As the prevalence and sophistication of distributed denial of service (DDoS) attacks escalate, the imperative for advanced defense mechanisms becomes paramount, especially in rapidly growing digital landscapes like Indonesia. This research presents the development of an innovative intrusion detection system (IDS) that harnesses machine learning (ML) algorithms to automate the detection of DDoS attacks in real time. By monitoring TCP streams, the system utilizes ML-enhanced IDS components to identify malicious traffic patterns indicative of DDoS activities. An automatic alert is dispatched to network administrators via Telegram upon detection, ensuring immediate awareness and facilitating swift countermeasures. Additionally, the system embodies a self-improving architecture by retraining its ML model with newly encountered attack data, thus continuously refining its detection capabilities. The system's efficacy, marked by its adaptive learning and proactive notification system, not only contributes to the fortification of network security but also underscores the potential for ML in cybersecurity within Indonesia’s expanding digital domain. The deployment of this system is anticipated to significantly bolster cybersecurity infrastructure by addressing the urgent need for advanced and responsive defense strategies against the evolving landscape of cyber threats.

Cybersecurity; DDoS; IDS; Machine learning; Telegram bot