LLM-Based Optimized Adaptive Threat Monitoring Framework for Malicious Domain and Adversarial URL Detection Process

  • Phanindhra Banne
  • Kiran Kumar Chanumolu KL University
  • Muni Nagamani G
  • sri harsha sanda
DOI: https://doi.org/10.19139/soic-2310-5070-3140
Keywords: Cybersecurity, Malicious Domain Detection, Adversarial URL Detection, Federated Threat Intelligence, Reinforcement Learning, Scenarios

Abstract

The malicious domains and adversarially crafted URLs in cyber threats evolve at a very high speed. The detection frameworks need to be robust, adaptive, and scalable in such scenarios. Traditional detection mechanisms are static feature-based approaches that cannot perform well against unseen threats, adversarial manipulations, and long-term attack evolutions. Existing systems lack granular threat attribution, cross-organization intelligence sharing, and adversarial robustness, making them unsuitable for modern cyber defenses. To address these limitations, we introduce an LLM-Based Frequent Monitoring Framework that combines five advanced techniques: Meta-Learned Self-Supervised Domain Generalization (ML-SSDG), Reinforcement Learning-Augmented Adversarial Training (RL-AdvTrain), Hierarchical Multi-Task Threat Classification (HMT-TC), Temporal Memory-Augmented Transformer for Sequential Threat Detection (TMAT-STD), and Federated Privacy-Preserving Threat Intelligence Learning (FPPTIL). ML-SSDG can achieve zero-shot detection for novel attack domains with a reduction of false negatives by 20% and enhancement of zero-shot accuracy by up to 30%. RL-AdvTrain strengthens the model against masked malicious URLs, detecting 40% more adversarial threats. HMT-TC improves threat attribution and increases classification accuracy for attacks by 50%. TMAT-STD allows for identifying emerging domain threats in real-time, while such detection reduces the response time to domain-based malware campaigns by 30%. The last one is FPPTIL, which allows shared cross-organization threat intelligence without sharing the source of private data. The process of global threat detection improves by 30%. Our framework achieves a holistic, real-time, and privacy-preserving cyber defense solution that adequately outperforms traditional approaches in adversarial resilience, threat attribution, and zero-shot detections. Taken together, these improve the cybersecurity posture, reduce false positives, and support proactive mitigation of emerging cyber threats at scale in process.
Published
2026-03-04
How to Cite
Banne, P., Chanumolu, K. K., G, M. N., & sanda, sri harsha. (2026). LLM-Based Optimized Adaptive Threat Monitoring Framework for Malicious Domain and Adversarial URL Detection Process. Statistics, Optimization & Information Computing. https://doi.org/10.19139/soic-2310-5070-3140
Issue
Online First
Section
Research Articles
Authors who publish with this journal agree to the following terms:

    1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
    2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
    3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).