Hybrid-Pipeline-Based Detection and Classification of HTTP Slow Denial-of-Service Attacks Using Radial Basis Function Neural Networks

Detecting denial of service traffic remains challenging when malicious sessions exhibit flow characteristics that closely resemble benign network behavior, particularly in low-rate attack settings. This study examines whether autoencoder-based feature compression can improve flow-based intrusion detection while maintaining a deployment-oriented design. We develop a lightweight pipeline that learns a low-dimensional latent representation of tabular flow features using an autoencoder and performs classification using Random Forest, LightGBM, and a radial basis function neural network. Using the CICIDS 2017 dataset, the best performing configurations achieve 99.43 percent accuracy with autoencoder plus Random Forest and 99.39 percent with autoencoder plus LightGBM, while autoencoder plus radial basis function neural network achieves 98.27 percent, with consistently strong precision, recall, and F1-score. The findings support practice by showing that high detection performance can be achieved using compact learned features that reduce input complexity for downstream models, which is beneficial for operational monitoring environments. The study advances knowledge by providing a reproducible evaluation of representation learning as a feature compression step for tabular intrusion detection, and by linking model performance to measurable computational considerations relevant to real-world deployment.