Evidence-Aware Cross-Domain Cybercrime Detection Using Contribution-Guided Feature Fusion.

Saved in:
Bibliographic Details
Title: Evidence-Aware Cross-Domain Cybercrime Detection Using Contribution-Guided Feature Fusion.
Authors: Adinarayana, R.1 aaditeresa@gmail.com, Krishna, G. Vamsi2 vamsikrishna527@gmail.com
Source: IAENG International Journal of Computer Science. Jun2026, Vol. 53 Issue 6, p2410-2424. 15p.
Subjects: Computer crimes, Phishing, Ensemble learning, Machine learning, Computer network traffic, Data analysis
Abstract: Analyzing heterogeneous digital evidence from different domains, including network traffic, malicious URLs and phishing emails to carry out cybercrime investigations is becoming routine. Most existing machine learning methods are trained on single-domain datasets, or they use static feature fusion strategies that cannot dynamically model the contribution of different evidences. Whereas this paper aims to develop a contribution-guided feature fusion-based evidenceaware cross-domain cybercrime detection framework. Firstly, it extracts domain-specific features from network flows, malicious URLs, and phishing emails. An evidence contribution analysis module quantifies the relative significance of every evidence-source based on ablation evaluations and entropybased credibility estimators. These scores are used to modulate an adaptive feature fusion scheme that highlights useful evidence and down-weights noisy or less relevant sources. We apply ensemble learning models: Random Forest and XGBoost, to classify the fused feature representation. Experiments on three public cybersecurity datasets (190,000 samples) show that the proposed method obtains 94.7% accuracy and 93.9% F1-score which surpasses static feature fusion and single-domain models respectively. Statistical significance testing shows that the improvements are meaningful (p < 0.05). On the other hand, we also notice superior robustness against evidence degradation and better cross-domain generalization of the proposed framework, indicating its potential to create a practical solution for cybercrime detection in real-world scenarios. [ABSTRACT FROM AUTHOR]
Copyright of IAENG International Journal of Computer Science is the property of International Association of Engineers (IAENG) and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
Description
Abstract:Analyzing heterogeneous digital evidence from different domains, including network traffic, malicious URLs and phishing emails to carry out cybercrime investigations is becoming routine. Most existing machine learning methods are trained on single-domain datasets, or they use static feature fusion strategies that cannot dynamically model the contribution of different evidences. Whereas this paper aims to develop a contribution-guided feature fusion-based evidenceaware cross-domain cybercrime detection framework. Firstly, it extracts domain-specific features from network flows, malicious URLs, and phishing emails. An evidence contribution analysis module quantifies the relative significance of every evidence-source based on ablation evaluations and entropybased credibility estimators. These scores are used to modulate an adaptive feature fusion scheme that highlights useful evidence and down-weights noisy or less relevant sources. We apply ensemble learning models: Random Forest and XGBoost, to classify the fused feature representation. Experiments on three public cybersecurity datasets (190,000 samples) show that the proposed method obtains 94.7% accuracy and 93.9% F1-score which surpasses static feature fusion and single-domain models respectively. Statistical significance testing shows that the improvements are meaningful (p < 0.05). On the other hand, we also notice superior robustness against evidence degradation and better cross-domain generalization of the proposed framework, indicating its potential to create a practical solution for cybercrime detection in real-world scenarios. [ABSTRACT FROM AUTHOR]
ISSN:1819656X