Domain Analysis
Enter any domain name to classify it
Quick test:
google.com
mail.yahoo.com
base64 tunnel
long encoded
deep C2
How It Works
Four-step ML classification pipeline
-
1Feature Extraction Domain length, subdomain depth, Shannon entropy, digit count, special chars, longest label.
-
2StandardScaler Normalisation Features scaled to zero-mean, unit-variance before inference.
-
3Random Forest (200 trees) Ensemble votes on Normal vs Malicious with balanced class weights.
-
4Confidence Score Probability of the predicted class expressed as a percentage.
Model Performance
Synthetic training + CTU-13 validation
~99%
Accuracy
200
RF Trees
2K
Synth. Samples
7
Features
Model Visualisations
Feature importance & confusion matrix
Feature Importance — Synthetic
Confusion Matrix — Synthetic
Synthetic vs CTU-13 Comparison
Feature Importance — CTU-13 Real
Confusion Matrix — CTU-13 Real
