Written byGreg Otto
A Boston company is unveiling a new cybersecurity tool that will dramatically enhance the way analysts comb through threat data, using the world’s first commercially viable processing unit that mimics the way our brains process and distribute information.
Lewis Rhodes Labs unveiled Monday what it is calling a “Cyber Microscope,” which places the first general purpose neuromorphic processor (NPU) on a PCI Express graphics card for use in open source incident detection systems, giving threat analysts the ability to root through signatures 100 times faster than current state-of-the-art systems.
The sizable increase in speed comes from the processor, which works differently than a traditional CPU. Most computers start with a very powerful processor that can run thousands of computations at a time while disseminating bits over a flat memory architecture. Neuromorphic processors work in an opposite way, with a very simple processor that works with extremely complex memory. These artificial neural networks are often used in large-scale research projects, such as the White House’s BRAIN initiative.
What Lewis Rhodes Labs has done is taken this NPU, combined with a programming compiler that translates data into a language the processor can understand, and placed it underneath intrusion detection system software, like Suricata and Snort. Users then can look through vast amounts of threat data, combing through signatures at speeds never before seen and levels that allow them to weed out false positives to determine what’s a threat and what’s merely noise.
“It profoundly changes the size, the weight, the power, the cost of be able to explore data for various threats that exist,” CEO David Follett told FedScoop.
Sandia National Labs has been using the cyber microscopes since last September, when their cyber development team analyzed more than 800 complex PCRE signatures at a 2 Gb/s rate, more than 100 times faster than was currently available on the market.
“The improved speed and accuracy of the cyber microscope should allow us to dramatically reduce the false positive rate in our alert database, and we are collaboratively researching methods to use the temporal nature of the neuromorphic processor to detect novel behavioral variants,” said John Zepper, director of systems mission engineering at Sandia National Laboratories.
The cyber microscope was created out of models used when Lewis Rhodes Labs’ co-founder Dr. Pamela Follett was conducting research on developmental diseases in children. Follett, a pediatric neurologist, physician and neuroscientist, developed a model in rats that was used to determine the causes of cerebral palsy.
“What we did was then write a computer model that simulated how information was processed in the brain,” David Follett told FedScoop. “Then we could injure the model based on what she had learned from the rat model, and how that injury resulted in a change of cognitive function.
They soon both realized their computer model could be applied outside medical research, for everything from cybersecurity to robotics control to image and video processing.
“We sat down with folks at Sandia and said let’s match this to various missions and see what happens,” Follett said.
Lewis Rhodes Labs plans to roll out the initial version of its microscope on programmable processors, on which further iterations are being loaded on application-specific integrated circuits similar to the way hardware is built for Bitcoin mining.
The microscope will cost $20,000, which Follett said is a fraction of the cost compared to the power needed in current state-of-the-art systems to perform the same kind of analysis.
“Instead of having to write these very broad expressions, you can be very, very precise in what you are looking for,” Follett told FedScoop. “The bottom line result is you enrich the data that the analysts are going to have to deal with it. It’s a much more target-rich environment, and that’s where the big impact comes from.”
Contact the reporter on this story via email at firstname.lastname@example.org, or follow him on Twitter at @gregotto. His OTR and PGP info can be found here. Subscribe to the Daily Scoop for stories like this in your inbox every morning by signing up here: fdscp.com/sign-me-on.