Detection of malicious PowerShell scripts using machine learning and deep learning

Abstract

Abstract : This thesis addresses the challenge of detecting malicious PowerShell scripts using machine learning and deep learning techniques. We conduct a comprehensive review of the state of the art and identify the limitations of existing methods. Our research focuses on the application of Large Language Models (LLMs), such as BERT, which demonstrate remarkable capabilities in capturing contextual information and semantic dependencies. We experiment with various models, including Bidirectional LSTM (BLSTM), and develop a comprehensive solution that includes an event log consumer, a high-performance API, and a user-friendly web application. Through extensive evaluation, we achieve highly accurate detection results, highlighting the potential of machine learning and deep learning in combating PowerShell-based cyber threats. This thesis contributes valuable insights and practical techniques for researchers and practitioners in the Ąeld