Persian Eagle: A Hybrid Machine Learning and Deep Learning Framework for High-Precision DDoS Detection in Urban Digital Infrastructures

Urban environments increasingly rely on interconnected digital infrastructures like IoT devices, SDN-enabled networks, and cloud platforms to support essential municipal services. Ensuring the resilience of these systems requires advanced, data-driven mechanisms capable of detecting and mitigating cyber disruptions. This study presents Persian Eagle, a hybrid machine learning and deep learning framework designed to enhance the cyber-resilience of urban digital infrastructures by providing high-precision detection of Distributed Denial of Service (DDoS) attacks. DDoS attacks disrupt service availability by flooding targets with massive malicious traffic orchestrated through botnets, and in critical infrastructures, disruptions can be life-threatening. The proposed framework integrates multi-stage data preprocessing, SMOTE-based class balancing, and a four-phase feature-selection pipeline combining filtering, statistical ranking, PCA, and XGBoost. Seven complementary classifiers, including Random Forest, SVM, Gaussian Naive Bayes, XGBoost, MLP, LSTM, and Autoencoder, are bonded through a stacking cooperative with a Gradient Boosting meta-learner. The framework was evaluated on CICDDoS2019 and CICIDS2017 datasets, and achieved near-perfect performance up to 99.9998% accuracy, demonstrating strong generalization across diverse attack scenarios. By offering a scalable, transparent, and data-driven detection mechanism, Persian Eagle maintains urban digital-risk management and supports the continuity and resilience of critical smart-city services.