Gmail Catch More Malicious Attachments With the Help of Deep Learning

Gmail Catch More Malicious Attachments With the Help of Deep Learning

Gmail Malware Detection Works - Deep Learning

New Gmail malware detection works with deep learning to find malicious documents form the gmail mail attachments, Today Gmail accounts have become markedly vulnerable to malicious cyber activities. While corporate employees may be at greater risk of phishing scams, your personal inbox can also carry corrupted attachments that, when opened, could compromise your device.

DISTRIBUTING MALWARE BY attaching tainted documents to emails is one of the oldest tricks in the book. It's not just a theoretical risk—real attackers use malicious documents to infect targets all the time. So on top of its anti-spam and anti-phishing efforts, Gmail expanded its malware detection capabilities at the end of last year to include more tailored document monitoring. Good news, it's working.

Thus, a focus area for Google has been to block these attachments from reaching your inbox in the first place. The company has been developing its deep learning tech to work in conjunction with existing artificial intelligence (AI) and machine learning (ML) models to strengthen and improve its document detection capabilities.


How Gmail Malware Detection Works

By using Gmail, you essentially agree to the company’s terms of service that allows it to scan and process your attachments. The blog post claims that Google scours through ‘300 billion attachments each week’ to filter out spam, organised your email into categories and most importantly, to prevent malicious documents from reaching your inbox.


Since large volumes of data are involved, embracing technologies like AI and ML – that can analyse and learn faster than humans – becomes crucial. However, with techniques and tactics employed by hackers constantly evolving, existing security tools that leverage these technologies have to step up to keep up.

To this end, Gmail has been relying on deep learning to build a new generation of document scanners. These are designed to work in conjunction with existing AI and ML tools to improve Gmail’s document detection capabilities.


How does it work? The scanner uses a distinct TensorFlow deep-learning model trained with TFX (TensorFlow Extended) and a custom document analyser for each file type. With this, Gmail can interpret documents, identifying common patterns, deobfuscate content, and perform feature extraction.

Gmail Malware Detection Works - With Deep Learning

By combining different scanners that run in parallel with existing detection capabilities, it contributes to the final verdict of Gmail’s decision engine to block malicious documents.


Assessing Impact

First deployed at the end of 2019, Gmail has recorded a seemingly marginal increase in detection rate – about 10% – using the new deep learning-powered document scanner. However, it has registered a whopping 150% increase in the success rate of detection of what it calls “adversarial, bursty attacks”.

Gmail Mailware Detection Works - Deep Learning

Although promising, it does come with certain limitations as the company is still developing this technology. For one, it only scans Office documents. Also, the company has not addressed whether this deeper scanning method comes at the cost of users’ privacy.


With cyberattacks getting more and more creative, we need to embrace technologies like AI, ML and deep learning to improve our cyber-readiness. What is more, with the rise of email, files and documents have become a popular way by hackers to trick users into installing malware on their devices. In fact, document-based malware can spread by merely viewing the wrong website, with the wrong browser installed on your system.

Although documents have emerged as one of the most common ways of spreading malware across the internet, there are still ways to limit – or even prevent – this from happening.

While we no longer solely depend on humans to keep a check of untoward behavior online, there is much to be discovered on the potential of technology to thwart such attacks. As expounded here, these technologies enable computers to gain the ability to learn and make predictions based on patterns that emerge from past data. This indicates that AI is capable of reacting to unseen cyber threats faster and in a more effective way.



Improving Malicious Document Detection in Gmail with Deep Learning

Follow Us: FacebookInstagramTwitter

Improving Gmail Malicious Document Detection with Deep Learning

Improving Gmail Malicious Document Detection with Deep Learning

Gmail protects your incoming mail against spam, phishing attempts, and malware. Now Gmail Malicious Document Detection works with the Help of Deep Learning. Gmail existing machine learning models are highly effective at doing this, and in conjunction with our other protections, they help block more than 99.9% of threats from reaching Gmail inboxes.


Gmail Malicious Document Detection - Old Scanner

One of gmail key protections is gmail malware scanner that processes more than 300 billion attachments each week to block harmful content. 63% percent of the malicious documents we block differ from day to day. To stay ahead of this constantly evolving threat, we recently added a new generation of document scanners that rely on deep learning to improve our detection capabilities.

Gmail Malicious Document Detection Using New Scanner and Working with Deep Learning


Since the new scanner launched at the end of 2019, google increased gmail daily detection coverage of Office documents that contain malicious scripts by 10%. Gmail technology is especially helpful at detecting adversarial, bursty attacks. In these cases, gmail new scanner has improved gmail detection rate by 150%. Under the hood, gmail new scanner uses a distinct TensorFlow deep-learning model trained with TFX (TensorFlow Extended) and a custom document analyzer for each file type. The document analyzers are responsible for parsing the document, identifying common attack patterns, extracting macros, deobfuscating content, and performing feature extraction.

Strengthening gmail document detection capabilities is one of gmail key focus areas, as malicious documents represent 58% of the malware targeting Gmail users. Gmail are still actively developing this technology, and right now, gmail only use it to scan Office documents.

Gmail new scanner runs in parallel with existing detection capabilities, all of which contribute to the final verdict of gmail decision engine to block a malicious document. Combining different scanners is one of the cornerstones of our defense-in-depth approach to help protect users and ensure our detection system is resilient to adversarial attacks.
Gmail will continue to actively expand the use of artificial intelligence to protect gmail users’ inboxes, and to stay ahead of attacks.


Gmail Malicious Attachments Removal

Follow Us: FacebookInstagramTwitter