www.sbir.gov
Cybersecurity in HPC environments operates at much larger scales than traditional IT domains and the traditional Machine learning networks are not fast enough to handle large volumes of computations. Neural networks combined with Edge-based hardware-resident next-generation technologies such as neuromorphic processors can monitor and even predict events in high throughput environments and hence provide an up-and-coming solution to cybersecurity in HPC. To that end, we propose to develop a real-time HPC-scale neuromorphic cyber agent called Cyber-NeuroRT. Cyber-NeuroRT will be a real-time neuromorphic processor based monitoring tool to predict and alert cybersecurity threats and warnings using an ensemble of unsupervised and semi-supervised Machine Learning algorithms. Cyber- NeuroRT is a combination of software cum hardware appliance with neuromorphic processor chips and this will be installed at a server level or at distributed node-level for cyber threat detection. It uses Spiking Neural Networks (SNNs) to learn new attack vectors in addition to labeling known attacks and uses an ensemble of semi-supervised and unsupervised algorithms. Cyber-NeuroRT is a combination of hardware cum software appliance with neuromorphic processor chips that can be installed at a system level or at distributed node-level for cyber threat detection. Neuromorphic based processors excel in identifying patterns and intrusion detection with over 100x efficiency as compared to a GPU based system. In addition, neuromorphic systems can learn to adapt to novel attack vectors.
We will use different training techniques like CNN to SNN conversion, direct backpropagation training through surrogate gradient methods
or local unsupervised Spike Timing Dependent Plasticity (STDP) enabled approaches.
Neuromorphic hardware appliance will have the ability to connect up to 64 neuromorphic processors if additional processing power is required. The neuromorphic processor-based system can surpass the traditional intrusion detection tools (IDS). Some of the features of Cyber-NeuroRT shall include: (a) Ability to monitor, predict and provide system wide alerts of impending cybersecurity threats and warnings by collecting and prioritizing data from real time logging tools/ analysis tools including Zeek (Bro) Logs, PerfSonar, ftp logs, user behavior data, or any type of relevant logs, and other types of sensor data including IoT devices, HVAC, power systems, etc. Initially, we will work on Zeek (Bro) log files in Phase 1 and 2; (b) Ability to process the data system-wide at an unprecedented scale enabling adaptive, streaming analysis for monitoring and maintaining large-scale scientific computing integrity; (c) Training SNNs through direct backpropagation training is computationally expensive due to the gradient descent updates through time. So, potentially we could train our models using ORNL’s Summit type super computers and then perform actual detection of threats using neuromorphic processors; and (d) In addition to neuromorphic processors at the server level, we will also provide an option to process larger Machine Learning Models that can be hosted on next-generation neuromorphic systems under development.
and i wasn't when trying to be funny there but i laughed.
