Abstract: This project presents an AI-driven DDoS protection system that detects and mitigates HTTP-based attacks on cloud-hosted Apache web servers. Real-time network traffic is captured using Scapy, extracting features such as request count and time intervals. The Isolation Forest algorithm is used for unsupervised anomaly detection, enabling identification of malicious IPs without labeled attack data. Detected attackers are automatically blocked using iptables to maintain server performance. A Tkinter-based GUI dashboard provides live visualization of system health and traffic status for effective monitoring. Tested against simulated attacks like GoldenEye and Slowloris, the system achieves high accuracy with low false positives. Its lightweight and modular design makes it practical for cloud environments, with possibilities for future enhancements like encrypted traffic analysis and advanced AI integration.
|
DOI:
10.17148/IJARCCE.2025.145123
