A new essay argues that programs can be used to understand bot or spam behavior in email text sent by a machine posing as a human. The software can understand the internal structure of the email itself to identify patterns of spammers and the types of messages they send.  “As machine learning improves, and especially as its grasp of language improves, phishing emails will become a thing of the past,” cybersecurity analyst Eric Florence told Lifewire in an email interview. 

Getting to Know Your Speech

Natural language processing is the technology used to predict what words you want to type next in a text message, Paul Bischoff, privacy advocate with Comparitech, said in an email interview.  “NLP can be used to enhance and simplify breach protection from phishing attempts,” Bartley Richardson, Senior Engineering Manager, NVIDIA Morpheus, wrote in the essay. “In this context, NLP can be leveraged to understand ‘bot’ or ‘spam’ behavior in email text sent by a machine posing as a human, and it can be used to understand the internal structure of the email itself to identify patterns of spammers and the types of messages they send.” Unfortunately, NLP won’t help defend against cyberattacks that take advantage of a flaw in a piece of software, Chase Cotton, a professor of electrical and computer engineering at the University of Delaware, told Lifewire in an email. But attacks directed against humans in the form of spam and phishing can be protected through NLP.  Tara Lemieux, a senior associate at Schellman, a security and privacy compliance company, told Lifewire via email that NLP can even provide insight into the context and origin of a cyber attack. “Much like a fingerprint, it can be used to inform our current forensic analysis, and—with the support of artificial intelligence (AI)—it may help isolate patterns and behaviors to potentially thwart future attacks,” Lemieux added.  While NLP software uses language, other types of cybersecurity software mimic the human brain. For example, Intercept X is one of many products that use deep learning neural networks that operate much like the human mind.  “Intercept X can do in milliseconds what may take much longer for even the most highly skilled of IT professionals—detecting both known and unknown malware without relying on signatures,” Lemieux said. “Over time, we should expect these tools to become more sophisticated in their ability to predict, isolate, and defend our information systems and data.”

No Panacea

But don’t expect NLP to solve the problem of hackers once for all.  “These ML and AI systems will continue to get better,” Cotton said. “But as good as they become, humans can often take advantage of flaws in these systems.” Cybersecurity expert Dave Blakey, in an email interview with Lifewire, pointed out that NLP is relatively slow, so it cannot respond to threats quickly—where millisecond response times are often required. The language method can also easily be bypassed, Blakey explained. As fast as NLP develops to detect bot-written messages, it will also advance the bots’ ability to write those messages, resulting in a stalemate. “One human-written sentence can be used by a spam bot to bypass NLP-based bot detection,” he added.  “NLP is effective at detecting more obvious and common language used by bots, but it’s still no match for humans when it comes to more nuanced language or unfamiliar threats that it hasn’t encountered before,” Bischoff said. “NLP is still, and will continue to be, necessary to handle a significant volume of bot activity that doesn’t require human oversight, though.”