1. Introduction
Denial-of-Service (DoS) attacks [19], prevalent in today’s cyber landscape, act by overwhelming target systems or networks and rendering them inaccessible to legitimate users. These attacks have become an insidious threat, with the potential to cripple vital online services and cause substantial financial and reputational damage [18]. Traditional DoS attacks function by continuously flooding a target with superfluous requests and exhausting the available resources. In particular, they often employ reflectors and amplifiers, such as DNS and NTP servers [21], [71]. Such classic hyper-volumetric DoS attacks, however, are simple to detect due to continual high volumes of traffic [34], [49].