Photo - Mark Papermaster, Chief Technology Officer and Senior Vice President, AMD
Semiconductor company AMD has pointed to using a marriage between AI (artificial intelligence) and silicon as the future of smart data security strategies.
"Data security is at an inflection point," AMD's chief technology officer and senior vice president, Mark Papermaster, said to Computerworld Malaysia. "As the threats faced by consumers, businesses and countries continue to grow, the need for smart security solutions that incorporate silicon and software becomes even more important."
"Tackling today's security threats means moving far beyond scanning files against a known list of threats. This reactive model has been displaced by real-time analysis, using complex models, behaviour analysis and AI to quickly discern between valid and malicious user activity," said Papermaster, adding that behind these complex models was large scale, high performance computing comprised of CPUs, GPUs and dedicated security silicon.
"Security is an engineering challenge because to do it well the system must look at a number of factors, all of which rely on increasing levels of computation," he said.
"Take the most basic form of security; authentication, and its general concept that the person accessing data is, in fact, authorisdd to do so," said Papermaster.
"Traditionally this process would involve validating a login and password, effectively matching text entry against a database. Now we see biometric authentication using fingerprint readers or facial recognition through web cameras, all of which need orders of magnitude of compute power in order to provide a good user experience," he said.
Challenge of real-time security
"While we see great strides being made in improving authentication, security threats persist even after verifying the use," said Papermaster, adding that he thinks that the number of new security threats being detected on a daily basis is almost impossible, with security vendors such as F-Secure, Trend Micro and Kaspersky Labs providing real-time data on the number of threats being tracked.
"These numbers should not only shock but serve to illustrate that security is a real-time problem; just because the user was authenticated two minutes ago doesn't mean the threat has vanished," he said. "There must be 'real time, always on' security."
"The challenge of providing real time security can only be met with a combination of smart hardware and software," said Papermaster.
"A growing trend in security is the use of AI and behaviour analysis. One way of looking at this is that if traditional virus scanning and firewalling are the hammer and nails behind security, AI and behavior analysis are the surgeon's scalpel: pinpoint accuracy backed up with supreme knowledge and skill," he said.
Papermastet said, "Behaviour analysis is the ability to carefully consider the behaviour of the user and match it to previous activity to produce a confidence rating on whether the user is authentic or not. It can be seen in action through Google's reCAPTHCA, which uses an "advanced risk analysis engine" to validate users."
"Another incarnation of this technology is set to appear in online banking, where the banks can analyse the authenticity of the user even if an attacker has the correct login and password," he said.
"To do this, the system takes into account typing characteristics, mouse movements and other user behaviors to match them against an existing behavior profile," said Papermaster. "This type of technology is absolutely critical if we are to make fine-grained access control a practical reality, where authentication doesn't rely on only a single authentication method to validate the user's session in entirety."
"Behaviour analysis doesn't only take place on the user's computer, this technology is used in network threat detection, too, known more commonly as network behaviour detection," he said.
"The goal is the same, analysing behaviour, but doing it across an entire organisation's network," said Papermaster. "The use of intelligent algorithms to determine whether an attack is taking place and learn from past usage patterns is important, but having the processing power to crunch the data and make effective decisions before an attack can cause significant damage is absolutely critical."
He added that while behaviour analysis and AI were smart ways to tackle the challenges of security, they required significant computation power to effectively protect the user while simultaneously providing a positive user experience.
"We know that users who experience slow or halting security interfaces are apt to avoid or undermine available functionality. Achieving a favorable experience with behavior analysis technologies will place great demands on the backend compute systems that crunch the data and provide actionable answers," said Papermaster.
"The silicon that powers security back-end will be a mix of CPUs, GPUs and dedicated security processors. This combination of hardware will be backed up by a software ecosystem that allows consumers and businesses to seamlessly tap into the silicon's security capabilities and have a good out-of-the-box experience," he said.
Papermaster added that it was "absolutely critical that security software is able to leverage the tremendous growth in general purpose and dedicated compute that is available in modern processors and System-on-Chips."
"Behaviour analysis isn't merely a security tool that runs alongside existing ones, it is a key technique to improve existing tools such as malware detection," he said. "Software security vendors are modifying traditional security apparatus such as anti-virus to make use of these technologies to identify and hunt emerging threats."
Papermaster said that in addition to individual consumers and businesses, smart security was "vital in helping secure the nation's infrastructure. Compute power has long been used by nation states to further their economic development and protect its citizens; protecting intellectual property and a nation's digital borders is a frontier in advanced security research and development."
"As we see security vendors develop ever more complex threat and behaviour analysis models and rely on advances in artificial intelligence research, the onus will be on silicon to power these algorithms, "he said. "Whether it be to run complex behavioural analysis models or implement hardware-enabled sandboxing, memory encryption and physical attack resistance, or power the next innovation of security, the computer processor's silicon will help power the solution."
Sign up for Computerworld eNewsletters.