The first spam detection systems based on machine learning algorithms appeared in the 1990s. Since then, AI has been gradually integrated into email security solutions to detect threats such as phishing and malware. The techniques have been refined over time, but email security still requires human intervention.
Artificial intelligence for spam filtering
The anti-spam capabilities of AI are undeniable. It detects threats by analysing emails for phishing schemes, malicious attachments or fraudulent links. It provides spam filtering by scanning message content and identifying common characteristics of unwanted emails. Behavioural analysis is another feature that monitors users’ email interactions to detect suspicious activity that could indicate an account compromise or phishing attempt.
Alinto has been integrating new AI technologies into its solutions since 2019, developing programs based on learning models to improve email security. However, the effectiveness of these programs depends on their ability to operate in real time, which requires constraints on the size and speed of the models used. The challenge is to maintain high performance while ensuring acceptable processing times.
Using human intelligence to improve filtering algorithms
Despite the capabilities of AI, human remains indispensable in the fight against spam: human cognitive skills are currently irreplaceable when it comes to dealing with the false positives and false negatives generated by anti-spam algorithms. Human intelligence is therefore essential for in-depth analysis of new threats and for identifying potential weaknesses in security systems. In this way, humans continuously feed the algorithms with rules and learning models based on newly identified practices. Alinto continuously improves its anti-spam filters.
In fact, the automatic optimisation of anti-spam filters by AI during the collection of errors is not a viable alternative. It would expose the system to cognitive bias or poisoning attacks: the hacker could modify the behaviour of the filter or the model by introducing malicious data, thereby corrupting the system. What’s more, AI alone is not capable of anticipating new techniques developed by hackers.
Moreover, hackers themselves use human intelligence to bypass filters and contaminate systems. It is therefore necessary to counter them with human intelligence. Ultimately, this race between intelligences highlights the need for a close complementarity between man and machine to effectively detect new attacks: AI as a tool to characterise threats – for example, to detect suspicious URLs – and raise alerts more quickly, but leaving it to humans to analyse and decide what tweaks to make to the models.
The stakes are so high, and the relevance of a rule can have such conflicting effects, that the human element retains its rightful place in an expert anti-spam team better known as Spamfight.
When it comes to securing email, the Spamfighter team’s contribution is not real-time filtering. But it is essential in analysing false positives and deciding whether or not to add new rules to the anti-spam software. A filter without AI would be ineffective – as it allows for maximum automation of threat detection – just as AI without human intervention to enrich it would lose its relevance. The solution, therefore, is for AI and humans to work together, each bringing different analytical skills to the table to ensure the best possible email security.
