Quantitative Assessment of Blacklist-Based Malicious Domain Filtering for ISP Security: Balancing Protection and Performance

Subiyantoro, Muhti and Setiawan, Mukhammad Andri (2025) Quantitative Assessment of Blacklist-Based Malicious Domain Filtering for ISP Security: Balancing Protection and Performance. Jurnal Ilmiah Teknik Elektro Komputer dan Informatika, 11 (2). pp. 322-345.

[thumbnail of 14-Quantitative Assessment of Blacklist-Based Malicious Domain Filtering for ISP Security - Balancing Protection and Performance.pdf]

Text
14-Quantitative Assessment of Blacklist-Based Malicious Domain Filtering for ISP Security - Balancing Protection and Performance.pdf
Download (2MB)

Official URL: https://journal.uad.ac.id/index.php/JITEKI/article...

Abstract

The growing dependence on internet connectivity has heightened cybersecurity threats through malicious domains that facilitate malware, phishing, and botnet operations. These threats significantly impact individuals and organizations, particularly in Internet Service Provider (ISP) settings. Domain filtering on firewalls is a common defensive strategy, yet its effectiveness remains underestimated in large-scale ISP settings. Previous studies have not focused specifically on security systems commonly employed by ISPs, impeding practical adoption. The research contributions are: (1) developing a cost-effective malicious domain filtering approach specifically designed for ISP environments requiring minimal infrastructure investment, and (2) providing quantitative evidence of how blacklist-based filtering impacts both security effectiveness and network performance. The methodology employs alternating firewall states over four time periods to collect metrics including connection flow, bandwidth utilization, and packet rate. Results demonstrate that malicious domain filtering improves security while causing a 2.49% increase in total connection flow due to retry mechanisms. This process yields a 24.5% reduction in total bytes transferred, 10.5% decrease in packets sent, 22.58% reduction in bandwidth, and 8.81% decrease in packet rate. The study identified 1,919 malicious IP addresses blocked from 1,090 user attempts to access harmful domains. These findings confirm blacklist-based domain filtering strengthens security and enhances bandwidth efficiency by mitigating unwanted traffic. This approach is particularly relevant for ISPs, providing a cost-effective solution that balances cybersecurity with optimized network performance, allowing organizations to protect users while maintaining operational effectiveness.

Item Type:	Artikel Umum
Subjects:	T Technology > TK Electrical engineering. Electronics Nuclear engineering
Divisi / Prodi:	Faculty of Industrial Technology (Fakultas Teknologi Industri) > S1-Electrical Engineering (S1-Teknik Elektro)
Depositing User:	M.Eng. Alfian Ma'arif
Date Deposited:	08 Jul 2025 08:06
Last Modified:	08 Jul 2025 08:06
URI:	http://eprints.uad.ac.id/id/eprint/84791

Actions (login required)

View Item