Home / Companies / Crowdstrike / Blog / Post Details
Content Deep Dive

CharCNNs and PowerShell Scripts: Yet Another Fight Against Malware

Blog post from Crowdstrike

Post Details
Company
Date Published
Author
-
Word Count
3,216
Company Posts That Month
Language
English
Hacker News Points
-
Post removed?
No
Summary

CrowdStrike employs an innovative approach to enhance malware detection in PowerShell scripts by utilizing a character-level convolutional neural network (charCNN) in its Kestrel model. This methodology leverages machine learning to analyze the raw input of scripts, bypassing traditional feature-engineering steps and enabling better detection of malicious content by examining character patterns. The charCNN is lightweight and offers improved interpretability, as its convolutional layers maintain spatial patterns that aid in identifying malware. Initial experiments with different classifiers did not meet expectations, but the charCNN, trained with an augmented alphabet of nearly 5,000 characters, demonstrated promising results, significantly reducing false positives while maintaining a high detection rate of malware. This advancement highlights CrowdStrike's commitment to applying sophisticated ML techniques to cybersecurity challenges, aiming to improve malware detection in scripting environments.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Vector Search 15 178 43 7 +585%
AI Agents 2 2,394 1,321 1 -
Zero Trust 1 1,843 1,331 3 +61333%
Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.