ASPG Menu
search

American Scientific Publishing Group

verified Journal

Journal of Cybersecurity and Information Management

ISSN
Online: 2690-6775 Print: 2769-7851
Frequency

Continuous publication

Publication Model

Open access · Articles freely available online · APC applies after acceptance

Submit Manuscript send
Journal of Cybersecurity and Information Management
Full Length Article

Volume 17Issue 1PP: 21-34 • 2026

A Novel Hybrid CNN-LSTM Framework for Robust DDoS Attack Detection and Classification

Ammar O. K. Al-Hasani 1*
mail
,
Islam R. Abdelmaksoud 1
mail
,
Amira Rezk 1
mail
1Dept. Of Information Systems, Faculty of Computers and Information, Mansoura University, Egypt
* Corresponding Author.
DOI https://doi.org/10.54216/JCIM.170103
format_quote Cite this article
Received: March 03, 2025 Revised: June 01, 2025 Accepted: July 05, 2025
PDF Icon View PDF open_in_new

Abstract

Distributed Denial of Service (DDoS) assaults could be the most prevalent and impactful cybersecurity threats, aiming to disrupt networking services and stop legitimate users from getting access to the service. This paper presents a novel hybrid deep learning framework that employs Convolutional Neural Networks (CNN) for spatial feature extraction and Long Short-Term Memory (LSTM) networking to get long-term dependencies within network traffic. In the experiments on the CIC-DDoS-2019 database, a good classification performance of the proposed model is achieved with accurateness of 99.63%, preciseness of 99.24%, recall of 99.22%, F1 score of 99.22%, and Micro-AUC of 99.71%, surpassing traditional machine learning models such as LGBM, DNN, and standalone CNN and LSTM. In addition, Fuzzy Logic was implemented for risk management using three risk categories low, medium, and high .The findings uncovered that the proposed hybrid CNN-LSTM model gives the best evaluation metrics, despite the complexity and imbalance of the dataset classes. This is due to the capability of the model to combine special and non-permanent features out of the data. The proposed model also is proven to support integration in the whole system including time detection, blocking and alerting, such that it is considered a powerful system for network security.

Keywords

DDoS Attack Detection Convolutional Neural Network (CNN) Long Short-Term Memory (LSTM) Hybrid Deep Learning Model Cybersecurity Threat Classification

References

[1]       N. Faujdar, A. Sinha, H. Sharma, and E. Verma, “Network security in Software defined Networks (SDN),” in 2020 International Conference on Smart Technologies in Computing, Electrical and Electronics (ICSTCEE), 2020, pp. 377–380.

 

[2]       M. Iqbal, F. Iqbal, F. Mohsin, M. Rizwan, and F. Ahmad, “Security issues in software defined networking (SDN): risks, challenges and potential solutions,” International Journal of Advanced Computer Science and Applications, vol. 10, no. 10, pp. 298–303, 2019.

 

[3]       K. Lakshminarayanan, D. Adkins, A. Perrig, and I. Stoica, “Taming IP packet flooding attacks,” ACM SIGCOMM Computer Communication Review, vol. 34, no. 1, pp. 45–50, 2004.

 

[4]       V. D. Gligor, “A note on denial-of-service in operating systems,” IEEE Transactions on Software Engineering, no. 3, pp. 320–324, 1984.

 

[5]       J. Saikam and K. Ch, “EESNN: Hybrid Deep Learning Empowered Spatial–Temporal Features for Network Intrusion Detection System,” IEEE Access, vol. 12, pp. 15930–15945, 2024.

 

[6]       R. J. Alzahrani and A. Alzahrani, “Security analysis of DDoS attacks using machine learning algorithms in networks traffic,” Electronics, vol. 10, no. 23, p. 2919, 2021.

 

[7]       T. Dhamor, S. Bhat, and S. Thenmalar, “Dynamic approaches for detection of DDoS threats using machine learning,” Annals of the Romanian Society for Cell Biology, vol. 25, no. 4, pp. 13663–13673, 2021.

 

[8]       A. Seifousadati, S. Ghasemshirazi, and M. Fathian, “A Machine Learning approach for DDoS detection on IoT devices,” arXiv preprint arXiv: 2110.14911, 2021.

 

[9]       R. Amrish, K. Bavapriyan, V. Gopinaath, A. Jawahar, and C. V. Kumar, “DDoS detection using machine learning techniques,” Journal of IoT in Social, Mobile, Analytics, and Cloud, vol. 4, no. 1, pp. 24–32, 2022.

 

[10]    K. Kumari and M. Mrunalini, “Detecting Denial of Service attacks using machine learning algorithms,” Journal of Big Data, vol. 9, no. 1, p. 56, 2022.

 

[11]    C. M. Nalayini and J. Katiravan, “Detection of DDoS attack using machine learning algorithms,” Available at SSRN 4173187, vol. 9, no. 7, 2022.

 

[12]    R. Qamar, B. Zardari, A. Arain, F. Khoso, and A. Jokhio, “Detecting distributed denial of service attacks using recurrent neural network,” Psychology, vol. 2022, p. 1, 2022.

 

[13]    I. Ullah and Q. H. Mahmoud, “Design and development of RNN anomaly detection model for IoT networks,” IEEE Access, vol. 10, pp. 62722–62750, 2022.

 

[14]    K. Saurabh et al., “LBDMIDS: LSTM based deep learning model for intrusion detection systems for IoT networks,” in 2022 IEEE World AI IoT Congress (AIIoT), 2022, pp. 753–759.

 

[15]    L. A. Zadeh, “Fuzzy sets,” Information and Control, vol. 8, no. 3, pp. 338–353, 1965.

 

[16]    R. Qamar, “Gradient techniques to predict distributed denial-of-service attack,” Iraqi Journal for Computer Science and Mathematics, vol. 3, no. 2, pp. 55–71, 2022.

Cite This Article

Choose your preferred format

format_quote
Al-Hasani, Ammar O. K., Abdelmaksoud, Islam R., Rezk, Amira. "A Novel Hybrid CNN-LSTM Framework for Robust DDoS Attack Detection and Classification." Journal of Cybersecurity and Information Management, vol. Volume 17, no. Issue 1, 2026, pp. 21-34. DOI: https://doi.org/10.54216/JCIM.170103
Al-Hasani, A., Abdelmaksoud, I., Rezk, A. (2026). A Novel Hybrid CNN-LSTM Framework for Robust DDoS Attack Detection and Classification. Journal of Cybersecurity and Information Management, Volume 17(Issue 1), 21-34. DOI: https://doi.org/10.54216/JCIM.170103
Al-Hasani, Ammar O. K., Abdelmaksoud, Islam R., Rezk, Amira. "A Novel Hybrid CNN-LSTM Framework for Robust DDoS Attack Detection and Classification." Journal of Cybersecurity and Information Management Volume 17, no. Issue 1 (2026): 21-34. DOI: https://doi.org/10.54216/JCIM.170103
Al-Hasani, A., Abdelmaksoud, I., Rezk, A. (2026) 'A Novel Hybrid CNN-LSTM Framework for Robust DDoS Attack Detection and Classification', Journal of Cybersecurity and Information Management, Volume 17(Issue 1), pp. 21-34. DOI: https://doi.org/10.54216/JCIM.170103
Al-Hasani A, Abdelmaksoud I, Rezk A. A Novel Hybrid CNN-LSTM Framework for Robust DDoS Attack Detection and Classification. Journal of Cybersecurity and Information Management. 2026;Volume 17(Issue 1):21-34. DOI: https://doi.org/10.54216/JCIM.170103
A. Al-Hasani, I. Abdelmaksoud, A. Rezk, "A Novel Hybrid CNN-LSTM Framework for Robust DDoS Attack Detection and Classification," Journal of Cybersecurity and Information Management, vol. Volume 17, no. Issue 1, pp. 21-34, 2026. DOI: https://doi.org/10.54216/JCIM.170103
Digital Archive Ready