A recent post on the Google Security Blog details new upgrades to Gmail's spam filters, which Google calls "one of the biggest defense upgrades in recent years." The upgrade comes in the form of a new text classification system called RETVec (Resilient Efficient Text Vectorizer). Google says this helps understand "adversarial text manipulation" - emails filled with special characters, emojis, typos and other junk characters that were previously legible to humans but not easily understood by machines. Previously, spam filled with special characters easily slipped past Gmail's defenses.
If you want to get an idea of what "adversarial text processing" looks like, here's what's in my spam folder:
My personal experience is that in the first half of the year, these emails used to be a big problem, and I would see them in my inbox quite often. However, this RETVec technology upgrade does seem to have made a difference, as I haven't encountered any such emails at all over the past few months.
Emails like this are difficult to sort because any spam filter will likely intercept an email that says "Congratulations! Your winning account balance is $1,000," but that's not what the actual content of the email is. Most of the letters here are "homophones" -- by delving into the endless depths of the Unicode standard, you can find obscure characters that look like they're part of the regular Latin alphabet, but aren't.
For example, the topic "Check_Your_Account" is strangely bold, not because it has a bold style, but because it uses a Unicode glyph like "Math Bold Capital C". It's a mathematical symbol that happens to look like the letter "C" to humans, but spam filtering bots see it accurately as a mathematical symbol and don't understand its English meaning. The closer you look at an email like this, the worse it gets: the "O" character in "CONGRATULATIONS" is replaced by a 0, the underscore letter in "Jackpot" is so weird that it can't even be found in a Unicode search, and a lot of spaces are replaced with periods or underscores. As a result, spam filters surrender when they see these messy emails.
Google says RETVec is here to save us: "RETVec is trained to resist character-level operations, including insertions, deletions, typos, homophones, LEET substitutions, and more. RETVec models are trained on a novel character encoder that efficiently encodes all UTF-8 characters and words. As a result, RETVec requires no lookup tables or fixed vocabularies and runs on more than 100 languages."
Efficiency is very important. Other methods using "fixed vocabulary" or homophone "lookup tables" are very resource intensive at runtime. Just imagine if one or more characters of "congratulations" were replaced by numbers, mathematical symbols, Cyrillic letters, Hebrew or emoticons, then all the possible spellings and misspellings would appear in a list that is almost endless. Google says RETVec has only 200,000 parameters, "not millions," so while Google's spam filtering cloud may be big enough to run anything, it's small enough to even run on a local device. RETVec is open source, and Google hopes it will free the world from this type of homophone attack in different encodings.
RETVec appears to work much like how humans read: it is a machine learning TensorFlow model that uses visual "similarity" to identify the meaning of words, rather than the actual character content of the words. Google's "similarity" demo used the same technology to identify pictures of cats, so turning it into the world's most advanced optical character recognition system sounds feasible.
Clearly, this approach has led to great improvements, with Google stating that "replacing the previous text vectorizer in Gmail's spam classifier with RETVec improved our spam detection rate by 38% over the baseline and reduced false positives by 19.4%. Additionally, using RETVec reduced the model's TPU usage by 83%, making the deployment of RETVec one of the largest defense upgrades in recent years."
Google said it "has been testing RETVec internally for the past year and has rolled it out to your Gmail account."