*Result*: Detecting application layer DDoS attacks with RSPF: A hybrid ensemble learning approach.

*An ensemble learning paradigm is a widely adopted machine learning strategy that has demonstrated significant benefits across various applications. In this context, an ensemble refers to a system composed of multiple models that operate concurrently and integrate their outputs through decision fusion to yield a single predictive solution. Distributed Denial of Service (DDoS) attacks at the application layer have amplified the impact of traditional flooding-based attacks, posing an increasing threat to internet-based web services. These high-level attacks can cause comparable damage to their lower-layer counterparts while using fewer resources. HTTP, being the most widely used internet protocol, is frequently targeted in such flooding-based application-layer DDoS scenarios. To address these challenges, an alternative ensemble-based detection approach is presented and evaluated using several base classifiers, including K-Nearest Neighbours, Logistic Regression(LR), Support Vector Machine (SVM), Gaussian Naïve Bayes, and Self-Organizing Maps (SOM). In addition, ensemble learning techniques such as Bagging, Random Forest, Extra Trees, Voting, and Gradient Boosting are employed to assess their effectiveness in DDoS detection. Experimental findings indicate that ensemble approaches consistently yield superior performance compared to individual classifiers. A novel ensemble framework, termed Random Subspace and Parameter Fusion (RSPF), is introduced. This model achieves higher accuracy and efficiency than traditional ensemble methods, thereby enhancing detection capabilities and consistently delivering robust performance against application-layer DDoS attacks. Evaluation is conducted using the CICIDS2019 dataset, which offers comprehensive coverage of modern network intrusion scenarios and is suitable for benchmarking a wide range of cyberattack detection techniques. [ABSTRACT FROM AUTHOR]

Copyright of Cluster Computing is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)*