Dr Janaka Senanayake j.senanayake1@rgu.ac.uk
Lecturer
MADONNA: browser-based malicious domain detection using optimized neural network by leveraging AI and feature analysis.
Senanayake, Janaka; Rajapaksha, Sampath; Yanai, Naoto; Kalutarage, Harsha; Komiya, Chika
Authors
SAMPATH RAJAPAKSHA R WASALA MUDIYANSELAGE POLWATTE GEDARA s.rajapaksha@rgu.ac.uk
Research Student
Naoto Yanai
Dr Harsha Kalutarage h.kalutarage@rgu.ac.uk
Associate Professor
Chika Komiya
Abstract
Detecting malicious domains is a critical aspect of cybersecurity, with recent advancements leveraging Artificial Intelligence (AI) to enhance accuracy and speed. However, existing browser-based solutions often struggle to achieve both high accuracy and efficient throughput. In this paper, we present MADONNA, a novel browser-based malicious domain detector that exceeds the current state-of-the-art in both accuracy and throughput. MADONNA utilizes feature selection through correlation analysis and model optimization techniques, including pruning and quantization, to significantly enhance detection speed without compromising accuracy. Our approach employs a Shallow Neural Network (SNN) architecture, outperforming Large Language Models (LLMs) and state-of-the-art methods by improving accuracy by 6% (reaching 0.94) and F1-score by 4% (reaching 0.92). We further integrated MADONNA into a Google Chrome extension, demonstrating its practical application with a real-time domain detection accuracy of 94% and an average inference time of 0.87 s. These results highlight MADONNA's effectiveness in balancing speed and accuracy, providing a scalable, real-world solution for malicious domain detection.
Citation
SENANAYAKE, J., RAJAPAKSHA, S., YANAI, N., KALUTARAGE, H. and KOMIYA, C. 2025. MADONNA: browser-based malicious domain detection using optimized neural network by leveraging AI and feature analysis. Computers and security [online], 152, article number 104371. Available from: https://doi.org/10.1016/j.cose.2025.104371
| Journal Article Type | Article |
|---|---|
| Acceptance Date | Feb 8, 2025 |
| Online Publication Date | Feb 17, 2025 |
| Publication Date | May 31, 2025 |
| Deposit Date | Feb 18, 2025 |
| Publicly Available Date | Feb 18, 2025 |
| Journal | Computers and security |
| Print ISSN | 0167-4048 |
| Electronic ISSN | 1872-6208 |
| Publisher | Elsevier |
| Peer Reviewed | Peer Reviewed |
| Volume | 152 |
| Article Number | 104371 |
| DOI | https://doi.org/10.1016/j.cose.2025.104371 |
| Keywords | Malicious domain detection; Artificial intelligence (AI); Feature engineering; Browser extensions; Web browsers |
| Public URL | https://rgu-repository.worktribe.com/output/2708752 |
Files
SENANAYAKE 2025 MADONNA (VOR)
(1.7 Mb)
PDF
Publisher Licence URL
https://creativecommons.org/licenses/by/4.0/
Copyright Statement
© 2025 The Authors. Published by Elsevier Ltd.
You might also like
Android code vulnerabilities early detection using AI-powered ACVED plugin.
(2023)
Presentation / Conference Contribution
Labelled Vulnerability Dataset on Android source code (LVDAndro) to develop AI-based code vulnerability detection models.
(2023)
Presentation / Conference Contribution
AI-powered vulnerability detection for secure source code development.
(2023)
Presentation / Conference Contribution
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2025
Advanced Search