Static rule-based approaches for DDoS attack detection and mitigation suffer from poor generalization and severe class ambiguity, hindering accurate attack categorization. Method: We propose the first collaborative classification framework integrating human expert hierarchies with AI-generated dendrograms to resolve long-standing attack-type ambiguities. Our cross-layer AI paradigm spans data governance, adversarial robustness, and proactive mitigation, incorporating LSTM/GNN/Transformer architectures, unsupervised anomaly detection, adversarial training, explainable AI (XAI), and traffic feature engineering. Contribution/Results: We establish a unified evaluation benchmark quantifying trade-offs among accuracy, latency, and generalization across mainstream AI methods. We systematically analyze dataset characteristics and augmentation strategies, and identify seven open challenges—advancing toward AI-driven, closed-loop, autonomous defense systems.

Distributed Denial of Service attacks represent an active cybersecurity research problem. Recent research shifted from static rule-based defenses towards AI-based detection and mitigation. This comprehensive survey covers several key topics. Preeminently, state-of-the-art AI detection methods are discussed. An in-depth taxonomy based on manual expert hierarchies and an AI-generated dendrogram are provided, thus settling DDoS categorization ambiguities. An important discussion on available datasets follows, covering data format options and their role in training AI detection methods together with adversarial training and examples augmentation. Beyond detection, AI based mitigation techniques are surveyed as well. Finally, multiple open research directions are proposed.