{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,7]],"date-time":"2026-05-07T14:30:35Z","timestamp":1778164235200,"version":"3.51.4"},"reference-count":45,"publisher":"MDPI AG","issue":"5","license":[{"start":{"date-parts":[[2024,3,5]],"date-time":"2024-03-05T00:00:00Z","timestamp":1709596800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>The escalating reliance of modern society on information and communication technology has rendered it vulnerable to an array of cyber-attacks, with distributed denial-of-service (DDoS) attacks emerging as one of the most prevalent threats. This paper delves into the intricacies of DDoS attacks, which exploit compromised machines numbering in the thousands to disrupt data services and online commercial platforms, resulting in significant downtime and financial losses. Recognizing the gravity of this issue, various detection techniques have been explored, yet the quantity and prior detection of DDoS attacks has seen a decline in recent methods. This research introduces an innovative approach by integrating evolutionary optimization algorithms and machine learning techniques. Specifically, the study proposes XGB-GA Optimization, RF-GA Optimization, and SVM-GA Optimization methods, employing Evolutionary Algorithms (EAs) Optimization with Tree-based Pipelines Optimization Tool (TPOT)-Genetic Programming. Datasets pertaining to DDoS attacks were utilized to train machine learning models based on XGB, RF, and SVM algorithms, and 10-fold cross-validation was employed. The models were further optimized using EAs, achieving remarkable accuracy scores: 99.99% with the XGB-GA method, 99.50% with RF-GA, and 99.99% with SVM-GA. Furthermore, the study employed TPOT to identify the optimal algorithm for constructing a machine learning model, with the genetic algorithm pinpointing XGB-GA as the most effective choice. This research significantly advances the field of DDoS attack detection by presenting a robust and accurate methodology, thereby enhancing the cybersecurity landscape and fortifying digital infrastructures against these pervasive threats.<\/jats:p>","DOI":"10.3390\/s24051672","type":"journal-article","created":{"date-parts":[[2024,3,5]],"date-time":"2024-03-05T03:03:20Z","timestamp":1709607800000},"page":"1672","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":21,"title":["ML-Based Detection of DDoS Attacks Using Evolutionary Algorithms Optimization"],"prefix":"10.3390","volume":"24","author":[{"given":"Fauzia","family":"Talpur","sequence":"first","affiliation":[{"name":"Institute of Mathematics & Computer Science, University of Sindh, Jamshoro 70680, Sindh, Pakistan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Imtiaz Ali","family":"Korejo","sequence":"additional","affiliation":[{"name":"Institute of Mathematics & Computer Science, University of Sindh, Jamshoro 70680, Sindh, Pakistan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Aftab Ahmed","family":"Chandio","sequence":"additional","affiliation":[{"name":"Institute of Mathematics & Computer Science, University of Sindh, Jamshoro 70680, Sindh, Pakistan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5166-2213","authenticated-orcid":false,"given":"Ali","family":"Ghulam","sequence":"additional","affiliation":[{"name":"Information Technology Centre, Sindh Agriculture University, Tandojam 70060, Sindh, Pakistan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mir. Sajjad Hussain","family":"Talpur","sequence":"additional","affiliation":[{"name":"Information Technology Centre, Sindh Agriculture University, Tandojam 70060, Sindh, Pakistan"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2024,3,5]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"492","DOI":"10.1071\/BI9570492","article-title":"Simulation of genetic systems by automatic digital computers. II: Effects of linkage on rates under selection","volume":"10","author":"Fraser","year":"1957","journal-title":"Austral. J. Biol. Sci."},{"key":"ref_2","unstructured":"Bremermann, H.J. (1958). The Nervous System as a Model of Its Environment, Department of Mathematics, University of Washington. Technical Report No. 1."},{"key":"ref_3","unstructured":"Holland, J.H. (1975). Adaptation in Natural and Artificial Systems, University of Michigan Press."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"103511","DOI":"10.1016\/j.cose.2023.103511","article-title":"Detection of Application-layer DDoS Attacks using Machine Learning and Genetic Algorithms","volume":"135","author":"Sharif","year":"2023","journal-title":"Comput. Secur."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"25","DOI":"10.1016\/j.comnet.2017.03.018","article-title":"Detecting HTTP-based application layer DoS attacks on web servers in the presence of sampling","volume":"121","author":"Jazi","year":"2017","journal-title":"Comput. Netw."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"102423","DOI":"10.1016\/j.cose.2021.102423","article-title":"A comprehensive survey of DDoS defense solutions in SDN: Taxonomy, research challenges, and future directions","volume":"110","author":"Kaur","year":"2021","journal-title":"Comput. Secur."},{"key":"ref_7","first-page":"811","article-title":"A Hybrid Modified Grasshopper Optimization Algorithm and Genetic Algorithm to Detect and Prevent DDoS Attacks","volume":"34","author":"Mohammadi","year":"2021","journal-title":"Int. J. Eng."},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Chaudhary, A., and Shrimal, G. (2019, January 26\u201328). Intrusion detection system based on genetic algorithm for detection of distribution denial of service attacks in MANETs. Proceedings of the International Conference on Sustainable Computing in Science, Technology and Management (SUSCOM), Amity University Rajasthan, Jaipur, India.","DOI":"10.2139\/ssrn.3351807"},{"key":"ref_9","unstructured":"Lee, J.H., Kim, D.S., Lee, S.M., and Park, J.S. (July, January 30). DDoS attacks detection using GA based optimized traffic matrix. Proceedings of the Fifth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, Seoul, Republic of Korea."},{"key":"ref_10","first-page":"57","article-title":"Denial-of-service, probing & remote to user (R2L) attack detection using genetic algorithm","volume":"60","author":"Paliwal","year":"2012","journal-title":"Int. J. Comput. Appl."},{"key":"ref_11","first-page":"219","article-title":"Defense against distributed DoS attack detection by using intelligent evolutionary algorithm","volume":"44","author":"Dwivedi","year":"2022","journal-title":"Int. J. Comput. Appl."},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Al Bataineh, A., and Manacek, S. (2022). MLP-PSO Hybrid Algorithm for Heart Disease Prediction. J. Pers. Med., 12.","DOI":"10.3390\/jpm12081208"},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"100010","DOI":"10.1016\/j.health.2021.100010","article-title":"Meta-Health Stack: A new approach for breast cancer prediction","volume":"2","author":"Samieinasab","year":"2022","journal-title":"Healthc. Anal."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"764","DOI":"10.1109\/TEVC.2022.3232466","article-title":"Reduced-space Multistream Classification based on Multi-objective Evolutionary Optimization","volume":"27","author":"Jiao","year":"2022","journal-title":"IEEE Trans. Evol. Comput."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"17562872211044880","DOI":"10.1177\/17562872211044880","article-title":"Engineering and clinical use of artificial intelligence (AI) with machine learning and data science advancements: Radiology leading the way for future","volume":"13","author":"Hameed","year":"2021","journal-title":"Ther. Adv. Urol."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"940","DOI":"10.1109\/TMC.2020.3017079","article-title":"Dynamic Scheduling for Stochastic Edge-Cloud Computing Environments Using A3C Learning and Residual Recurrent Neural Networks","volume":"21","author":"Tuli","year":"2020","journal-title":"IEEE Trans. Mob. Comput."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"53","DOI":"10.1162\/evco_a_00316","article-title":"An Uncertainty Measure for Prediction of Non-Gaussian Process Surrogates","volume":"31","author":"Hu","year":"2023","journal-title":"Evol. Comput."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"2","DOI":"10.1016\/j.swevo.2015.06.002","article-title":"A survey on evolutionary algorithms dynamics and its complexity\u2014Mutual relations, past, present and future","volume":"25","author":"Zelinka","year":"2015","journal-title":"Swarm Evol. Comput."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"04019087","DOI":"10.1061\/(ASCE)AS.1943-5525.0001078","article-title":"Robust Design Approaches for Hybrid Rocket Upper Stage","volume":"32","author":"Casalino","year":"2019","journal-title":"J. Aerosp. Eng."},{"key":"ref_20","first-page":"187","article-title":"Meta-heuristic algorithms with immigrant techniques for nurse duty roster in public hospitals in Sindh, Pakistan","volume":"13","author":"Jatoi","year":"2020","journal-title":"Int. J. Comput. Intell. Control"},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Dong, D., Ye, Z., Cao, Y., Xie, S., Wang, F., and Ming, W. (2019, January 18\u201321). An improved association rule mining algorithm based on ant lion optimizer algorithm and FP-growth. Proceedings of the 2019 10th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), Metz, France.","DOI":"10.1109\/IDAACS.2019.8924290"},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"102","DOI":"10.1016\/j.rser.2014.01.069","article-title":"A review on applications of ANN and SVM for building electrical energy consumption forecasting","volume":"33","author":"Ahmad","year":"2014","journal-title":"Renew. Sustain. Energy Rev."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"2489","DOI":"10.1007\/s10586-016-0684-4","article-title":"Recent advancements in resource allocation techniques for cloud computing environment: A systematic review","volume":"20","author":"Madni","year":"2017","journal-title":"Clust. Comput."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"263","DOI":"10.1016\/j.cirpj.2013.07.001","article-title":"Machine availability monitoring and machining process planning towards Cloud manufacturing","volume":"6","author":"Wang","year":"2013","journal-title":"CIRP J. Manuf. Sci. Technol."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"1584","DOI":"10.1016\/j.rser.2005.11.005","article-title":"Use of multicriteria decision analysis methods for energy planning problems","volume":"11","year":"2007","journal-title":"Renew. Sustain. Energy Rev."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"409","DOI":"10.1016\/j.cie.2005.01.018","article-title":"An effective hybrid optimization approach for multi-objective flexible job-shop scheduling problems","volume":"48","author":"Xia","year":"2005","journal-title":"Comput. Ind. Eng."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"26","DOI":"10.1016\/j.jnca.2017.07.012","article-title":"Auto-scaling web applications in clouds: A cost-aware approach","volume":"95","author":"Aslanpour","year":"2017","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Buyya, R., Broberg, J., and Goscinski, A.M. (2010). Cloud Computing: Principles and Paradigms, John Wiley & Sons.","DOI":"10.1002\/9780470940105"},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"51691","DOI":"10.1109\/ACCESS.2019.2908998","article-title":"Comprehensive Review of Artificial Intelligence and Statistical Approaches in Distributed Denial of Service Attack and Defense Methods","volume":"7","author":"Khalaf","year":"2019","journal-title":"IEEE Access"},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"100317","DOI":"10.1016\/j.cosrev.2020.100317","article-title":"Deep Learning Algorithms for Cybersecurity Applications: A Technological and Status Review","volume":"39","author":"Dixit","year":"2021","journal-title":"Comput. Sci. Rev."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"139","DOI":"10.1007\/s11235-020-00733-2","article-title":"A comprehensive survey of AI-enabled phishing attacks detection techniques","volume":"76","author":"Basit","year":"2021","journal-title":"Telecommun. Syst."},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Mohammed, M.A., Gunasekaran, S.S., Mostafa, S.A., Mustafa, A., and Abd Ghani, M.K. (2018, January 27\u201328). Implementing an agent-based multi-natural language anti-spam model. Proceedings of the 2018 International Symposium on Agent, Multi-Agent Systems and Robotics (ISAMSR), Putrajaya, Malaysia.","DOI":"10.1109\/ISAMSR.2018.8540555"},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"135","DOI":"10.1016\/j.cose.2016.11.004","article-title":"A survey of intrusion detection systems based on ensemble and hybrid classifiers","volume":"65","author":"Aburomman","year":"2017","journal-title":"Comput. Secur."},{"key":"ref_34","unstructured":"Ahuja, N. (2020, September 27). SDN Dataset. Available online: https:\/\/data.mendeley.com\/datasets\/jxpfjc64kr\/1."},{"key":"ref_35","unstructured":"Olson, R.S., and Moore, J.H. (2016, January 24). TPOT: A tree-based pipeline optimization tool for automating machine learning. Proceedings of the Workshop on Automatic Machine Learning, New York, NY, USA."},{"key":"ref_36","first-page":"e8021","article-title":"DDoS attack detection in SDN: Enhancing entropy-based detection with machine learning","volume":"23","author":"Bordim","year":"2024","journal-title":"Concurr. Comput. Pract. Exp."},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"303","DOI":"10.1016\/j.comcom.2012.09.010","article-title":"Detection of distributed denial of service attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems","volume":"36","author":"Kumar","year":"2013","journal-title":"Comput. Commun."},{"key":"ref_38","unstructured":"Da Silva, A.S., Wickboldt, J.A., Granville, L.Z., and Schaeffer-Filho, A. (2016, January 25\u201329). Atlantic: A framework for anomaly traffi detection, classifiation, and mitigation in sdn. Proceedings of the NOMS IEEE\/IFIP Network Operations and Management Symposium, Istanbul, Turkey."},{"key":"ref_39","doi-asserted-by":"crossref","first-page":"155859","DOI":"10.1109\/ACCESS.2020.3019330","article-title":"A Flexible SDN-Based Architecture for Identifying and Mitigating Low-Rate DDoS Attacks Using Machine Learning","volume":"8","author":"Valdovinos","year":"2020","journal-title":"IEEE Access"},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"9804061","DOI":"10.1155\/2018\/9804061","article-title":"A DDoS attack detection method based on SVM in software defined network","volume":"2018","author":"Ye","year":"2018","journal-title":"Secur. Commun. Netw."},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"524","DOI":"10.1016\/j.future.2020.06.002","article-title":"Self-supervised network traffic management for DDoS mitigation within the ISP domain","volume":"112","author":"Ko","year":"2020","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"9649643","DOI":"10.1155\/2018\/9649643","article-title":"OverWatch: A Cross-Plane DDoS Attack Defense Framework with Collaborative Intelligence in SDN","volume":"2018","author":"Han","year":"2018","journal-title":"Secur. Commun. Netw."},{"key":"ref_43","first-page":"8012568","article-title":"Advanced Support Vector Machine- (ASVM-) Based Detection for Distributed Denial of Service (DDoS) Attack on Software Defined Networking (SDN)","volume":"2019","author":"Oo","year":"2019","journal-title":"J. Comput. Netw. Commun."},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"103108","DOI":"10.1016\/j.jnca.2021.103108","article-title":"Automated DDOS attack detection in software defined networking","volume":"187","author":"Ahuja","year":"2021","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_45","first-page":"1","article-title":"DDoS attack traffic classification in SDN using deep learning","volume":"2024","author":"Ahuja","year":"2024","journal-title":"Pers. Ubiquitous Comput."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/24\/5\/1672\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T14:09:18Z","timestamp":1760105358000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/24\/5\/1672"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,3,5]]},"references-count":45,"journal-issue":{"issue":"5","published-online":{"date-parts":[[2024,3]]}},"alternative-id":["s24051672"],"URL":"https:\/\/doi.org\/10.3390\/s24051672","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,3,5]]}}}