Gmail accounts have become markedly vulnerable to malicious cyber activities. While corporate employees may be at greater risk of phishing scams, your personal inbox can also carry corrupted attachments that, when opened, could compromise your device. In fact, according to a Google blog post, malicious documents represent nearly 60% of the malware targeting Gmail users, and a majority of these differ from day-to-day.
Thus, a focus area for Google has been to block these attachments from reaching your inbox in the first place. The company has been developing its deep learning tech to work in conjunction with existing artificial intelligence (AI) and machine learning (ML) models to strengthen and improve its document detection capabilities.
How Gmail Malware Detection Works
By using Gmail, you essentially agree to the company’s terms of service that allows it to scan and process your attachments. The blog post claims that Google scours through ‘300 billion attachments each week’ to filter out spam, organise your email into categories and most importantly, to prevent malicious documents from reaching your inbox.
Since large volumes of data are involved, embracing technologies like AI and ML – that can analyse and learn faster than humans – becomes crucial. However, with techniques and tactics employed by hackers constantly evolving, existing security tools that leverage these technologies have to step up to keep up.
To this end, Gmail has been relying on deep learning to build a new generation of document scanners. These are designed to work in conjunction with existing AI and ML tools to improve Gmail’s document detection capabilities.
How does it work? The scanner uses a distinct TensorFlow deep-learning model trained with TFX (TensorFlow Extended) and a custom document analyser for each file type. With this, Gmail can interpret documents, identifying common patterns, deobfuscate content, and perform feature extraction.
By combining different scanners that run in parallel with existing detection capabilities, it contributes to the final verdict of Gmail’s decision engine to block malicious documents.
First deployed at the end of 2019, Gmail has recorded a seemingly marginal increase in detection rate – about 10% – using the new deep learning-powered document scanner. However, it has registered a whopping 150% increase in the success rate of detection of what it calls “adversarial, bursty attacks”.
Although promising, it does come with certain limitations as the company is still developing this technology. For one, it only scans Office documents. Also, the company has not addressed whether this deeper scanning method comes at the cost of users’ privacy.
With cyberattacks getting more and more creative, we need to embrace technologies like AI, ML and deep learning to improve our cyber-readiness. What is more, with the rise of email, files and documents have become a popular way by hackers to trick users into installing malware on their devices. In fact, document-based malware can spread by merely viewing the wrong website, with the wrong browser installed on your system.
Although documents have emerged as one of the most common ways of spreading malware across the internet, there are still ways to limit – or even prevent – this from happening.
While we no longer solely depend on humans to keep a check of untoward behaviour online, there is much to be discovered on the potential of technology to thwart such attacks. As expounded here, these technologies enable computers to gain the ability to learn and make predictions based on patterns that emerge from past data. This indicates that AI is capable of reacting to unseen cyber threats faster and in a more effective way.