Case Study:  Safeguarding Urban Infrastructure: Rekor's Cybersecurity Journey with AI Edgelabs

A leading US Advanced Traffic Controller company Rekor with additional offices in the EU, is leveraging edge computing to transform roadway data into actionable insights for safety, efficiency, and smart city management. Their technology integrates seamlessly into daily life, providing real-time intelligence that aids cities and agencies in making informed decisions. With a strong emphasis on data quality and accessibility, the company is committed to enhancing how people and vehicles navigate through urban environments.

Rekor's Infrastructure Architecture and Cybersecurity Threats

The Rekor’s infrastructure relies on a diverse array of hardware components, from roadside sensors and Edge Processing Units (EPUs) that capture and process high-resolution video and data in real-time, to the advanced servers that support their cloud-based analytics and intelligence platforms. The Architecture allows Rekor to perform non-intrusive, real-time traffic data collection and analysis across multiple lanes and directions, contributing to their innovative traffic management and safety solutions. However, the complexity and interconnectedness of this hardware also increase the attack surface for potential cyber threats. 

Cybersecurity Challenges for Rekor Infrastructure

The primary challenge for Rekor was to implement a cybersecurity solution that not only addresses these varied and sophisticated cyber threats but also aligns with the unique requirements of their hardware infrastructure. 

• Resource Constraints: Devices operated with limited memory and CPU capacity, necessitating a solution that uses no more than 300Mb of memory and 5% CPU usage. 

• Real-time Response: The need for a cybersecurity framework capable of detecting and responding to threats instantaneously, on-premise, without relying on cloud connectivity. 

• Easy deployment: The solution needs to rapidly deploy across thousands of Edge devices, ensuring comprehensive protection without disrupting Rekor's operational efficiency or data integrity.

• Complex Threat Landscape: The solution must address a wide array of sophisticated cyber threats, providing comprehensive protection,  including IPS, IDS, EDR, and NDR.

• Bandwidth constraints: The EPUs are connected via a 5G connection with an average of 256 MB per month of bandwidth that could be allocated to supporting a cybersecurity solution

• Support for Legacy Kernel that Rekor is currently using

Enhancing Rekor Security Against EDR Attacks with AI Edgelabs 

In response to the challenges, Rekor collaborated with AI Edgelabs to secure their operations (thousands of sites) from different types of attacks. As a result, AI EdgeLabs was able to provide the following capabilities:

• Efficient Resource Usage: meeting SLAs and providing an end-to-end solution that uses only about 200-300Mb and 5% CPU, ensuring operational efficiency.

• Autonomous On-Premise Operation: Designed to function autonomously without constant cloud connectivity, guaranteeing uninterrupted protection even in remote or disconnected environments.

• Scalability: AI EdgeLabs was deployed to thousands of EPUs in a matter of hours without the need for any downtime

• Real-time On-Device Threat Detection & Response: All cyber threats are detected and responded to in real-time, providing IPS, IDS, EDR, and NDR

• Bandwidth Consumption: AI Edgelabs consumes around 150-170 Mb of bandwidth per month, sitting well below the available bandwidth cap.

AI Edgelabs offers a comprehensive cybersecurity solution for modern digital landscapes, combining:

• Behavioral Activity Monitoring & Protection with eBPF for system calls and Kubernetes events monitoring,

• Network Traffic Analysis for early threat detection

• Signature Analysis for identifying specific threats on Linux system

This ensures real-time threat detection with advanced machine learning models and efficient data preprocessing to identify and mitigate threats swiftly.

Outcome of AI EdgeLabs integration

• A significant enhancement of Rekor's cybersecurity posture and bringing compliance under NIST, NERC, NIS 2 and DORA.

• Rekor’s Edge devices remained protected against a wide range of cyber threats, like SSH-snake, with minimal resource usage. 

• A robust foundation for safeguarding Rekor's intelligent infrastructure.

• Uninterrupted and secure operation of Rekor's critical services.

Have questions or want to test a solution in your infrastructure? Don't waiste your time and contact us!