Artificial intelligence-driven cybersecurity: enhancing malicious domain detection using attention-based deep learning model with optimization algorithms.

Journal: Scientific reports
Published Date: Jul 3, 2025

Abstract

Malicious domains are one of the main resources mandatory for adversaries to run attacks over the Internet. Owing to the significant part of the domain name system (DNS), detailed research has been performed to detect malicious fields according to their unique behaviour, which is considered in dissimilar stages of the DNS life cycle queries and explanations. The DNS has played a crucial role in the evolution of the Internet. Its primary objective is to simplify user experience by converting a website's Internet Protocol (IP) address into a recognizable domain name and vice versa. Identifying these adverse fields is meaningful in contesting increased network attacks. Artificial intelligence (AI) is applied to develop the areas of malicious domain recognition and hindrance by the probability to improve robust, efficient, and scalable malware detection units. AI methods have expressed significant results in malicious domain detection. This manuscript presents an Enhance Malicious Domain Detection Using an Attention-Based Deep Learning Model with Optimization Algorithms (EMDD-ADLMOA) technique. The proposed EMDD-ADLMOA technique relies on improving malicious domain detection in cybersecurity. Initially, the min-max scaling method is utilized in the pre-processing phase to convert input data into an appropriate design. For feature selection (FS), the proposed EMDD-ADLMOA technique utilizes the quantum-inspired firefly algorithm (QIFA) model. Furthermore, the hybrid model of a temporal convolutional network and bi-directional long short-term memory with squeeze-and-excitation Attention (TCN-BiLSTM-SEA) model is employed for the classification process. Finally, the parrot optimization (PO) model optimally fine-tunes the hyperparameter values of the TCN-BiLSTM-SEA model. The performance results of the EMDD-ADLMOA approach are verified under a malicious dataset. The experimental validation of the EMDD-ADLMOA approach portrayed a superior accuracy value of 98.52% over existing techniques.

Authors

  • Fatimah Alhayan
    Department of Information Systems, College of Computer and Information Sciences, Princess Nourah bint Abdulrahman University, P.O.Box 84428, Riyadh 11671, Saudi Arabia. Electronic address: fnalhayan@pnu.edu.sa.
  • Asma Alshuhail
    Department of Information Systems, College of Computer Sciences and Information Technology, King Faisal University, Hofuf, Saudi Arabia.
  • Ahmed Omer Ahmed Ismail
    Department of Information Systems, Applied College at Mahayil, King Khalid University, Abha, Saudi Arabia.
  • Othman Alrusaini
    Department of Engineering and Applied Sciences, Applied College, Umm Al-Qura University, Makkah, Saudi Arabia.
  • Sultan Alahmari
    King Abdul Aziz City for Science and Technology (KACST), Cybersecurity Institute, Riyadh, Kingdom of Saudi Arabia.
  • Abdulsamad Ebrahim Yahya
    Department of Information Technology, College of Computing and Information Technology, Northern Border University, Arar, Saudi Arabia. Abdulsamad.qasem@nbu.edu.sa.
  • Monir Abdullah
    Department of Computer Science and Artificial Intelligence, College of Computing and Information Technology, University of Bisha, Bisha, Saudi Arabia.
  • Samah Al Zanin
    Department of Computer Science, College of Computer Engineering and Sciences, Prince Sattam Bin Abdulaziz University, Kharj, Saudi Arabia.

Keywords

No keywords available for this article.

External Resources

Popular Topics
Recent Journals