<![CDATA[Modern Distributed Denial of Service (DDoS) attacks increasingly evade traditional defenses, and while Machine Learning (ML) has improved detection accuracy, a critical challenge remains in bridging detection with effective automated mitigation. This paper introduces a novel framework centered on a cognitive agent that synergistically combines high-speed ML detection with the advanced reasoning capabilities of a Large Language Model (LLM) for autonomous DDoS mitigation. The proposed architecture operates as a closed-loop security system. Following a data preprocessing phase that includes one-hot encoding and Standard Scaling (z-score normalization), a fine-tuned Random Forest model was identified as the optimal detector with 95.99% accuracy on the UNSW-NB15 dataset, which in turn triggers the LLM-based agent. This agent autonomously generates both human-readable incident explanations and machine-executable mitigation commands. Crucially, all generated commands undergo a syntax and logic validation step before execution to ensure operational integrity. Empirical results demonstrate the framework's efficacy, achieving a complete end-to-end detection-to-mitigation cycle in 24.20 seconds. This work validates that the unified approach presents a viable and transparent paradigm, contributing to the field of cybersecurity by enhancing automated mitigation and analytical processes through responsive and intelligent defense mechanisms.]]>
Copyrights © 2026
