Provided herein are methods and systems for improved domain name system (DNS) security. A computing device of a DNS, such as a recursive DNS server, may cache previously processed (e.g., resolved) DNS requests. The DNS cache may be a target for cache poisoning and other cache manipulation attacks. The methods and systems described herein may employ artificial intelligence, machine learning, and/or pattern recognition techniques to provide improved security for the DNS cache.