Journal of Ubiquitous Computing and Communication Technologies
IRO Journals
Volume 7 — Issue 2 — June 2025

FAD²M++: A Federated Adaptive Framework for Real-Time DDoS Detection and Mitigation on Resource-Constrained Edge Networks

https://doi.org/10.36548/jucct.2025.2.003
Sushma Sree M.
MCA, School of Engineering and Technology, Dhanalakshmi Srinivasan University, Trichy
Sughasiny M.
MCA, School of Engineering and Technology, Dhanalakshmi Srinivasan University, Trichy
PDF
PDF

How to Cite

M., Sushma Sree, and Sughasiny M. 2025. “FAD²M++: A Federated Adaptive Framework for Real-Time DDoS Detection and Mitigation on Resource-Constrained Edge Networks”. Journal of Ubiquitous Computing and Communication Technologies 7 (2): 133-47. https://doi.org/10.36548/jucct.2025.2.003.
ACM ACS APA ABNT Chicago Harvard IEEE MLA Turabian Vancouver AMA

Download Citation

Endnote/Zotero/Mendeley (RIS) BibTeX

Keywords

— Federated Learning
— DDoS Detection
— Edge AI
— Adaptive Models
— Real-Time Security
— Mobile Security
— SDN Mitigation
— Concept Drift
— Lightweight Inference
— Privacy-Preserving Systems
Published: 04-07-2025

Abstract

With the emerging complexity and frequency of DDoS attacks, central detection systems face challenges including latency, scalability, and data privacy. In this paper, we propose FAD²M++, a federated adaptive framework to accomplish DDoS real-time detection and mitigation in resource-limited edge and mobile environments. The proposed system is based on Federated Learning for decentralized training, in which edge devices, e.g., IoT gateways, routers, and smartphones, locally train lightweight adaptive machine learning models on real traffic data. Periodically, these models are averaged via secure federated protocols (e.g., FedAvg or FedProx) to build a global model that enjoys learning from local data in a privacy-preserving manner. Nodes are also equipped with dwell-detection scheme and a fallback checkpoint to be resilient to ever-changing attack behaviors and performance degradations. Federated adversarial training is utilized to improve robustness against adversarial examples with synthesized evasion samples. When an attack is identified, the system triggers a Software Defined Networking controller to apply early reactions through traffic filtering, rate limiting, or flow rules updates. Mobile devices can perform on-device inference through TensorFlow Lite or communicate with remote servers via APIs to detect threats in real time. Experimental results obtained from the CICIDS2017 dataset and a simulated live attack show sub-200ms detection latencies, minimal resource usage, and high levels of classification accuracy. FAD²M++ is a scalable, efficient, and privacy-preserving defense against contemporary DDoS attacks in an open and distributed network infrastructure.

References

  1. Ruzafa-Alcázar, Pedro, Pablo Fernández-Saura, Enrique Mármol-Campos, Aurora González-Vidal, José L. Hernández-Ramos, Jorge Bernal-Bernabe, and Antonio F. Skarmeta. "Intrusion detection based on privacy-preserving federated learning for the industrial IoT." IEEE Transactions on Industrial Informatics 19, no. 2 (2021): 1145-1154.
  2. Reddy, Kumbala Pradeep, Sarangam Kodati, Madireddy Swetha, M. Parimala, and S. Velliangiri. "A hybrid neural network architecture for early detection of DDOS attacks using deep learning models." In 2021 2nd International Conference on Smart Electronics and Communication (ICOSEC), pp. 323-327. IEEE, 2021.
  3. Elsaeidy, Asmaa A., Abbas Jamalipour, and Kumudu S. Munasinghe. "A hybrid deep learning approach for replay and DDoS attack detection in a smart city." IEEE Access 9 (2021): 154864-154875.
  4. Alghazzawi, Daniyal, Omaimah Bamasag, Hayat Ullah, and Muhammad Zubair Asghar. "Efficient detection of DDoS attacks using a hybrid deep learning model with improved feature selection." Applied Sciences 11, no. 24 (2021): 11634.
  5. Awan, Mazhar Javed, Umar Farooq, Hafiz Muhammad Aqeel Babar, Awais Yasin, Haitham Nobanee, Muzammil Hussain, Owais Hakeem, and Azlan Mohd Zain. "Real-time DDoS attack detection system using big data approach." Sustainability 13, no. 19 (2021): 10743.
  6. Zainudin, Ahmad, Love Allen Chijioke Ahakonye, Rubina Akter, Dong-Seong Kim, and Jae-Min Lee. "An efficient hybrid-dnn for ddos detection and classification in software-defined iiot networks." IEEE Internet of Things Journal 10, no. 10 (2022): 8491-8504.
  7. Ullah, Safi, Muazzam A. Khan, Jawad Ahmad, Sajjad Shaukat Jamal, Zil e Huma, Muhammad Tahir Hassan, Nikolaos Pitropakis, Arshad, and William J. Buchanan. "HDL-IDS: a hybrid deep learning architecture for intrusion detection in the Internet of Vehicles." Sensors 22, no. 4 (2022): 1340.
  8. Makuvaza, Auther, Dharm Singh Jat, and Attlee M. Gamundani. "Hybrid deep learning model for real-time detection of distributed denial of service attacks in software defined networks." In Emerging Trends in Data Driven Computing and Communications: Proceedings of DDCIoT 2021, Springer Singapore, (2021): 1-13.
  9. Al-zubidi, Azhar F., Alaa Kadhim Farhan, and Sayed M. Towfek. "Predicting DoS and DDoS attacks in network security scenarios using a hybrid deep learning model." Journal of Intelligent Systems 33, no. 1 (2024): 20230195.
  10. Racherla, Sandeepkumar, Prathyusha Sripathi, Nuruzzaman Faruqui, Md Alamgir Kabir, Md Whaiduzzaman, and Syed Aziz Shah. "Deep-IDS: A Real-Time Intrusion Detector for IoT Nodes Using Deep Learning." IEEE Access (2024).
  11. Qureshi, Saima Siraj, Jingsha He, MJ Nafei Zhu, Sirajuddin Qureshi, Faheem Ullah, Ahsan Nazir, and A. Wajahat. "A new deep learning paradigm for IoT security: expanding beyond traditional DDoS detection." International Journal of Network Security 26, no. 3 (2024): 349-360.
  12. Kim, Taehoon, and Wooguil Pak. "Real-time network intrusion detection using deferred decision and hybrid classifier." Future Generation Computer Systems 132 (2022): 51-66.
  13. Sumathi, S., R. Rajesh, and Sangsoon Lim. "Recurrent and deep learning neural network models for DDoS attack detection." Journal of Sensors 2022, no. 1 (2022): 8530312.
  14. Diaba, Sayawu Yakubu, and Mohammed Elmusrati. "Proposed algorithm for smart grid DDoS detection based on deep learning." Neural Networks 159 (2023): 175-184.
  15. Mousa, Amthal K., and Mohammed Najm Abdullah. "An improved deep learning model for DDoS detection based on hybrid stacked autoencoder and checkpoint network." Future Internet 15, no. 8 (2023): 278.