Skip to main content

Research Repository

Advanced Search

MADONNA: browser-based malicious domain detection through optimized neural network with feature analysis.

Senanayake, Janaka; Rajapaksha, Sampath; Yanai, Naoto; Komiya, Chika; Kalutarage, Harsha

Authors

Naoto Yanai

Chika Komiya



Contributors

Norbert Meyer
Editor

Anna Grocholewska-Czuryło
Editor

Abstract

The detection of malicious domains often relies on machine learning (ML), and proposals for browser-based detection of malicious domains with high throughput have been put forward in recent years. However, existing methods suffer from limited accuracy. In this paper, we present MADONNA, a novel browser-based detector for malicious domains that surpasses the current state-of-the-art in both accuracy and throughput. Our technical contributions include optimized feature selection through correlation analysis, and the incorporation of various model optimization techniques like pruning and quantization, to enhance MADONNA's throughput while maintaining accuracy. We conducted extensive experiments and found that our optimized architecture, the Shallow Neural Network (SNN), achieved higher accuracy than standard architectures. Furthermore, we developed and evaluated MADONNA's Google Chrome extension, which outperformed existing methods in terms of accuracy and F1-score by six points (achieving 0.94) and four points (achieving 0.92), respectively, while maintaining a higher throughput improvement of 0.87 s. Our evaluation demonstrates that MADONNA is capable of precisely detecting malicious domains, even in real-world deployments.

Citation

SENANAYAKE, J., RAJAPAKSHA, S., YANAI, N., KOMIYA, C. and KALUTARAGE, H. 2024. MADONNA: browser-based malicious domain detection through optimized neural network with feature analysis. In Meyer, N. and Grocholewska-Czuryło, A. (eds.) Revised selected papers from the proceedings of the 38th International conference on ICT systems security and privacy protection (IFIP SEC 2023), 14-16 June 2023, Poznan, Poland. IFIP advances in information and communication technology, 679. Cham: Springer [online], pages 279-292. Available from: https://doi.org/10.1007/978-3-031-56326-3_20

Presentation Conference Type Conference Paper (published)
Conference Name 38th International conference on ICT systems security and privacy protection (IFIP SEC 2023)
Start Date Jun 14, 2023
End Date Jun 16, 2023
Acceptance Date Apr 15, 2023
Online Publication Date Apr 24, 2024
Publication Date Dec 31, 2024
Deposit Date Apr 26, 2024
Publicly Available Date Apr 25, 2025
Publisher Springer
Peer Reviewed Peer Reviewed
Pages 279-292
Series Title IFIP advances in information and communication technology
Series Number 679
Series ISSN 1868-4238; 1868-422X
Book Title Revised selected papers from the proceedings of the 38th International conference on ICT systems security and privacy protection (IFIP SEC 2023)
ISBN 9783031563256; 9783031563287
DOI https://doi.org/10.1007/978-3-031-56326-3_20
Keywords Malicious domain detection; Cybercrime; Systems security; Machine learning; Browser extensions
Public URL https://rgu-repository.worktribe.com/output/2308235

Files

This file is under embargo until Apr 25, 2025 due to copyright reasons.

Contact publications@rgu.ac.uk to request a copy for personal use.



You might also like



Downloadable Citations