Computing Infrastructures managed by Cyber-Physical Systems (CPS) are extremely vulnerable to Distributed Denial of Service (DDoS) attacks that threaten the availability, integrity, and dependability of these core systems. To effectively address this problem, here, we present a new and exceptionally powerful IDS tailored for CPSs using some of the most sophisticated approaches for feature engineering, selection, classification, and optimization. It incorporates an Attention-Based Autoencoder (AAE) to encode data and learn high level traffic features as well as minimize dimensionality as a way of capturing, with higher accuracy, anomalous behaviours associated with DDoS Attacks. The best features, including sudden traffic surge and protocol violation, are chosen by employing both the Grey Wolf Optimization (GWO) and Firefly Algorithm (FFA) feature selection techniques to improve efficiency and reliability of the detection mechanism. For classification, we use a LightGBM- XGBoost model because LightGBM is fast enough while XGBoost brings extra regularization strength for high Throughput and precision real-time detection. Furthermore, new metaheuristic optimization approach including HHO and SCA are used in fine-tuning the geometrical hyperparameters of the model for better DDoS detection rate across different attack types with fewer false alarms. Because of data imbalance, there is the integration of SMOTE into the system, and the system is less sensitive to traffic variation normal on CPS networks. This integrated design of feature extraction, mixed classification, and metaheuristic optimization places the proposed IDS in a right scale as being capable of real time DDoS detection, providing a new platform for CPS security. When these state of the art methods are integrated, the system provides the highest level of precision and speed in the identification and prevention of DDoS threats which are part of a strong defense for today’s CPS structures.