Volume - 7 | Issue - 2 | june 2025
Published
04 July, 2025
With the emerging complexity and frequency of DDoS attacks, central detection systems face challenges including latency, scalability, and data privacy. In this paper, we propose FAD²M++, a federated adaptive framework to accomplish DDoS real-time detection and mitigation in resource-limited edge and mobile environments. The proposed system is based on Federated Learning for decentralized training, in which edge devices, e.g., IoT gateways, routers, and smartphones, locally train lightweight adaptive machine learning models on real traffic data. Periodically, these models are averaged via secure federated protocols (e.g., FedAvg or FedProx) to build a global model that enjoys learning from local data in a privacy-preserving manner. Nodes are also equipped with dwell-detection scheme and a fallback checkpoint to be resilient to ever-changing attack behaviors and performance degradations. Federated adversarial training is utilized to improve robustness against adversarial examples with synthesized evasion samples. When an attack is identified, the system triggers a Software Defined Networking controller to apply early reactions through traffic filtering, rate limiting, or flow rules updates. Mobile devices can perform on-device inference through TensorFlow Lite or communicate with remote servers via APIs to detect threats in real time. Experimental results obtained from the CICIDS2017 dataset and a simulated live attack show sub-200ms detection latencies, minimal resource usage, and high levels of classification accuracy. FAD²M++ is a scalable, efficient, and privacy-preserving defense against contemporary DDoS attacks in an open and distributed network infrastructure.
KeywordsFederated Learning DDoS Detection Edge AI Adaptive Models Real-Time Security Mobile Security SDN Mitigation Concept Drift Lightweight Inference Privacy-Preserving Systems
