Vade Secure Expands its AI-Based Email Threat Detection Capabilities
Vade Secure has announced the launch of a new AI-based Computer Vision Engine which has been added to all of its email security products to improve detection of phishing threats
The new Computer Vision Engine is capable of identifying images commonly used in phishing emails such as brand logos, text-based images, and QR codes and detects phishing threats that commonly fool email security solutions.
“Cybercriminals are carrying out increasingly targeted and dynamic phishing attacks, going so far as changing every element of the code in order to evade detection,” said Sebastien Goutal, Chief Science Officer, Vade Secure. “Such attacks often contain thousands, even millions, of unique emails from a code point of view, but to the human eye, the messages appear identical.”
The new Computer Vision Engine analyzes the rendering rather than the code to identify images that have been subtly changed to fool the template and feature matching algorithms used by many anti-phishing solutions. These subtle changes are often sufficient to prevent a brand logo in a phishing email from being matched with the genuine logo.
The Computer Vision Engine has been trained on 66 logos, including logos from the 30 most impersonated brands such as PayPal, Microsoft, Netflix, Facebook, and Bank of America. The solution can also recognize logos of brands such as Office 365.
Many email security solutions can detect malicious URLs so cybercriminals have turned to QR codes to hide their phishing URLs. The new Computer Vision Engine can detect and blacklist QR codes to block this obfuscation technique.
Another commonly used tactic for evading detection by email security solutions is the use of text-based images. The new Computer Vision Engine has been trained to recognize the text in these images and block the threats.
The detection mechanisms are based on the VGG-16 and ResNet CNN object detection deep learning algorithms. “Through the process of Transfer Learning, these algorithms have been optimized specifically to detect common images in email threats using examples from Vade’s 600 million protected mailboxes,” explained Vade Secure. “In addition, Vade has developed a proprietary algorithm that combines predictions from the two algorithms to render a final verdict that is leveraged in its multi-layered analysis for phishing detection.”