Article Per Year (5 Year)
p-Index From 2021 - 2026
0.23
P-Index
This Author published in this journals
All Journal Indonesian Journal of Electrical Engineering and Computer Science
A. Ghaleb, Sanaa A.
Unknown Affiliation

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
Botnet detection: a system for identifying DGA-based botnets using LightGBM Mohamad, Mumtazimah; Abd Hamid, Nazirah; A. Ghaleb, Sanaa A.; Mohd Satar, Siti Dhalila; Safei, Suhailan; Fazamin Wan Hamzah, Wan Mohd Amir; En En, Lim
Indonesian Journal of Electrical Engineering and Computer Science Vol 41, No 2: February 2026
Publisher : Institute of Advanced Engineering and Science

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.11591/ijeecs.v41.i2.pp833-844

Abstract

Botnets present a major challenge to detecting anomalies in domain generation algorithms (DGAs). Botmasters use DGAs to create numerous domain names to communicate with command-and-control servers, complicating the detection process. Traditional blacklisting methods struggle to effectively identify anomalous DGA domain names amid the vast number of randomly generated domains, leading to a greater risk of detection being evaded. The proliferation of DGA-based botnets has created an urgent need for robust detection methods. Various techniques and attributes have been utilised to categorise different DGA families, yet the dynamic nature of DGA domain names renders the current blacklisting algorithms ineffective. Additionally, the dynamic characteristics of DGAs further complicate classification, emphasising the need for machine learning models to improve detection accuracy and enhance cyber defence. This study proposes a robust solution to address the challenges posed by DGA-based botnets by developing an innovative machine learning-based model for domain name classification. The model leverages the light gradient boosting algorithm (LightGBM) and integrates n-gram features to enhance the detection of malicious DGA domains. This approach offers superior accuracy, adaptability, and efficiency in identifying and classifying anomalous domain names, achieving 96% precision when detecting true DGA domains. This system represents a significant advancement in cybersecurity and anomaly detection.
Co-Authors Abd Hamid, Nazirah En En, Lim Fazamin Wan Hamzah, Wan Mohd Amir Mohamad, Mumtazimah Mohd Satar, Siti Dhalila Safei, Suhailan