Nvidia working on CUDA-based anti-virus

Author: Gareth Halfacree
Published: 7th October 2009
Comments (32) Stumble
Nvidia working on CUDA-based anti-virus

Nvidia's general manager of CUDA has announced the company's intention to produce a GPU-accelerated anti-virus.

Nvidia may have finally found the killer app that will bring the benefits of CUDA - its language for offloading highly parallel tasks on to the graphics processor - to the masses: CUDA-accelerated virus scanning.

As reported over on Fudzilla, the company's general manager of CUDA Sanford Russell has confirmed that his group is working on offloading the grunt work of scanning for viruses on to the GPU - potentially offering a massive speed-up over traditional CPU-based scanners.

Because the act of comparing a known string - some executable code - to a massive database of other known strings - virus code - is highly parallel, the potential performance benefit from a CUDA-based scanner is huge. As well as actually making the scan itself faster, the move would free up the system CPU for other tasks - potentially making the entire system feel more responsive.

With the global market for anti-virus - and anti-spyware and other malware - products being so large, it's would be a huge boon for Nvidia if it was able to convince a couple of the big names to offer CUDA-based offload support, especially if they could slap a nice big "The Way It's Meant To Be Scanned" logo on their product box.

If the company can get enough anti-virus providers offering CUDA-based scanners, Nvidia would finally have a unique selling point with which to attack the business market - traditionally dominated by Intel and its range of unexciting on-board graphics chips. While this would be unlikely to help sell its high-margin products, which remain aimed squarely at gamers and those making DIY supercomputers, it would give it a large sector to which it can sell its lower-end products.

So far Nvidia has yet to announce any partnerships with anti-virus manufacturers.

Does the idea of CUDA-accelerated anti-virus fill you with glee, or are modern multi-core and multi-processor systems already more than capable of handling a task as simple as virus scanning without offloading to the GPU? Share your thoughts over in the forums.
Quote tad2008 7th October 2009, 10:07
Cuda based virus and malware scannning may indeed make the process faster, but there will still be a bottleneck when communicating with the hard drive for accessing data and that has a big knock on effect on performance. I can see this being more benefit to SSD based systems where the read performance will be good enough to minimise the performance impact to other applications.
Quote Dave Lister 7th October 2009, 10:11
Quote:
Originally Posted by tad2008
Cuda based virus and malware scannning may indeed make the process faster, but there will still be a bottleneck when communicating with the hard drive for accessing data and that has a big knock on effect on performance. I can see this being more benefit to SSD based systems where the read performance will be good enough to minimise the performance impact to other applications.

Beat me to it ! exactly my thoughts !
Quote Zurechial 7th October 2009, 10:15
Quote:
Originally Posted by tad2008
Cuda based virus and malware scannning may indeed make the process faster, but there will still be a bottleneck when communicating with the hard drive for accessing data and that has a big knock on effect on performance. I can see this being more benefit to SSD based systems where the read performance will be good enough to minimise the performance impact to other applications.

+1 more.

AV scanning may be highly parallel but I've never done a scan that brought a system to its knees via CPU usage, it's always storage-thrashing that wastes time and causes slowdown for me when scanning for viruses or malware.

Nevertheless, I can't see any downsides to this move so more power to nVidia if they can pull something useful off with it.
Quote RichCreedy 7th October 2009, 10:35
beat me to it as well, i see the biggest problem with av scanning is the the hard drive
Quote alpaca 7th October 2009, 10:37
i assume the rest of the world is not able to implement that idea using openGL or some other fancy OPEN technology...?
not really an ati fanboy, but i don't want to throw my crossfire setup away because nvidea is smart enough to effectively use it's unique selling points, and ATI is not.
Quote Rkiver 7th October 2009, 10:40
Quote:
Originally Posted by tad2008
Cuda based virus and malware scannning may indeed make the process faster, but there will still be a bottleneck when communicating with the hard drive for accessing data and that has a big knock on effect on performance. I can see this being more benefit to SSD based systems where the read performance will be good enough to minimise the performance impact to other applications.

+1 rep for that.
Quote l3v1ck 7th October 2009, 10:41
I agree that SSD's could benefit from this, but HDD's will always be a bottleneck.
Quote hrp8600 7th October 2009, 11:01
but can it play crysis sorry lol
could it make norton less of a pain ?
Quote NikoBellic 7th October 2009, 11:06
I hope to see Anti-Virus developers taking advantage of both of Nvidia & ATI's GPU languages, and by the time that we will be able to get AV Products that take advantage of the GPU, the SSDs will be a more reasonable buy for your systems. So I hope that they start developing them now!.
Quote mi1ez 7th October 2009, 11:07
Quote:
Originally Posted by hrp8600
but can it play crysis sorry lol
could it make norton less of a pain ?

No, you'd need a miracle for that...
Quote proxess 7th October 2009, 11:21
Don't use Norton. It's horrible anyway...

HDDs are the true bottleneck tbh, not the CPU.
Quote Tim S 7th October 2009, 11:33
Quote:
Originally Posted by tad2008
Cuda based virus and malware scannning may indeed make the process faster, but there will still be a bottleneck when communicating with the hard drive for accessing data and that has a big knock on effect on performance. I can see this being more benefit to SSD based systems where the read performance will be good enough to minimise the performance impact to other applications.

I'm CPU limited on my ThinkPad X301 /w 160GB Intel SSD when I virus scan. My laptop starts getting really sluggish and I wonder why... it's because the virus scanner has kicked in and the CPU is at 100 per cent load. 15 minutes later, I'm done. I'd love to see virus scanning sped up, although it wouldn't benefit me if it's CUDA based, since my laptop has Intel integrated graphics.
Quote Bauul 7th October 2009, 11:43
Quote:
Originally Posted by Tim S
I'm CPU limited on my ThinkPad X301 /w 160GB Intel SSD when I virus scan. My laptop starts getting really sluggish and I wonder why... it's because the virus scanner has kicked in and the CPU is at 100 per cent load. 15 minutes later, I'm done. I'd love to see virus scanning sped up, although it wouldn't benefit me if it's CUDA based, since my laptop has Intel integrated graphics.


No-one likes a show off!

j/k. As HDD move more towards SSDs, I can see the storage become less of a bandwidth issue. However, by then CPUs may have increased performance enough to out-strip the SSDs, so we'll be back to square one. It's in nVidia's court now to demonstrate that will actually speed up the process.
Quote Yoy0YO 7th October 2009, 11:51
Nvidia antivirus! Now with physX!
Quote Er-El 7th October 2009, 13:08
Why don't they use OpenCL or Direct Compute and forget about CUDA completely?
Quote azrael- 7th October 2009, 13:21
Is this really new? First time I read about it was a couple of years ago here. Don't know if that effort ever really came to fruition, though.
Quote Cyberpower-UK 7th October 2009, 13:35
I think it would make sense for the AV makers to focus on DX11 compute rather than this as it is GPU agnostic. I'd hate to see how it affects your game when the scheduled weekly scan kicks in.
Quote TWeaK 7th October 2009, 14:43
Quote:
...especially if they could slap a nice big "The Way It's Meant To Be Scanned" logo on their product box.

I lol'd at that. Scary thing is it could actually happen
Quote I-E-D 7th October 2009, 17:41
That would be sick.
Quote TSR2 7th October 2009, 18:22
I just leave my computer on overnight. Simple. Its a pity more AV makers don't take advantage of scanning when the system is idle though.
Quote wuyanxu 7th October 2009, 18:41
they need proper task scheduling first.

currently Folding on GPU will leave your system (with Aero transparency) very laggy. if only Fold with CPU, the system is still very responsive.
Quote biebiep 7th October 2009, 19:37
Good initiative.

People are forgetting that low-end CPU's still exist.
And even a 9600gt card could help those out immensely...
Quote LucusLoC 7th October 2009, 20:32
i don't really know why they still bother with definition based AV scanning on the OS anymore. what you really need is a good HIPs system for AV. something like the the now-bought-by-VMware determina, or my current favorite AV program Blink (by eEye). both of those were/have excellent HIPs based AV.

for those of you who do not know what HIPs is it stands for Host-based Intrusion Prevention. it is memory protection for the entire OS. any writes made to a memory location not requested by that application is prevented. this effectively eliminates buffer overflow attacks (well over 95% of all malware attacks use buffer overflow to execute attack code). why the OS does not do this on its own is beyond me, but until it does i will use HIPs to protect my systems from attack.

what i really, really want to see from the definition based side of AV is a program that will, at a scheduled time:
1. update the definition files to a usb drive
2. restart the computer
3. have a boot loader start up a stand alone scanner
4. scan the HD and fix issues/delete nasties
5. save the scan to a log
6. start the OS
7. carry out any additional required tasks on any nasties found

if you have both of the above, as well as a good universal sandbox program (like my favorite sandboxie) i would feel confidant that you could go *anywhere* on the net without fear. (well, it won't stop fishing attacks. . .)
Quote Madness_3d 7th October 2009, 23:47
What everyone needs to realise is quite how fast GPU based virus scanning can be. You could be browsing the web and your graphics card could be scanning every file on arrival between NIC and RAM before it even gets written as temporary, with no noticable overhead. It will just pull any data / files that match any virus definitons. It has to the potential of being able to stop a virus / string of malicious code ever seeing your system. http://http.developer.nvidia.com/GPUGems3/gpugems3_ch35.html
Quote thehippoz 8th October 2009, 00:06
looks like it's around 40% faster when you use the gpu along with the cpu.. they are looking at it as a system degrade fix and the gpu can't hold all the definitions on card

after ripping with badaboom.. I could see this as a pretty cool thing to dev- not really for gamers or the regular joe, but for business
Quote dec 8th October 2009, 02:38
when is sata 6gbps coming out? that and a SSD will remove that bottleneck
Quote ZERO <ibis> 8th October 2009, 03:23
This would be great the ability to have continuous and comprehensive scanning all the time! It is like instead of having one guard watching millions of files and another running around trying to inspect infinite numbers of stored files you can literally have walls of armies watching your system at all times ensuring that not one peace of bad data can get though!
Quote [USRF]Obiwan 8th October 2009, 08:32
Or you could write a new news item with headline: "Viruses are starting to use CUDA acceleration"

Starting with text: "A new wave of viruses is spreading like a fire, thanks to Nvidia's CUDA parallel GPU processing. The virus uses sophisticated algorithms to hide inside the graphics-card memory. Not only is this new breed of virus hidding but also morphing every millisecond using CUDA. The virus is also ultrafast in spreading and... "
Quote Doomah 8th October 2009, 11:39
Quote:
Originally Posted by [USRF
Obiwan]Or you could write a new news item with headline: "Viruses are starting to use CUDA acceleration"

Starting with text: "A new wave of viruses is spreading like a fire, thanks to Nvidia's CUDA parallel GPU processing. The virus uses sophisticated algorithms to hide inside the graphics-card memory. Not only is this new breed of virus hidding but also morphing every millisecond using CUDA. The virus is also ultrafast in spreading and... "

and then he turned his computer off, clearing all ram and the virus is killed.
Quote gavomatic57 8th October 2009, 16:47
Quote:
Originally Posted by alpaca
i assume the rest of the world is not able to implement that idea using openGL or some other fancy OPEN technology...?
not really an ati fanboy, but i don't want to throw my crossfire setup away because nvidea is smart enough to effectively use it's unique selling points, and ATI is not.

Thing is, things that are done in CUDA can easily be ported to OpenCL...and they probably will be, not letting anti-nvidiaisms get in the way of the fact that Nvidia are just as involved in OpenCL as everyone else...actually moreso
Quote:
Vice president of embedded content at NVIDIA, Neil Trevett also holds the position of chair of the OpenCL working group at Khronos.
Clicky
Quote RichCreedy 8th October 2009, 19:48
Quote:
but until it does i will use HIPs to protect my systems from attack.

why would you use a home information pack to protect your computer ;-)
Quote LucusLoC 8th October 2009, 21:14
[quote]
Or you could write a new news item with headline: "Viruses are starting to use CUDA acceleration"
etc.
[\quote]

this is waht HIP prevents in the first place. viruses cant write to to anything but momry they request. that means that the only type of malware that will work is the explicitly installed type. no more executing remote code without permission through a security hole.

@RichCreedy

Cheaky B****** ;-)
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.