 IEEE Security and Privacy Workshops (SPW), San Francisco, CA, USA.","DOI":"10.1109\/SPW.2018.00013"},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"103014","DOI":"10.1016\/j.cose.2022.103014","article-title":"A Cascaded Federated Deep Learning Based Framework for Detecting Wormhole Attacks in IoT Networks","volume":"125","author":"Alghamdi","year":"2023","journal-title":"Comput. Secur."},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Ndibwile, J.D., Govardhan, A., Okada, K., and Kadobayashi, Y. (2015, January 1\u20135). Web Server Protection against Application Layer DDoS Attacks Using Machine Learning and Traffic Authentication. Proceedings of the 2015 IEEE 39th Annual Computer Software and Applications Conference, Taichung, Taiwan.","DOI":"10.1109\/COMPSAC.2015.240"},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"171","DOI":"10.1007\/s11042-021-11390-1","article-title":"Cyber-Attack Detection via Non-Linear Prediction of IP Addresses: An Innovative Big Data Analytics Approach","volume":"81","author":"Cuzzocrea","year":"2022","journal-title":"Multimed. Tools Appl."},{"key":"ref_27","first-page":"e00497","article-title":"Network Intrusion Detection System Using Supervised Learning Paradigm","volume":"9","author":"Mebawondu","year":"2020","journal-title":"Sci. Afr."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"1328","DOI":"10.1016\/j.comcom.2011.01.012","article-title":"Distributed Denial of Service Attack Detection Using an Ensemble of Neural Classifier","volume":"34","author":"Selvakumar","year":"2011","journal-title":"Comput. Commun."},{"key":"ref_29","first-page":"436","article-title":"Detecting Distributed Denial of Service Attacks Using Data Mining Techniques","volume":"7","author":"Alkasassbeh","year":"2016","journal-title":"Int. J. Adv. Comput. Sci. Appl."},{"key":"ref_30","first-page":"8090","article-title":"AIMM: Artificial Intelligence Merged Methods for Flood DDoS Attacks Detection","volume":"34","author":"Jaszcz","year":"2022","journal-title":"J. King Saud Univ. Comput. Inf. Sci."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"2417","DOI":"10.1007\/s11277-021-09071-1","article-title":"A machine learning based detection and mitigation of the DDOS attack by using SDN controller framework","volume":"127","author":"Revathi","year":"2021","journal-title":"Wirel. Pers. Commun."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"113","DOI":"10.1016\/j.comcom.2022.12.010","article-title":"A Deep Learning Technique for Intrusion Detection System Using a Recurrent Neural Networks Based Framework","volume":"199","author":"Kasongo","year":"2023","journal-title":"Comput. Commun."},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"71414","DOI":"10.1109\/ACCESS.2022.3186975","article-title":"A Hybrid Intrusion Detection System Based on Feature Selection and Weighted Stacking Classifier","volume":"10","author":"Zhao","year":"2022","journal-title":"IEEE Access"},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Almaiah, M.A., Almomani, O., Alsaaidah, A., Al-Otaibi, S., Bani-Hani, N., Hwaitat, A.K.A., Al-Zahrani, A., Lutfi, A., Awad, A.B., and Aldhyani, T.H. (2022). Performance Investigation of Principal Component Analysis for Intrusion Detection System Using Different Support Vector Machine Kernels. Electronics, 11.","DOI":"10.3390\/electronics11213571"},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"323","DOI":"10.1007\/s41315-022-00224-4","article-title":"Optimal feature selection with CNN-feature learning for DDoS attack detection using meta-heuristic-based LSTM","volume":"6","author":"Dora","year":"2022","journal-title":"Int. J. Intell. Robot. Appl."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/23\/6\/3333\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T19:00:26Z","timestamp":1760122826000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/23\/6\/3333"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,3,22]]},"references-count":35,"journal-issue":{"issue":"6","published-online":{"date-parts":[[2023,3]]}},"alternative-id":["s23063333"],"URL":"https:\/\/doi.org\/10.3390\/s23063333","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,3,22]]}}}