Flexxon bakes AI into SSDs to fight unknown threats

Singapore-based Flexxon has developed what it claims to be the world’s first solid-state drive (SSD) that uses artificial intelligence (AI) to stop malware, including ransomware, in their tracks.

Called X-PHY, the SSD is equipped with an AI co-processor and a special firmware that monitors cyber threats in real-time. This is done through a machine learning algorithm that analyses how the drive reads and writes data, among other low-level storage commands.

Camellia Chan, Flexxon’s founder and CEO, said ransomware typically exhibit certain data access patterns that translate to a set of storage commands. Analysing these commands, she said, alleviates the need to rely on malware signatures and increases the chances of detecting unknown threats, including zero-day attacks.

“We can detect zero-day attacks by looking at data access patterns, with 100% accuracy in detecting malicious activity,” Chan told Computer Weekly, adding that the approach differs from that of security software suppliers which tend to look for zero-day vulnerabilities that can be exploited by hackers.

In the event of an attack, X-PHY will foil any attempt to exfiltrate data and secures the data immediately. With the closest proximity to data, Chan said the SSD, available in M.2-2280 and U.2 form-factors with a PCIe 3.0 x4 interface, is the last line of defence and offers the fastest response against security breaches.

X-PHY also guards against physical theft through the use of sensors that monitor temperature fluctuations and unusual movements of the device. Should a theft occur, X-PHY will alert its owner via email and lock itself to prevent physical tampering. The owner will be able to unlock the SSD via a dynamic authentication process.

Performance wise, Chan said because X-PHY’s algorithm looks at low-level storage commands, it is very efficient in terms of memory consumption, adding that the SSD’s performance is comparable to standard SSDs in the market.

For now, X-PHY is suitable for use in entry-level servers, as well as edge servers that interface with front-end applications. Chan said support for enterprise-grade servers being used in datacentres will come at a later time.

The company is currently in talks with potential customers in a range of industries, including defence, government, medical and other sectors where cyber security threats have been growing.

It also plans to make the technology more accessible to consumers through a wireless mobile storage device that can be used in home environments.

Flexxon maintains a core development team in Singapore, but the talent shortage in the city-state has been a challenge. Chan said the company has been grooming its local tech workforce with support from various government initiatives.

X-PHY was developed under a government innovation programme which provides funding for cyber security solutions that meet Singapore’s national cyber security needs, with the potential for commercial applications.