BT

Intel Starts to Use GPUs for Malware Scanning

| by Sergio De Simone Follow 14 Followers on Apr 20, 2018. Estimated reading time: 1 minute |

Intel has announced its new Thread Detection Technology (TDT), a set of silicon-based capabilities which use the processor GPU to scan memory for malware. This will free the CPU from that task and help mitigate the impact of defending against Spectre and Meltdown.

Currently, Intel TDT has two main capabilities, the Accelerated Memory Scanning and the Advanced Platform Telemetry. Accelerated Memory Scanning is able to scan memory for malware using the GPU and reducing CPU utilization for that task from 20 percent to 2 percent, according to Intel security division vice president Rick Echevarria, who also clarified:

“With Accelerated Memory Scanning, the scanning is handled by Intel’s integrated graphics processor, enabling more scanning, while reducing the impact on performance and power consumption.”

This improvement goes to mitigate the impact of defending systems against the Spectre and Meltdown vulnerabilities. It can also be observed that Accelerated Memory Scanning is concerned with detecting in-memory malware, which cannot be detected by the disk I/O checks performed by antivirus. This again is the realm of Spectre and Meltdown.

The second TDT capability, Advanced Platform Telemetry, is a combination of telemetry and machine learning algorithms aimed to detect advanced threats. Intel says this capability will help reduce false positives and improve performance.

Intel TDT will be available on 6th (Skylake), 7th, and 8th generation Intel processors for third-parties to use them in their security products. Intel also announced the integration of both TDT capabilities into two commercial products. Advanced Memory Scanning will be integrated by Microsoft into its Windows Defender Antivirus, while Cisco will use Intel Advanced Platform Telemetry into the Cisco Tetration platform, aimed at data center and cloud security.

On a related note, Intel has also announced Security Essential, an umbrella name for a set of existing security capabilities built into its processors and chipsets, including the Intel Core, Intel Xeon and Intel Atom processors. Examples of such capabilities are platform integrity for secure boot, hardware protections, accelerated cryptography, and trusted execution enclaves to protect applications at runtime.

Rate this Article

Adoption Stage
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Discuss

Login to InfoQ to interact with what matters most to you.


Recover your password...

Follow

Follow your favorite topics and editors

Quick overview of most important highlights in the industry and on the site.

Like

More signal, less noise

Build your own feed by choosing topics you want to read about and editors you want to hear from.

Notifications

Stay up-to-date

Set up your notifications and don't miss out on content that matters to you

BT