The world-renowned cybersecurity event, RSAC 2023, took place in San Francisco from April 24 to 27 under the theme "Stronger Together". With a focus on security seminars, sandbox innovation contests, security technology keynotes, and more, the conference was a platform for leaders in the industry to come together and share their expertise. Coremail's co-founder and VP of technology, Lin Yanzhong, and chief architect, Chen Yingtang, attended the conference to showcase the power of AI in email security. The conference observed that when it comes to email security, AI can be both a sword and a shield. Coremail is proud to have been a part of this important event, and we remain committed to using innovative solutions like AI to create a safer online world for all.

The RSAC Innovation Sandbox Contest has been held for 18 years and is a leading platform for startup companies to showcase breakthrough technologies with the potential to change the cybersecurity industry. This year's competition was still extremely fierce, and finally, the artificial intelligence application security company, HiddenLayer, won the championship and was named "the most innovative startup company".

It is evident that AI's application in security has also become a hot topic at this conference. At the opening ceremony, RSA CEO Rohit Ghai emphasized the opportunities and challenges that AI brings to network security.

"Every new wave of technology is bigger, faster and more disruptive than ever before, and this is no exception."

Ghai stressed that the AI era has arrived, and security organizations must leverage the power of AI. As AI technology gradually infiltrates into network security products and solutions, we can expect more sparks between security and AI. However, Ghai also mentioned the other side of "Good AI" robots, which is "Bad AI" that uses AI technology to create and exacerbate cybersecurity threats. This is a challenging problem, so cybersecurity professionals need to continuously learn and update their knowledge to respond to emerging security threats and risks of attacks using AI technology.

At the same time, they also need to actively explore how to use AI technology to respond to these threats and make network security more secure and reliable.

It is true that in the attack and defense confrontation, AI technology will be used both by security vendors for defense, and AI software like ChatGPT is also likely to become a hacker's attack weapon, making phishing more difficult to defend against. So what changes will AI bring to the email security industry?

Pan Qingfeng (hereinafter referred to as "Dr.P"), the chief architect of Coremail Mail Security AI Lab, shared his insights on the topic of "the impact of current AI technology on mail security".

1, the impact of current AI technology on email security confrontation

The appearance of ChatGPT and GPT-4 makes everyone marvel at the current deep learning model has been able to reach such a high level.

Dr.P believes that, in fact, ChatGPT accomplishes two tasks, that is, semantic analysis and text generation tasks.

First, if we compare the ChatGPT model to a high-dimensional spatial labyrinth trained from a large amount of data, by reading each character to decide where to go next, we can eventually arrive at a certain location in the labyrinth.

The neighborhood of this location is the most probable answer space, and from this location, the answer is generated one character at a time according to the maximum probability path, which is what we see in the ChatGPT responses.

Therefore, the semantic analysis part of the question is the foundation of Coremail anti-spam algorithm for text classification.

Dr.P believes that natural language processing technology is about to enter the application explosion period, which will mainly form three aspects of application in the mail system industry.

First, on the user level, the mail assistant applies AI to automatically generate replies or automatic drafts, and can even help write simple logic programs, which are calibrated by human beings to improve work efficiency.

Second, on the company business level, AI technology can then read a large number of company documents to generate customer service system, compared with the current mechanical response, the quality of the later answer will rise dramatically.

Third, for spammers, AI technology may be used to produce a large number of spam text, the form of different content but the same connotation, spam sending and receiving volume is likely to rise rapidly.

2, AI is a double-edged sword.

ChatGPT is often used as the development of ransomware and phishing email development, which is an unchangeable fact, but Dr. P emphasized that every technology can be used for offense or defense, and there is no need to worry too much that AI's deep learning technology will lead to the failure of the existing anti-spam identification system.

Dr. P analyzed three reasons: firstly, generating a large amount of spam text requires a much larger amount of computing power than text classification, and it is difficult for ordinary blackmail gangs to provide arithmetic support of this magnitude.

Secondly, considering the readability and logic of the generated text, such text is bound to carry a lot of words with pointers, and the position of lexically similar text in the high-dimensional space is similar, which represents that there won't be too much change in the use of text categorization for anti-spam.

Finally, anti-spam algorithms are not just a matter of text classification, but also assist in judging by a variety of features such as sending history, sending behavior, and sending source.

Blackmail gangs are willing to use AI to generate spam text, so for the defense side, we can also use deep learning technology to dynamically generate spam content, which can be used to give the anti-spam system as a companion.

3, Coremail AI Technology: Past and Present Development

Dr. P also introduces the history of Coremail AI technology development, showing Coremail in different development periods of AI, utilizing AI to improve the anti-spam ability of Coremail mail security.

Coremail has been carrying out research on anti-spam technology since the development of the first mail system in 1999, and with the development of AI technology, it has experienced the "sprouting period of intelligent algorithms (around 2000)", "development period of intelligent algorithms (around 2010)", and has ushered in the "period of large-scale application (2020 to the present)" of mail security application.

At present, Coremail Email Security AI Lab (Email Security AI Lab), based on the huge amount of high-quality data continuously accumulated by the Email Security Big Data Center, realizes the closed loop of intelligent collection of email samples, identification, storage, feedback, self-learning training and improvement of algorithmic model capability, continuously optimizes the central engine and maintains a steady improvement in anti-spam quality.

In the future, Coremail AI LAB will adhere to long-termism, increase the investment in research on cloud computing, artificial intelligence and big data, land the results of practice to Coremail email security series products and services, apply them to actual business scenarios, and promote the overall industrial development of email security.