This algorithm is a Machine Learning one, using Natural Language Processing (NLP) techniques based on Markov Chains and n-grams. It offers a way to train a theoretical model on command lines datasets considered as clean. Once done it can detect malicious command lines on other datasets.
Source code and additional information may be found here: https://github.com/ANSSI-FR/AnoMark