NPUs and the Future of Endpoint Security

With the news that Intel is in the works to release their first NPU chips in the coming year. I thought it would be interesting to see how this could disrupt how cyber security is handled on the endpoint. For those of you who don’t know, an NPU is a “Neural Processing Chip.” Think of a GPU that is built into the CPU. Obviously, the NPU won’t be nearly as powerful as a full-blown GPU, but it still opens up the possibility to do some really cool things.

In the security realm, protecting endpoint devices is paramount to protecting an organization as a whole. So, how might we use NPUs to help accomplish this? Here’s what I’m thinking: Imagine creating an online anomaly detection model for malicious DNS requests that runs on the endpoint itself, like a user’s laptop. Using an online model would allow us to continuously update our endpoint model from a baseline of, say, 90 days. This would help us deal with data drift and just be fun. As anomalies in DNS are found, they are sent to larger external models elsewhere.

Having more “personalized” models for individual users is a pretty cool approach, as it reduces the large compute resources that traditional anomaly detection uses.

Related Posts