DDoS attacks have increasingly become a significant threat to online services, disrupting business operations and service availability. Amazon Web Services experienced a massive attack in 2020, peaking at 2.3 Tbps. In 2023, hacktivists targeted the U.S. government with similar attacks to draw attention to political causes. In 2024, Cloudflare mitigated the largest recorded DDoS attack, peaking at 3.8 Tbps. These attacks are costly, prompting the development of a cyber immune system to preemptively identify and neutralize threats, inspired by the human immune system. This research proposes a cyber immune system to counter DDoS attacks, inspired by human immune mechanisms. The system uses machine learning, behavioral analysis, and adaptive responses to analyze traffic patterns in real-time, distinguishing legitimate users from threats. A honeypot decoy gathers historical data, which the system uses to learn and adapt its defenses dynamically, identifying and mitigating emerging threats. The behavioral analysis component focuses on detecting deviations from normal traffic, indicative of DDoS activities. To strengthen system resilience, this framework includes an adaptive response mechanism that monitors and adapts to threats, refining detection models and deploying countermeasures like rate limiting, traffic filtering, and redirecting traffic. It emphasizes network collaboration for collective defense, sharing intelligence and resources. The research tackles implementation challenges like real-time processing and false positives, while also focusing on user privacy and data protection. Effectiveness is evaluated through simulations and case studies against various DDoS attack vectors. In conclusion, this research puts cybersecurity strategies a step ahead of the ever growing sophistication of DDoS threats. By developing a robust cyber immune system, organizations can beef up their defense system, ensuring higher availability and resilience of their digital services. The findings contribute to the ongoing discourse on cybersecurity innovations, paving the way for future advancements in protective technologies against DDoS attacks.

Authors: Abereowo Oladimeji, Oronti Adewale, Ogunlola Yetunde, Akinsowon Omoyele, Oladoja Perpetual, Akinwomi Kuboye, Alese Boniface K.

Published in: International Conference for Internet Technology and Secured Transactions (ICITST-2024)

• Date of Conference: 4-6 November 2024
• DOI: 10.20533/ICITST.2024.0008
• ISBN: 978-1-913572-76-1
• Conference Location: St Anne’s College, Oxford University, UK