AdamW+: Machine Learning Framework to Detect Domain Generation Algorithms for Malware

Advanced Persistent Threats commonly use Domain Generation Algorithms to evade advanced detection methods to establish communication with their command and control servers. To overcome the DNS protocol legitimacy breach, several Domain Generation Algorithms detection methods have been proposed. To solve the problem of DGA malware detection amicably, Deep Learning based detection schemes attracted researchers' interest recently. However, Deep Learning has already achieved optimal results and the gap is identified as fine-tuning of Deep Learning model hyper-parameters. The proposed solution is focusing on a model specific hyper-parameter known as the gradient optimizer. Gradient Optimisers are broadly categorised into Stochastic Gradient and Adaptive Moment based Gradient. Moment-based Gradient optimizer approaches are identified with suffering from weight decay and leading to poor generalization. Adaptive Moment (Adam) has improved with weight Decay as AdamW. To optimise moment-based gradient optimizers, Adam and AdamW are analyzed deeply. To optimize the functioning of AdamW, we present AdamW+, a novel solution for detecting DGA algorithms through re-implementing and nullifying the weight decay in AdamW. AdamW+ has been successfully implemented and shown promising results compared to Adam and AdamW optimizers in practice. AdamW+ preserved the properties of Adaptive Optimizer Adam while simplifying the weight decay implementation of AdamW. Empirical analysis has proved that AdamW+ has outperformed Adam and AdamW. The experimental result have substantiated that the proposed algorithm achieves the best accuracy result.