GTC Nvidia teased several updates to its Morpheus AI security framework at GTC this week, and also announced it would make the application framework generally available in April.
In addition to releasing a pre-built version of Morpheus, Nvidia will also publish the framework’s full source code on GitHub to allow developers to modify Morpheus and build security applications on top of the software.
Since the chip design emitted Morpheus via an early-access program nine months ago, almost 700 developers and security vendors including Cisco, F5, Lacework, and Splunk have built threat detection and log-ingestion applications using Nvidia’s framework, said Bartley Richardson, senior AI infrastructure manager at Nvidia, during a security session on Tuesday.
And since it’s been a while since we last heard about Morpheus, Richardson also provided a quick refresher on the application framework that Nvidia first started talking about last year. It’s “an AI cybersecurity framework designed to make inference across your security data feeds easier, faster and more robust,” he said.
Specifically, Morpheus lets security developers create AI pipelines that address specific use cases — such as fraud and phishing detection or leaked sensitive information — by filtering and processing large volumes of data from logs and other network telemetry sources including Nvidia BlueField DPUs. It’s built on top of the open-source RAPIDS software libraries, deep-learning frameworks, and Nvidia’s Triton inference server.
“A lot has changed in Morpheus since our last update,” Richardson said. And these changes will be available when Morpheus moves from early access to general availability next month.
Developer experience
Some of these changes have to do with making it easier for developers to take advantage of GPUs for cybersecurity applications. To this end, the update will allow programmers to create pipelines from reusable stages in either C++ or Python. It also adds support for multi-GPU execution without requiring the developer to write new code, which allows apps built on Morpheus to scale and process larger amounts of data.
Plus, Nvidia refined the API to allow for more customization and flexibility.
“We know that performance is important when you’re analyzing traffic at bandwidth,” Richardson said. “So Morpheus now includes additional pipeline monitoring and inspection tools that let you capture fine-grained performance metrics to verify your pipelines are all running smoothly.”
Morpheus also got its own performance boost with faster speeds during the pre-processing of data and the inference stages.
“During inference we often want to classify items into buckets. Those may be binary or multiclass classifications, and we’ve improved both the binary classification for NLP workflows and the binary classification for FIL workflows, the former by over 20 times and the ladder by nearly 12 times,” Richardson said.
The new Morpheus release can also extract raw anomaly scores from a model 200 times faster than the earlier version, he noted. “This lets you get a confidence score probability or anomaly score out of your model substantially faster,” Richardson explained. “And that lets you take action even sooner.”
Pre-built fraud detection
In another new feature: a pre-built fraud detection use-case will detect fraud out of the box using graph neural networks to more accurately scan more transactions and how these transactions interact with each other.
“First, node aggregation allows us to see how fraudulent nodes’ transactions tend to connect abnormally with other fraudulent nodes,” Richardson said. “Second, malicious transactions are often linked to coordinated attacks. By observing these patterns, it becomes difficult for fraudsters to hide their behavior across the entire graph. There’s nowhere to hide.”
In addition to crimes like credit card fraud, which Richardson said is projected to cost the card industry $400bn-plus in fraud losses over the next decade, identity theft due to fraud is also a growing threat to both businesses and consumers.
“There were over one million reports of it in 2020, a 1,663 percent increase from just two years ago,” he noted. “Current methodologies are just too slow, rely on predetermined expert curated features and require a substantial amount of labeled data to be effective. Next-generation fraud detection addresses all of these shortcomings.” ®