Various techniques for providing inline DGA detection with deep networks are disclosed. In some embodiments, a system, process, and/or computer program product for inline DGA detection with deep networks includes receiving a DNS data stream, in which the DNS data stream includes a DNS query and a DNS response for resolution of the DNS query; determining whether the DNS query is associated with a potentially malicious network domain based on the inline DGA detection model; and performing a mitigation action if it is determined that the DNS query is associated with a potentially malicious network domain based on the inline DGA detection model.
展开▼