To address the insufficient robustness of DDoS attack traffic classification under adversarial perturbations, this paper proposes a spatiotemporal joint modeling method leveraging swarm graph sequences and 3D convolutional neural networks (CNNs). We innovatively design a swarm graph spatiotemporal encoding mechanism that maps raw network flows into physically meaningful dynamic image sequences. To enhance adversarial robustness, we integrate adversarial training (FGSM/PGD), spatial noise augmentation, and image translation perturbations. Additionally, a frame-level prediction mechanism enables early detection. On benchmark datasets, classification accuracy on adversarial samples improves significantly—from 50–55% to over 93%—while preserving clean-sample performance. High-confidence predictions are generated within the first 3–4 frames, achieving a favorable trade-off between real-time responsiveness and robustness.

Distributed Denial-of-Service (DDoS) attacks remain a serious threat to online infrastructure, often bypassing detection by altering traffic in subtle ways. We present a method using hive-plot sequences of network data and a 3D convolutional neural network (3D CNN) to classify DDoS traffic with high accuracy. Our system relies on three main ideas: (1) using spatio-temporal hive-plot encodings to set a pattern-recognition baseline, (2) applying adversarial training with FGSM and PGD alongside spatial noise and image shifts, and (3) analyzing frame-wise predictions to find early signals. On a benchmark dataset, our method lifts adversarial accuracy from 50-55% to over 93% while maintaining clean-sample performance. Frames 3-4 offer strong predictive signals, showing early-stage classification is possible.