MULTI-LF: A Unified Continuous Learning Framework for Real-Time DDoS Detection in Multi-Environment Networks

Furqan Rustam, Islam Obaidat, Anca Delia Jurcut·April 15, 2025

Summary

MULTI-LF, a unified continuous learning framework, boosts real-time DDoS detection in multi-environment networks. It employs two machine learning models for high accuracy, low latency, and efficient resource usage. Addressing diverse malicious traffic patterns and evolving threats, MULTI-LF improves model performance through scaling, ensuring balanced weight updates and high accuracy across metrics. BNB is the preferred model in this approach. Research focuses on malware detection, network traffic analysis, and cybersecurity, covering self-paced learning, real-time monitoring, and intrusion detection frameworks. Studies explore machine learning techniques for network intrusion detection across various platforms and environments from 2010 to 2024.

Introduction

Background

Overview of DDoS attacks and their impact on multi-environment networks

Challenges in real-time detection and mitigation

Objective

To present MULTI-LF, a unified continuous learning framework designed for efficient DDoS detection

Highlighting the framework's ability to handle diverse malicious traffic patterns and evolving threats

Method

Data Collection

Techniques for gathering network traffic data in real-time

Importance of data quality and relevance for effective detection

Data Preprocessing

Methods for cleaning, normalizing, and transforming raw data

Role in enhancing model performance and accuracy

Model Selection and Training

Introduction to BNB (Bagging Nearest Neighbors) as the preferred model

Explanation of how BNB and another model work together for high accuracy, low latency, and efficient resource usage

Scaling and Weight Updates

Strategies for maintaining balanced weight updates across diverse environments

Importance in ensuring high accuracy across different metrics

Research Focus

Malware Detection and Network Traffic Analysis

Overview of research in malware detection and network traffic analysis

Importance of these areas in cybersecurity

Self-paced Learning and Real-time Monitoring

Explanation of self-paced learning in the context of MULTI-LF

Role of real-time monitoring in enhancing detection capabilities

Intrusion Detection Frameworks

Overview of intrusion detection frameworks and their evolution

How MULTI-LF contributes to these frameworks

Machine Learning Techniques for Network Intrusion Detection

Historical Overview (2010-2024)

Summary of advancements in machine learning techniques for network intrusion detection

Key milestones and influential studies

Current Applications and Future Trends

Discussion of current applications of machine learning in network intrusion detection

Insights into future trends and potential innovations

Basic info

papers

cryptography and security

machine learning

artificial intelligence

Advanced features

Insights

What innovative approaches does MULTI-LF employ to address evolving threats in network security?

In what ways does MULTI-LF ensure compatibility across different network environments?

What are the key features of the BNB model that make it preferred in the MULTI-LF framework?

How does the MULTI-LF framework integrate machine learning models to enhance DDoS detection?