The Cylance OEM engine can run on a wide variety of platforms, architectures and systems. For this post, we locook at devices using the ARM architecture to demonstrate how little power is required to leverage the power of the completely offline, machine learning-based malware detection engine.
You are already familiar with CylancePROTECT®, our next-generation endpoint protection that leverages artificial intelligence and machine learning to detect malware from the past, present and future. No signatures, no heuristics, no sand boxing, no need for cloud look-ups. It’s pure and awesome science. Cool, huh? Wouldn’t it be nice to have all that power scanning your network traffic, emails, backup drives, etc., or even better, wouldn’t it be awesome to have the power of Infinity in the palm of your hand?
There is something amazing about being able to run a full capability Linux operating system on a $35 computer running an ARM processor powered by USB. There is something even more amazing when we can develop and run a completely offline machine learning-based malware detection system that can run on these lower-powered computers with little difficulty.
The OEM engine can run on a wide variety of platforms, architectures and systems. For this post, we look at devices using the ARM architecture to demonstrate how little power is required to leverage the power of the completely offline, machine learning-based malware detection engine.
The Raspberry Pi is the Coke of the single-board computer world. It is the brand most people associate with single-board computers. We would be remiss if we did not demonstrate the OEM engine on this delicious slice of computing.
The Raspberry Pi we used first is a Raspberry Pi Model B. This was one of the first Raspberry Pi devices released, and with just 512 MB of RAM and a single-core 500 MHz processor, it is not exactly a powerhouse of computing. On the other hand, it does have enough power to run the OEM engine.
The Raspberry Pi 2 is a large upgrade from the first few releases of the Raspberry Pi, upgrading to 1 GB of RAM and a quad-core processor clocked at 900 MHz. It is still not the fastest of the single-board computer world, but a significant step up.
The Odroid series of single-board computers can be notably more powerful than the Raspberry Pis. In the case of the Odroid C1, it is comparable to the Raspberry Pi 2, but has a faster processor, with the same price tag. With a 1.5 GHz quad-core processor, it has a noticeable speed boost, and with 1GB of RAM, it is more than capable of running four instances of the OEM engine in parallel.
The Odroid XU4 is a powerful SBC, sporting two quad-core processors, one at 2GHz, and the other at 1.4GHz. It also has 2GB of RAM, making it able to optimally run eight instances of the OEM engine. With its increased processing power, it does require a bit more power than the other devices, with the maximum usage set at 5V 4A compared to the usual 5V 2A. Not a massive increase, but it does make powering the device with USB batteries, which have recently gained popularity, somewhat more complicated.
The Odroid W is comparable to the Raspberry Pi model B to the extent that it will actually run off the same SD card image. Unfortunately, it is discontinued. The main advantage of this device over other single-board computers is that it is far smaller than others. In the image above, a shield is attached which supplies USB ports, an Ethernet port and more. Without the shield this device is small enough to fit as a wearable device on one’s wrist.
The Beaglebone Black, computationally comparable to the Raspberry Pi model B, was also capable of running the OEM engine. With a 1 GHz ARM A8 processor and 512MB of RAM, it is more than capable of running the OEM engine. This device has a feature that sets it apart from most other single-board computers, as it acts as a USB network interface over the same USB connection it is powered by. It also sports some amazing GPIO features, although they are not particularly relevant to use with the OEM engine.
While this is not a single-board computer, the Kindle Fire HD 6 is a battery- powered device that is portable and utilizes an ARM processor. With a quad-core processor with two cores at 1.5GHz and the other two at 1.2GHz, and 1GB of RAM, this device can easily run the OEM engine. The simplest way to run the OEM engine was to create an Ubuntu virtual machine with the Linux Deploy app. The downside to using Android is the significant overhead from the OS and preloaded apps compared to the slimmed down Linux systems. Even with this overhead, at least two instances of the OEM engine can be run optimally.
At our booth at BlackHat 2015, we demonstrated the power of Cylance OEM running on an Odroid XU4 and utilizing an Odroid Show 2 to display results. When a booth visitor plugged a USB drive into the device, the drive would be mounted and scanned using eight instances of the OEM engine. The results were then displayed to the Odroid Show 2. While this was running, the visitor could see the minuscule amount of power required to score these files with high accuracy.
The Cylance Infinity OEM engine being capable of running on such low-powered devices is a testament to the power of next-generation antivirus. The engine can operate in any environment from low-powered and portable, to large scale, processing a nearly unfathomable number of files with amazing accuracy. If you would like to integrate the Cylance Infinity OEM engine into your product/solution/environment, contact firstname.lastname@example.org. The next generation is here, are you ready to embrace it?