Facing one of the most common threats to Internet security, the existing traffic-driven distributed denial of service (DDoS) defense schemes mainly focus on establishing more accurate detection models that highly require labeled untrusted traffic flows in the attacked network. Unfortunately, they usually ignore the communication overhead when collecting data through inherently distributed networks, which also introduces nontrivial privacy leakage. In this article, we propose a collaborative learning framework called NetSpirit to achieve effective detection of DDoS attacks. Leveraging parameter interactions instead of traffic data between network elements, its detection model can be efficiently trained and synchronized, with lightweight overhead and packet privacy protection. Meanwhile, semi-su-pervised machine learning is employed to learn from unlabeled data, and model pruning is used to further reduce the traffic transmission cost. NetSpir-it can be implemented by several major machine learning frameworks. In this article, we choose to implement the NetSpirit prototype using MindSpore in our simulated environment and use public data-sets to evaluate its effects. The experimental results demonstrate that NetSpirit can reduce by 28.28 percent the average transmission amount compared to traditional collaborative learning and achieve a detection accuracy of 63.80 percent, with a top-3 accuracy of 87.57 percent and a top-5 accuracy of 90.34 percent for the 13-classification problem of DDoS attacks using only 50 percent labeled data. Moreover, by adjusting the hyperparameters, it can make a good trade-off between computing time and transmission amount. We hope the intra- and inter-domain collaboration in NetSpirit can act as a fundamental primitive to build the intelligence layer of a trustworthy network architecture.