EVALUATING AI-BASED TECHNIQUES FOR MALICIOUS DOMAIN DETECTION USING OPEN-SOURCE CYBERSECURITY DATASETS
DOI:
https://doi.org/10.62643/ijerst.2026.v22.n3.3960Keywords:
Malicious Domain Detection, Cybersecurity, Machine Learning, Phishing Detection, XGBoost, SHAP, Explainable AIAbstract
The rapid growth of internet-based services has increased reliance on domain name infrastructure and created new opportunities for phishing, spoofing, and malicious domain activity. This study evaluates artificial intelligence based techniques for malicious domain detection using an opensource phishing URL dataset containing 3,772 balanced samples and 89 engineered features. Logistic Regression, Random Forest, and XGBoost were trained and evaluated using an 80:20 stratified split, cross-validation, and metrics including accuracy, precision, recall, F1-score, and ROC-AUC. XGBoost achieved the strongest overall performance, with 96.29% accuracy, 98.14% phishing recall, and 0.994 ROC-AUC. SHAP analysis showed that reputation and structural URL features, including indexing status, page rank, domain age, and hyperlink patterns, were dominant contributors to model decisions. The findings indicate that ensemble learning combined with explainable AI can support accurate and transparent malicious domain detection.
Downloads
Published
Issue
Section
License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.













