Traditional approaches to anomaly detection are often limited and less effective in dealing with new and unknown threats, including DDoS attacks. Distributed denial-of-service (DDoS) attacks are a rapidly growing threat that disrupts systems and makes services unavailable. This research aims to detect unlabeled attacks and classify whether the data is anomalous or normal by using a deep autoencoder model. Deep autoencoder is a network designed to reconstruct input data with a high degree of accuracy. This research includes pre-processing, normalization, feature selection, and reconstruction error as a comparison to determine normal and anomalous data. Threshold selection with the best ROC to measure sensitivity and false alarm rate on the 2019 CIC-DDos data set. Evaluation results demonstrate that the model achieves high performance with precision, recall, and F1- score all reaching 97 percent. These results compare favorably with previous studies with the same dataset in unsupervised learning. The method works well to detect new and unknown attacks to prevent the system from being tampered with and provide more robust attack detection.