Crystal ball DDoS detection

Started in July 2020

This project aims to investigate whether new DDoS attacks can be predicted before they have an actual impact. This is similar to dealing with tsunami alerts. The idea is to achieve this by analysing public and private data using AI techniques.

Project results

In the Explore phase, the project team has looked at challenging and innovative methods to pick up early signals of application-based DDoS attacks on the basis of probe detection. This seems promising, has been proven to be innovative based on literature study and external contacts, but it is not yet certain that this will yield a good result. That makes this project even more attractive to continue within the PCSI.

In the Pilot phase, a Minimum Viable Product (MVP) to predict upcoming attacks is being developed and tested on available DDoS datasets.


This project is part of the trend

21 Opportunity June 2025

Transition to predictive technologies

In the past, security defences were built around preventive measures. This was complemented with monitoring & response, to be able to detect attacks that circumvented preventive measures. But the gap between attackers' odds and defenders' strategy is still growing. That is why we also have to make use of predictive technologies (based on deep or reinforcement learning algorithms) to be able to better prepare for sophisticated attacks, and to support predictive or 'smart' decision making in cybersecurity or proactive risk management regarding cyberthreats.
Beeldmerk PCSI
PCSI is a collaboration of
    ABN-AMRO Achmea ASML Belastingdienst ING TNO