Splunk Tech Talks
Deep-dives for technical practitioners.

ML in Security: Elevate Your DGA Detection Game

Splunk Employee
Splunk Employee

Threat research shows that a large percentage of organizations experience DNS attacks. Often, adversaries dynamically generate domain names using Domain Generation Algorithms (DGA) to create C2 infrastructure not prone to static analysis disruption.

The DGA Deep Learning pre-trained model, recently developed by the Splunk Machine Learning for Security team, processes complex domain patterns along with custom features capturing characteristics of a domain. The detection, used with a simple “apply” command, identifies DGA domains with 99.37% accuracy.


  • The complexity of DGA threats
  • The motivation for a Deep Learning based detection
  • Differentiation in performance accuracy
  • Deployment of DGA detection in Splunk
Get Updates on the Splunk Community!

Build Scalable Security While Moving to Cloud - Guide From Clayton Homes

 Clayton Homes faced the increased challenge of strengthening their security posture as they went through ...

Mission Control | Explore the latest release of Splunk Mission Control (2.3)

We’re happy to announce the release of Mission Control 2.3 which includes several new and exciting features ...

Cloud Platform | Migrating your Splunk Cloud deployment to Python 3.7

Python 2.7, the last release of Python 2, reached End of Life back on January 1, 2020. As part of our larger ...