HP & Nvidia introduce Sure Sense anti-malware software

[Burrito]

Another entry in the Artificial Intelligence (AI), Machine Learning (ML), Deep Learning (DL).... blah blah.. next gen AVs.

HP introduces Sure Sense anti-virus software powered by deep learning

Instead of telling the anti-virus software what the common attributes of a malware are, why not have the software learn that itself from terabytes of pre-determined files? HP says its Sure View algorithm can detect even the latest viruses and malware based on a similar technology that Nvidia uses for its Deep Learning Super-Sampling (DLSS) graphics technique.

HP says Sure Sense is different from other market offerings because it uses deep learning to understand what malware looks like and shuts down threats in seconds.

The deep learning engine boils down terabytes of data into a lightweight agent that's installed directly on notebooks to scan for malware with minimal impact on PC resources. HP said Sure Sense is 99 percent effective for catching malware, including malware that was created just yesterday, and requires minimal updates. It also has behavioral detection in the system, meaning that it looks for ransomware behavior and blocks it if it sees something happening with rapid encryption of files. The platform also works offline, according to HP.

I'm glad to see more products of this type entering this domain. While these products have limitations, they can also be really effective at protecting against broad classes of malware, especially zero-days.

"This goes beyond every security technology today because today most primarily block against known malware. This [blocks] both known and unknown malware," said Alex Cho, president of HP's personal systems business, during Reinvent 2019. "It's able to detect never-before-seen malware, and stop 99 percent of them in less than 20 seconds."

HP aims to secure its PC portfolio with Sure Sense malware blocker | ZDNet

HP’s Security Push: Sure Sense & Endpoint Security Controller

 

[AtlBo]

Great article, but a couple of questions:

1. Should HP/Nvidia focus on leasing use of the module like Bitdefender and Avira do with signatures?
2. Should Intel be there investigating the use of Nvidia algorithms? Chip design elements labelled as meltdown/spectre flaws could be named in the future. Curious, is there is a better way to mitigate concerns over meltdown/spectre too? Maybe all concerns present and future could be bundled into a single mitigation somehow, even ahead of the discovery of future ones.

Getting chills about HP with this for some reason. Great and want to know more, but the security companies have been fighting in the security streets for two decades. What does HP know about security? I own 5 HP computers, and maybe they mean well, but... IDK, if this is really good, it kind of reminds me of the an illiterate beggar who finds a billion dollars. Surely someone will ask questions if he attempts to use the money.

Maybe HP and Nvidia should lure Intel into the project and then focus on an internal agreement to make the byproducts of the project available for use for all machines. I only say this, because I feel relatively sure the algorithms will be far better than anything introduced to date. Graphics algorithms are obviously extremely powerful. Anyway, seems to me like bad timing for HP or anyone else to attempt to proprietorize a security breakthrough (if this is one) developed in the corporate realm, especially from a partnership like this one. Find out what's in your idea and make it available...

 

[Local Host]

They late for April Fools.

 

[Burrito]

Great article, but a couple of questions:

1. Should HP/Nvidia focus on leasing use of the module like Bitdefender and Avira do with signatures?
2. Should Intel be there investigating the use of Nvidia algorithms? Chip design elements labelled as meltdown/spectre flaws could be named in the future. Curious, is there is a better way to mitigate concerns over meltdown/spectre too? Maybe all concerns present and future could be bundled into a single mitigation somehow, even ahead of the discovery of future ones.

Getting chills about HP with this for some reason. Great and want to know more, but the security companies have been fighting in the security streets for two decades. What does HP know about security? I own 5 HP computers, and maybe they mean well, but... IDK, if this is really good, it kind of reminds me of the an illiterate beggar who finds a billion dollars. Surely someone will ask questions if he attempts to use the money.

Great questions.

I sense that you also see that the nature of AVs may be actively changing. I think this is correct. Since I started running Cylance and CrowdStrike on different machines... the 'classic AVs' don't really seem the same.

Back in the day, when I played around with Mamatu (Mamutu - Antivirus Software Download for PC), I could see that this behavior-based tech possibly was the future. It was a pain-in-the-ass, but it could stop stuff that no signature-based program could. (For anyone looking in, don't run Mamutu, it's no longer developed)

Some of the next-gen AVs have taken the Mamutu model, put it on steroids, and have produced products that actually work pretty well.

From another article:

​

Sure Sense is a far bigger deal. Deep learning, regardless of where it is implemented, is a game changer. This technology allows a computer to train itself at computer speeds. Before this, the strongest anti-malware products were those that used machine-learning AIs, which allow responses at computer speeds but still require humans to train them. The advantages to deep learning are that the identification of as yet-unknown threats is far sooner, you don’t have to update the product as often (typically a couple times a year), and the effectiveness of the program is far better. ​

​

I’ve seen head-to-head comparisons of this with other products, and there really is no comparison. But, in addition, given that this is an AI inference engine (the heavy lifting is done centrally with training and not on the PC), you can layer this with other security products. The Windows 10 built-in Security Essentials component is actually pretty good, and with both offerings operating, you should have the best coverage possible.​

​

Why HP Has Taken the PC Security Lead

Most of the best AVs are already developing AI/ML/DL, so it's not like they are being totally left behind.

I appreciate your thoughts with HP getting into security. It's an old business axiom that you stay with your core competencies.

With Intel though.... how long did they own McAfee... and how much did they do for it? And the answer is.... not much.

Interestingly, Nvidia is apparently also involved in Deep Instinct. This is the one I'd really like to trial. And I'm working on that..
Deep Instinct: Power of Deep Learning and the Only Anti-Malware Solution That Truly Works

In head-to-head tests, I understand this solution significantly outperforms even newer systems that use machine learning solutions, like Cylance, which itself appears to significantly outperform more traditional AV products.

I'm not convinced that Sure Sense and Deep Instinct are better than Cylance and CrowdStrike... but maybe. I hope so.

And if they are better, I'll be the first in line to get them...

 

[DeepWeb]

They promise great performance and high detection rates.
I predict it's a CPU hog because of some memory leak and detection rates are going to be terrible.

Can't wait to see people flock to the forums asking how they can uninstall HP Sure Sense lol

 

[AtlBo]

@Burrito. First thought I had was Cylance and how will this compare. I haven't used Cylance enough to be able to say, but I kind of suspect that HP will approach this as if their reputation is at stake with AI. Basing this mostly on experience with HP support. The company is super proud of its client software support for Windows. Thinking of this and a partnership with Nvidia, I envisioned a substantial investment in engineering for the concept, so I was actually a little bit concerned about how Cylance might be able to respond.

I think most of the AI in security software is fairly meager at this point. I don't worry about this, since it's not very difficult to cover the bases with simpler and more reliable security practices. It's there and a nice bonus when it's good. With Cylance, it's more, but in a layered security setup, it could still be described as a bonus.

If HP and Nvidia come up with something concrete as in construction grade solid, this partnership should really imo cash in immediately by developing the platform for lease. I would be focusing on making sure the final product fit perfectly into this kind of model. However, if they jump into this and then release their concept before it's the "the real thing", that would be disastrous for them. No way should either of these companies even dream of entering into the security realm, no matter how much money they plan to spend. Nobody will support them if they do, and they will find out what it's like to be on the hook with this massive security burden and also on their own to explain why the software wasn't available to all computer owners from the start. This is the price for a hardware manufacturer planning to enter into the software world.

The reason I mention Intel is that Intel probably has the most to gain from deep exposure to AI security. The greatest benefit it seems to me comes in the form of positive kernel level policy...at SUPER deep levels. Overall, it would be good for us all if it were possible to believe that Intel really gets security. Not to pour on panic with Intel, yet the responses to Meltdown and Spectre point to the fact that Intel was unprepared for the inferno generated by the sudden release of the facts surrounding the vulnerabilities. Always had a high degree of respect for Intel and what they have been able to accomplish, but their response was pure bush league to me. I was shocked personally.

Part of me wonders if the breaking of MD/Spectre news was a response to attempts by Intel to bury the issue. It came across that way to a degree. And so Intel immediately runs to Microsoft? Microsoft created the "apologize with your hand out" formula for threatenting and embezzling computer owners. I believe in the ideal of Intel, but not the company that, during the aftermath of this episode, played the games of Zuckerberg and the rest of net nags, fanboys, and pity or pay clowns.

I support mainstream efforts to secure computing. Primping for attention has nothing to do with this. All three of the companies I mentioned need to get back into hardware and stay there, but, if the concept is good, I think it would be good for their engineers to be on the same page and equally enlightened. Actually, maybe we're really lucky in a way that HP announced the program. Could be the company is unsure of what exactly to do next, idk. Hope they look long enough to see how complicated what they are into REALLY is. HP, what will you do about keyloggers, file readers, information grabbing? What about all those command line options? Who will answer for the choices of your software? Who will decide when it's as developed as it can possibly be? LOL, the answers are in a bigger picture than HP and Nvidia are thinking...pretty sure about that. Personally, I'm wondering what will protect us from Microsoft ...

They promise great performance and high detection rates.
I predict it's a CPU hog because of some memory leak and detection rates are going to be terrible.

Can't wait to see people flock to the forums asking how they can uninstall HP Sure Sense lol

Yoda says...hmmmmm I hope the software contributes. Just think HP needs to be careful...not just entering the arena of computer security. Also, they should consider the heat generated by entering this arena with a proprietary software. Better to enter the engineering research realm with a well earned patent and the well wishes of computer owners and operators for a way to lease the technology...as long as it's good.

 

[Freki123]

After stopping to put telemetry in gpu driver software and creating geforce expericence flaws maybe then think about any other software.

 

[Local Host]

After stopping to put telemetry in gpu driver software and creating geforce expericence flaws maybe then think about any other software.

NVidia did a poor business with the whole GeForce Experience, forcing players to comply not only with the telemetry but to use the Software (with an account) in order to get the latest drivers.