Abstract
The Internet has permeated nearly every aspect of modern civilization, interconnecting billions of devices and services. While this global connectivity empowers businesses to deliver services seamlessly, it also exposes them to persistent cyber threats such as Distributed Denial of Service (DDoS) attacks. Owing to the diversity in attack scale and sophistication, conventional detection methods often fail to respond effectively, particularly when a single detection approach is used against multiple attack variants. This paper proposes a multi-modular approach for DDoS detection in Docker container environments, combining statistical and anomaly-based techniques to identify bandwidth-driven attacks in real time while maintaining system stability. The framework distributes its computational components across multiple nodes through parallel execution, thereby minimizing the processing load on the target system. Experimental validation using the CICDDoS2019 dataset and simulated Docker-based attacks demonstrates the effectiveness of the proposed design. Multi-attribute analysis reduced false positives from 81.11% to 1.15% and achieved an average detection accuracy of 99.95%. Distributed processing reduced system resource usage by 40% compared to centralized techniques. Modular design and distributed computing improve detection precision, reduce false alarms, and provide a scalable, resource-efficient defense against developing DDoS threats in cloud-native infrastructures.