In today’s digitally driven business environment, the continuous operation of online enterprises relies heavily on resilient server infrastructures.The increasing frequency and sophistication of cyber-attacks, particularly Distributed Denial of Service (DDoS) attacks, bicycles pose significant challenges to maintain server health.DDoS attacks are malicious attempts to disrupt normal traffic to a server by overwhelming it with fake requests.
Their impact has grown alarmingly, with a 117% year-over-year increase in network-layer DDoS attacks observed in Q4 of 2023.This study introduces a novel two-stage server health monitoring system designed to detect and assess the severity of such attacks.In Stage I: DDoS Attack Detection, binary classification techniques—machine learning methods that divide data into two groups—analyze network traffic to differentiate normal traffic from DDoS attack traffic.
The light-gradient boosting model (LGBM) demonstrated exceptional performance on the testing set with an accuracy of 0.9988, AUC of 0.9999, and other metrics such as recall, precision, and F1 score of 0.
9988, indicating high reliability.Once a DDoS attack is detected, the system moves to Stage II: Attack Severity Assessment, where a multiclass classification method categorizes the attack’s severity as low, moderate, or high.The gradient boosting classifier (GBC) emerged as the best-performing model in this stage, achieving an accuracy of 0.
9994, AUC of 1, recall, precision, and F1 score of 0.9994 on the testing set.This research Figure Kits provides a robust approach for detecting attack severity, enabling cybersecurity professionals to allocate resources efficiently and implement timely mitigation to safeguard server health.