Sentinel Shield DNS Filtering Reinvented with Threat Intelligence and AI/ML

Sentinel Shield DNS Filtering Reinvented with Threat Intelligence and AI/ML

연구 분야: Safety

학회: 2025 International Conference on Multi-Agent Systems for Collaborative Intelligence (ICMSCI)

Traditional solutions of firewalls usually fail to keep pace with the emerging threats. For this purpose, it offers a new solution that integrates ML with a firewall system to dynamically identify malicious domain requests, such as a dataset consisting of 50 features and 100,000 records, which used authentic logs enriched with Open Source Intelligence carefully analyzed. Supervised algorithms were used, which resulted in very high accuracy levels of 90% to 98%, with very fast classification times ranging from 0.01 to 2.38 seconds. This research not only provides a valuable public dataset but also a methodology that can be exploited by researchers. Practically, the study provides the foundation for an in-band firewall that can proactively identify malicious domains in real time, thus enhancing organizational cybersecurity postures. Further optimization of the performance of the firewall can be made using ensemble learning techniques such as Random Forests and Gradient Boosting. Both these ensemble techniques use several models to improve predictive accuracy for complicated datasets and add robustness in general. Additionally, online learning algorithms should also be used. These are techniques used when new data are being presented one by one so that the model learns and adjusts from time to time, responding dynamically to evolving threats. Further performance improvements can be achieved by fine-tuning the hyperparameters of the chosen algorithms and experimenting with feature engineering. Updating the models with new data and monitoring their performance regularly is essential to keep them effective against changing threats. This paper opens up the transformative potential of ML-enhanced firewalls in modern cybersecurity frameworks and sets the stage for future developments in this critical domain.