New Adobe open source project is using machine learning to detect software attacks.

The project called LotL, (Living off the Land), extracts features of specific commands and then classifies them as either good or bad commands and sets up a set of tags for follow-on detection by a decision tree. Lotl uses supervised learning and an open source dataset of real-world attacks to extract features of specific commands in a way inspired by the process that human experts and analyst might use. The system is currently in use at Adobe and generating several alerts a day. https://www.darkreading.com/threat-intelligence/open-source-project-aims-to-detect-living-off-the-land-attacks