JUCS - Journal of Universal Computer Science 32(1): 108-132, doi: 10.3897/jucs.146099
CBM-IDS: An Advanced Hybrid Deep Learning Model for DDoS Attack Detection in IoT Networks
expand article infoHamdullah Karamollaoğlu, İbrahim Yücedağ§, İbrahim Alper Doğru|, Sinan Toklu|, İsmail Atacak|
‡ Ministry of Energy and Natural Resources, Ankara, Turkiye§ Düzce University, Düzce, Turkiye| Gazi University, Ankara, Turkiye

Corresponding author: Hamdullah Karamollaoğlu ( h.karamollaoglu@euas.gov.tr )

© Hamdullah Karamollaoğlu, İbrahim Yücedağ, İbrahim Alper Doğru, Sinan Toklu, İsmail Atacak.
This is an open access article distributed under the terms of the Creative Commons Attribution License (CC BY-ND 4.0). This license allows reusers to copy and distribute the material in any medium or format in unadapted form only, and only so long as attribution is given to the creator. The license allows for commercial use.
Citation: Karamollaoğlu H, Yücedağ İ, Doğru İA, Toklu S, Atacak İ (2026) CBM-IDS: An Advanced Hybrid Deep Learning Model for DDoS Attack Detection in IoT Networks. JUCS - Journal of Universal Computer Science 32(1): 108-132. https://doi.org/10.3897/jucs.146099
Open Access
Abstract
The rapid expansion of IoT devices has transformed industries while simultaneously introducing critical security vulnerabilities, particularly Distributed Denial-of-Service (DDoS) attacks that exploit the constrained resources of IoT systems. To address this challenge, a novel intrusion detection system (CBM-IDS) is proposed for the effective identification and mitigation of DDoS attacks in IoT environments. A hybrid deep learning framework is employed, integrating Convolutional Neural Networks (CNN) for spatial feature extraction, Bidirectional Long Short-Term Memory (BiLSTM) for temporal dependency analysis, and a Multi-Head Attention Mechanism (MHAM) to prioritize critical network traffic patterns. Model robustness is enhanced through Adaptive Synthetic Sampling (ADASYN) and One-Sided Selection (OSS) for class imbalance mitigation, along with dimensionality reduction using an Autoencoder combined with ANOVA F-test-based feature selection. The proposed system is evaluated on the CICDDoS2019 benchmark dataset, achieving a detection accuracy of 99.93%, which demonstrates its efficacy in real-world IoT security applications. 
Keywords
Intrusion detection, IoT network, deep learning, feature engineering, DDoS attacks
login to comment