Home Blog Articles Case Study:  Safeguarding Urban Infrastructure: Rekor's Cybersecurity Journey with AI Edgelabs
Case Study:  Safeguarding Urban Infrastructure: Rekor's Cybersecurity Journey with AI Edgelabs

Case Study:  Safeguarding Urban Infrastructure: Rekor's Cybersecurity Journey with AI Edgelabs

Transforming roadway data into actionable insights for safety
April 30, 2024

A leading US Advanced Traffic Controller company Rekor with additional offices in the EU, is leveraging edge computing to transform roadway data into actionable insights for safety, efficiency, and smart city management. Their technology integrates seamlessly into daily life, providing real-time intelligence that aids cities and agencies in making informed decisions. With a strong emphasis on data quality and accessibility, the company is committed to enhancing how people and vehicles navigate through urban environments.

Rekor's Infrastructure Architecture and Cybersecurity Threats

The Rekor’s infrastructure relies on a diverse array of hardware components, from roadside sensors and Edge Processing Units (EPUs) that capture and process high-resolution video and data in real-time, to the advanced servers that support their cloud-based analytics and intelligence platforms. The Architecture allows Rekor to perform non-intrusive, real-time traffic data collection and analysis across multiple lanes and directions, contributing to their innovative traffic management and safety solutions. However, the complexity and interconnectedness of this hardware also increase the attack surface for potential cyber threats. 

As Rekor scales its infrastructure to meet growing demand, the company faces an increasingly sophisticated array of cyber threats targeting its core operations. These threats include malware, ransomware, endpoint detection and response (EDR) attacks, network-based attacks (such as DDoS, MITM, and brute force attacks), and vulnerabilities exploited through SSH (such as automated SSH-based network traversal attacks like SSH-Snake). 

Cybersecurity Challenges for Rekor Infrastructure

The primary challenge for Rekor was to implement a cybersecurity solution that not only addresses these varied and sophisticated cyber threats but also aligns with the unique requirements of their hardware infrastructure. 

  • Resource Constraints: Devices operated with limited memory and CPU capacity, necessitating a solution that uses no more than 700Mb of memory and 5% CPU usage. 

  • Real-time Response: The need for a cybersecurity framework capable of detecting and responding to threats instantaneously, on-premise, without relying on cloud connectivity. 

  • Easy deployment: The solution needs to rapidly deploy across thousands of Edge devices, ensuring comprehensive protection without disrupting Rekor's operational efficiency or data integrity.

  • Complex Threat Landscape: The solution must address a wide array of sophisticated cyber threats, providing comprehensive protection,  including IPS, IDS, EDR, and NDR.

  • Bandwidth constraints: The EPUs are connected via a 5G connection with an average of 256 MB per month of bandwidth that could be allocated to supporting a cybersecurity solution

  • Support for Legacy Kernel that Rekor is currently using

Enhancing Rekor Security Against EDR Attacks with AI Edgelabs 

In response to the challenges, Rekor collaborated with AI Edgelabs to secure their operations (thousands of sites) from different types of attacks. As a result, AI EdgeLabs was able to provide the following capabilities:

  • Efficient Resource Usage: meeting SLAs and providing an end-to-end solution that uses only up to 700Mb and 5% CPU, ensuring operational efficiency.

  • Autonomous On-Premise Operation: Designed to function autonomously without constant cloud connectivity, guaranteeing uninterrupted protection even in remote or disconnected environments.

  • Scalability: AI EdgeLabs was deployed to thousands of EPUs in a matter of hours without the need for any downtime

  • Real-time On-Device Threat Detection & Response: All cyber threats are detected and responded to in real-time, providing IPS, IDS, EDR, and NDR

  • Bandwidth Consumption: AI Edgelabs consumes around 150-170 Mb of bandwidth per month, sitting well below the available bandwidth cap.

AI Edgelabs offers a comprehensive cybersecurity solution for modern digital landscapes, combining:

  • Behavioral Activity Monitoring & Protection with eBPF for system calls and Kubernetes events monitoring,

  • Network Traffic Analysis for early threat detection

  • Signature Analysis for identifying specific threats on Linux system

This ensures real-time threat detection with advanced machine learning models and efficient data preprocessing to identify and mitigate threats swiftly.

AI Edgelabs' solution is tailored for edge-native environments, providing:
- robust security for Linux servers, Kubernetes, and Docker containers
- real-time threat detection, utilizing custom rules and ML models to monitor and analyze system behavior and network traffic without overburdening system resources.
-  comprehensive coverage, from kernel-level monitoring to container-specific behavior analysis.

Outcome of AI EdgeLabs integration

  • A significant enhancement of Rekor's cybersecurity posture and bringing compliance under NIST, NERC, NIS 2 and DORA.

  • Rekor’s Edge devices remained protected against a wide range of cyber threats, like SSH-snake, with minimal resource usage. 

  • A robust foundation for safeguarding Rekor's intelligent infrastructure.

  • Uninterrupted and secure operation of Rekor's critical services.

Have questions or want to test a solution in your infrastructure? Don't waiste your time and contact us!

AI EdgeLabs 100
Protect your Edge
and IoT environment
Envisioned, developed,
and powered by
Scalarr has been on a mission to be the go-to solution for cybersecurity
since 2016. Its AI-powered solutions are recognized as the most
advanced and accurate for early and effective threat detection,
protection, and remediation.
Contact us
By submitting a form via this website, you consent that your contact can be used for the purpose of contacting you, responding to your query or directing you to the appropriate person within our company.
AI EdgeLabs 101