MADONNA: Browser-based malicious domain detection using Optimized Neural Network by leveraging AI and feature analysis

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2025-02-17 DOI:10.1016/j.cose.2025.104371

Janaka Senanayake , Sampath Rajapaksha , Naoto Yanai , Harsha Kalutarage , Chika Komiya

{"title":"MADONNA: Browser-based malicious domain detection using Optimized Neural Network by leveraging AI and feature analysis","authors":"Janaka Senanayake , Sampath Rajapaksha , Naoto Yanai , Harsha Kalutarage , Chika Komiya","doi":"10.1016/j.cose.2025.104371","DOIUrl":null,"url":null,"abstract":"<div><div>Detecting malicious domains is a critical aspect of cybersecurity, with recent advancements leveraging Artificial Intelligence (AI) to enhance accuracy and speed. However, existing browser-based solutions often struggle to achieve both high accuracy and efficient throughput. In this paper, we present MADONNA, a novel browser-based malicious domain detector that exceeds the current state-of-the-art in both accuracy and throughput. MADONNA utilizes feature selection through correlation analysis and model optimization techniques, including pruning and quantization, to significantly enhance detection speed without compromising accuracy. Our approach employs a Shallow Neural Network (SNN) architecture, outperforming Large Language Models (LLMs) and state-of-the-art methods by improving accuracy by 6% (reaching 0.94) and F1-score by 4% (reaching 0.92). We further integrated MADONNA into a Google Chrome extension, demonstrating its practical application with a real-time domain detection accuracy of 94% and an average inference time of 0.87 s. These results highlight MADONNA’s effectiveness in balancing speed and accuracy, providing a scalable, real-world solution for malicious domain detection.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"152 ","pages":"Article 104371"},"PeriodicalIF":4.8000,"publicationDate":"2025-02-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404825000604","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Detecting malicious domains is a critical aspect of cybersecurity, with recent advancements leveraging Artificial Intelligence (AI) to enhance accuracy and speed. However, existing browser-based solutions often struggle to achieve both high accuracy and efficient throughput. In this paper, we present MADONNA, a novel browser-based malicious domain detector that exceeds the current state-of-the-art in both accuracy and throughput. MADONNA utilizes feature selection through correlation analysis and model optimization techniques, including pruning and quantization, to significantly enhance detection speed without compromising accuracy. Our approach employs a Shallow Neural Network (SNN) architecture, outperforming Large Language Models (LLMs) and state-of-the-art methods by improving accuracy by 6% (reaching 0.94) and F1-score by 4% (reaching 0.92). We further integrated MADONNA into a Google Chrome extension, demonstrating its practical application with a real-time domain detection accuracy of 94% and an average inference time of 0.87 s. These results highlight MADONNA’s effectiveness in balancing speed and accuracy, providing a scalable, real-world solution for malicious domain detection.

查看原文本刊更多论文

麦当娜：利用人工智能和特征分析，使用优化神经网络进行基于浏览器的恶意域检测

检测恶意域名是网络安全的一个关键方面，最近的进展利用人工智能（AI）来提高准确性和速度。然而，现有的基于浏览器的解决方案往往难以同时实现高精度和高效吞吐量。在本文中，我们提出了MADONNA，一种新的基于浏览器的恶意域检测器，在准确性和吞吐量方面都超过了当前最先进的技术。MADONNA利用特征选择通过相关分析和模型优化技术，包括修剪和量化，显著提高检测速度，而不影响准确性。我们的方法采用了浅层神经网络（SNN）架构，优于大型语言模型（llm）和最先进的方法，准确率提高了6%（达到0.94），f1得分提高了4%（达到0.92）。我们进一步将MADONNA集成到谷歌Chrome扩展中，以94%的实时域检测精度和0.87 s的平均推理时间展示其实际应用。这些结果突出了MADONNA在平衡速度和准确性方面的有效性，为恶意域检测提供了可扩展的，现实世界的解决方案。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.