After only a week more of research over DDoS attacks and existing DDoS mitigation solutions, I can say that ML is not needed at all in DDoS mitigation. There simply isn't enough context to extrapolate from data to warrant the use of a neural network. As such, I believe I am going to have to resort to my third and last final product idea: creating an effective ML architecture to identify and screen out phishing emails. This, of course, has already been done before, but natural language processing using neural networks is a pretty complex topic. There's tons of different ways to process data from emails, and I think my main goal should be to improve upon existing architectures. This idea will certainly be a bit more math-heavy, since I will need to evaluate the efficacy of my neural network against others. 

It's a shame, though. I thought I was really on to something when I brainstormed the idea of applying ML to DDoS mitigation. I'm not sure what mentor thought of my ideas since he hasn't even completed his evaluation of my final product proposals. I need to meet with him soon to discuss a plan of action for whatever idea I end up going with - all of them will require as much time as I can spend.