By Mark Papermaster
Data security is at an inflection point. As the threats faced by consumers, businesses and countries continue to grow, the need for smart security solutions that incorporate silicon and software becomes even more important.
Tackling today?s security threats means moving far beyond scanning files against a known list of threats. This reactive model has been displaced by real-time analysis, using complex models, behavior analysis and artificial intelligence (AI) to quickly discern between valid and malicious user activity. And behind these complex models is large scale, high performance computing comprised of CPUs, GPUs and dedicated security silicon.
Security is an engineering challenge because to do it well the system must look at a number of factors, all of which rely on increasing levels of computation. Take the most basic form of security; authentication, and its general concept that the person accessing data is, in fact, authorized to do so.
Traditionally this process would involve validating a login and password, effectively matching text entry against a database. Now we see biometric authentication using fingerprint readers or facial recognition through Web cameras, all of which need orders of magnitude of compute power in order to provide a good user experience.
Authentication is an effective facet of security, and while we see great strides being made in improving it, security threats persist after verifying the user. The number of new security threats being detected on a daily basis is almost incomprehensible, with security vendors such as F-Secure, Trend Micro and Kaspersky Labs providing real-time data on the number of threats it is tracking.
These numbers should not only shock but serve to illustrate that security is a real-time problem; just because the user was authenticated two minutes ago doesn?t mean the threat has vanished. There must be ?real time, always on? security.
The challenge of providing real time security can only be met with a combination of smart hardware and software. A growing trend in security is the use of AI and behavior analysis. One way of looking at this is that if traditional virus scanning and firewalling are the hammer and nails behind security, AI and behavior analysis are the surgeon?s scalpel: pinpoint accuracy backed up with supreme knowledge and skill.
Behavior analysis is the ability to carefully consider the behavior of the user and match it to previous activity to produce a confidence rating on whether the user is authentic or not. You may have already seen this in action through Google?s reCAPTHCA, which uses an ?advanced risk analysis engine? to validate users.
Another incarnation of this technology is set to appear in online banking, where the banks can analyze the authenticity of the user even if an attacker has the correct login and password. To do this, the system takes into account typing characteristics, mouse movements and other user behaviors to match them against an existing behavior profile.
This type of technology is absolutely critical if we are to make fine-grained access control a practical reality, where authentication doesn?t rely on only a single authentication method to validate the user?s session in entirety.
Behavior analysis doesn?t only take place on the user?s computer, this technology is used in network threat detection, too, known more commonly as network behavior detection. The goal is the same, analyzing behavior, but doing it across an entire organization?s network.
The use of intelligent algorithms to determine whether an attack is taking place and learn from past usage patterns is important, but having the processing power to crunch the data and make effective decisions before an attack can cause significant damage is absolutely critical.
So while behavior analysis and AI are smart ways to tackle the challenges of security, they require significant computation power to effectively protect the user while simultaneously providing a positive user experience.
We know that users who experience slow or halting security interfaces are apt to avoid or undermine available functionality. Achieving a favorable experience with behavior analysis technologies will place great demands on the backend compute systems that crunch the data and provide actionable answers.
The silicon that powers security back-end will be a mix of CPUs, GPUs and dedicated security processors. This combination of hardware will be backed up by a software ecosystem that allows consumers and businesses to seamlessly tap into the silicon?s security capabilities and have a good out-of-the-box experience. It is absolutely critical that security software is able to leverage the tremendous growth in general purpose and dedicated compute that is available in modern processors and System-on-Chips.
Rob Enderle, principle analyst at the Enderle Group, has also talked about the need for behavioral analysis in security, citing it as an important defense against the tremendous growth in vulnerabilities being discovered daily.
He said, “We are seeing millions of security threats every day that attack consumers, enterprises and national infrastructure, and history shows us this number will continue to rise sharply. One of the cornerstones of a comprehensive defense in depth for this massive exposure is to utilize complex algorithms and AI that leverage compute in the datacenter to provide an intelligent adaptive solution to this massive and rapidly growing security exposure.”
Behavior analysis isn?t merely a security tool that runs alongside existing ones, it is a key technique to improve existing tools such as malware detection. Software security vendors are modifying traditional security apparatus such as anti-virus to make use of these technologies to identify and hunt emerging threats.
In addition to individual consumers and businesses, smart security is vital in helping secure the nation?s infrastructure. Compute power has long been used by nation states to further their economic development and protect its citizens; protecting intellectual property and a nation?s digital borders is a frontier in advanced security research and development.
As we see security vendors develop ever more complex threat and behavior analysis models and rely on advances in artificial intelligence research, the onus will be on silicon to power these algorithms.
Whether it be to run complex behavioral analysis models or implement hardware-enabled sandboxing, memory encryption and physical attack resistance, or power the next innovation of security, the computer processor?s silicon will help power the solution.
The author is the chief technology officer and senior vice president of AMD