公开(公告)号：US20250039234A1

公开(公告)日：2025-01-30

申请号：US18397820

申请日：2023-12-27

Applicant: CrowdStrike, Inc.

Inventor： Andrew SOUTHGATE ,  Paul SUMEDREA ,  Vasile-Daniel SAVA

IPC: H04L9/40

Abstract: A system and method of using generative AI to maintain conversations with attacking devices to discover their adversary techniques and tactics. The method includes receiving an initial message originating from an attacking device and directed to a target device. The method includes generating, using one or more classification models, a maliciousness score for the initial message indicating that the initial message is associated with one or more types of malicious activity. The method includes providing, by a processing device, the initial message to a predictive model trained to maintain conversations with attacking devices by predicting responses to malicious messages. The method includes generating, using the predictive model, two or more responses based on the initial message and at least one subsequent message, wherein each response of the two or more responses causes the attacking device to send a respective subsequent message to the predictive model.