An Update on Logo Recognition Technology | Total Security

Web scanners analyze dozens of webpage elements to determine if it is a phishing page, e.g. URL, page structure, and CSS. What many scanners cannot evaluate, however, are images. 

Vade Secure's computer vision technology is trained to view web pages and emails the way people do. It analyzes images to extract relevant features that are used in phishing attacks, such as B. Brand logos, QR codes, and suspicious text content. Computer vision technology is just one component of our anti-phishing technology and an additional layer of protection against sophisticated phishing attacks.

Protect your data from phishing attacks, install Protegent Total Security

 

Building on the growing capabilities of our computer vision technology, we have updated our deep learning-based logo detection technology. A proprietary active learning algorithm has been implemented to ensure labeling costs and the performance of deep learning models are optimized. New brand logos, including Adobe, Citibank, eBay, Dejardins, Instagram, and WeTransfer, are now supported with the VGG-16 and ResNet models. 

Logo Detection now recognizes more than 60 brands including Microsoft, PayPal, Facebook, and eBay. Our logo detection technology can detect small and altered logos, while similar deep learning-based technologies may not be able to identify them because they do not specifically target electronic documents such as e-mails. B. graphic renderings of websites and e-mails were trained. We will continuously improve the technology and support more brands as this practice becomes more and more popular with fraudsters. 

Background Image manipulation, which involves blurring and making tiny color or geometry changes is becoming increasingly popular. Even the smallest change to an image changes the cryptographic hash of the image, confusing filters that rely on signature and statistics-based technologies and can make blacklists bypassed with ease. 

Below is an example of image manipulation: a Microsoft phishing email with a modified logo. To avoid detection, the hacker placed the Microsoft logo on a colored background and thus changed the signature of the image. 

To develop logo recognition technology that can withstand such changes, the Vade Secure research team is using image enhancement and image generation techniques. Below is an example of an image with a generated logo in an unexpected configuration: position, background.

This technology ensures that the deep learning models recognize logos regardless of their position, size, background, and the aforementioned image manipulation techniques. 

Fraudsters are increasingly using images to bypass traditional email filters. The trend now is to send emails that contain only a link to an image, and that image is the graphical representation of the HTML content. To meet the challenge of remote images, Vade Secure developed RIANA (Remote Image Analysis). RIANA uses Optical Character Recognition (OCR) - a computer vision technology - to extract text from images and then applies Natural Language Processing models in English, French, Dutch, German, and other languages ​​to identify suspicious textual content. Below are some recent images that have been blocked by RIANA.

To illustrate the extent of the challenges posed by remote images, we'd like to mention that RIANA banned 500 million remote images in the last 90 days. 

Computer vision provides reinforcement for sophisticated attacks that rely on images to avoid detection. Vade Secure has made significant investments in computer vision technology and will continue to explore additional uses for this technology.