Concise Cyber

Subscribe below for free to get these delivered straight to your inbox

Advertisements
Microsoft and NVIDIA Detail Collaborative Research on GPU-Accelerated Real-Time Malware Detection
Advertisements

Microsoft and NVIDIA Research GPU-Powered Threat Detection

Microsoft and NVIDIA have detailed a collaborative research effort focused on creating a real-time immunity system against cyber threats. The project addressed the challenge of Security Operations Centers (SOCs) being overwhelmed by a high volume of alerts, a condition known as alert fatigue. The research also aimed to counter modern polymorphic and metamorphic malware, which is designed to bypass traditional signature-based and behavioral heuristic security tools.

The joint effort was designed to demonstrate the feasibility of using deep learning on graphics processing units (GPUs) to train and deploy advanced cybersecurity models at scale. The goal was to build a system that could function as a real-time immune system for computer endpoints, learning from and adapting to new threats as they emerge.

A Deep Learning Approach with GPU Acceleration

The research employed a deep learning model, specifically a Recurrent Neural Network (RNN) with Gated Recurrent Units (GRUs). This model was trained to analyze the raw byte sequence of a portable executable (PE) file header to determine if the file was malicious. The training dataset was extensive, consisting of millions of labeled malicious and benign PE file headers sourced from Microsoft’s internal data.

To handle the computational demands of training this complex model, the teams utilized NVIDIA A100 Tensor Core GPUs. The training process was also supported by the NVIDIA cuDNN-accelerated PyTorch deep learning framework. A critical performance requirement for the project was achieving an inference time of just a few milliseconds per file, a speed necessary for practical, real-time endpoint protection.

The completed model demonstrated high accuracy in detecting malware, including the ability to identify previously unseen malicious files. By leveraging the parallel processing capabilities of GPUs, the system successfully met the demanding real-time performance targets, showing that GPU-accelerated deep learning is a viable solution for large-scale cybersecurity defenses.