公开(公告)号：US20250141893A1

公开(公告)日：2025-05-01

申请号：US18385591

申请日：2023-10-31

Applicant: Cisco Technology, Inc.

Inventor： Michael Adam Polak ,  Martin Kopp ,  Vojtech Outrata

IPC: H04L9/40 ,  G06N20/00

Abstract: Techniques described herein can perform obfuscation detection on command lines used at computing devices in a network. In response to detecting obfuscation in a command line, the disclosed techniques can output a notification for use in connection with network security analysis. The command line obfuscation detection techniques include pre-processing command line input data and converting command lines into token groups. The token groups are then provided as an input to a natural language processor or other machine learned model, which is trained to identify obfuscation probabilities associated with token groups can corresponding command lines. A notification is generated to trigger further analysis in response to an obfuscation probability exceeding a threshold obfuscation probability.