US 12,323,446 B2
Multi-modal models for detecting malicious emails
Jan Brabec, Prague (CZ); and Radek Starosta, Prague (CZ)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Mar. 28, 2023, as Appl. No. 18/127,501.
Prior Publication US 2024/0333733 A1, Oct. 3, 2024
Int. Cl. H04L 9/40 (2022.01); G06V 10/82 (2022.01)
CPC H04L 63/1425 (2013.01) [G06V 10/82 (2022.01); H04L 63/1416 (2013.01); H04L 63/1441 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method for detecting malicious emails, the method comprising:
receiving an email, wherein the email is associated with a markup payload:
determining, based on the markup payload, text data associated with the email;
determining, using the text data and a first machine learning model, a first representation of the email representing text associated with the email;
rendering the email to generate image data that represents a rendering of the email;
determining, using the image data and a second machine learning model, a second representation of the email that represents at least the rendering of the email; and
determining a prediction for the email based on the first representation and the second representation, wherein the prediction represents whether the email is predicted to be malicious based on the first representation and the second representation.