The Domain Name System (DNS) simplifies Internet navigation by allowing users to refer to machines or services with human-readable domain names rather than machine-readable Internet Protocol (IP) addresses. This feature, along with some more technical features, makes DNS a critical Internet component. At the same time, it has made it a target for cybercriminals to propagate malware and perform illicit activities on compromised websites. This research aims to develop and evaluate an ensemble learning model for predicting malicious domains. The study explores its effectiveness in detecting malicious domains by employing a bootstrapping aggregation (bagging) ensemble machine learning model. After preprocessing and feature engineering of the malicious domain dataset, it was split into training data and testing sets. The model was trained using Python and necessary libraries, its performance was assessed using accuracy evaluation. Comparison between the bagging method and a single decision tree showed that the bagging approach performed better in accuracy (99.91% to 99.78%) and false positive rate (0% to 0.005%). This research found a solution to detecting malicious domains in the network space using a machine learning ensemble technique. It will help provide more safety to the internet space.

Author: Bukola A. Ifedayo-Ojo

Published in: International Conference for Internet Technology and Secured Transactions (ICITST-2024)

• Date of Conference: 4-6 November 2024
• DOI: 10.20533/ICITST.2024.0020
• ISBN: 978-1-913572-76-1
• Conference Location: St Anne’s College, Oxford University, UK