TECH NEWS | Intel processors to utilize iGPU for malware scanning, pushing security down to the hardware
Last week during the RSA Conference 2018, Intel announced two new technologies — Threat Detection Technology (TDT) and Security Essentials. These are hardware-based built-in security features across Intel processors for threat detection without compromising system performance.
Intel’s Threat Detection Technology (TDT) offers hardware-level telemetry helping security products detect new classes of threats and exploits. It’s two main capabilities are Accelerated Memory Scanning and Advanced Platform Telemetry.
Accelerated Memory Scanning allows antivirus programs to scan and detect memory-based malware attacks with reduced impact on performance and power consumption with the help of Intel’s integrated GPU.
According to Intel’s early tests, using the new GPU-accelerated scanning technique helps reduce CPU utilization for malware threat scans from 20% to around 2%.
On the other hand, the Intel Advanced Platform Telemetry makes use of cloud-based machine learning and endpoint data collection to effectively identify potential security threats, reducing false positives and minimizing performance impact.
The Intel Thread Detection Technology solution will be available for computers with 6th, 7th, and 8th generation Intel processors, but it is up to third-party antivirus vendors to actually utilize the feature. Microsoft is going to be one of the first companies to make use of Intel’s Threat Detection Technology (TDT) with Windows Defender Advanced Protection Threat (ATP) this month.
The next security solution introduced by Intel is the Security Essentials, a built-in toolkit which has different hardware-based security features for Intel Core, Xeon, and Atom line of processors. Intel Security Essentials offer a chain of trust to protect against a wide range of attacks:
— Hardware Root of Trust – Cryptographic keys protected by hardware;
— Small Trusted Computing Base – Protecting keys, IDs, and data using hardware trusted platform module (TPM);
— Defence in Depth – Hardware and software protection;
— Compartmentalization – Hardware-enforced barriers between software components;
— Direct Anonymous Authentication – Cryptographic schemes to offer anonymous authentication of a device for privacy (especially for IoT devices);
— HW Security escalation – Enabling hardware acceleration of cryptographic calculation, antivirus scanning, and key generation
All of these seems to be a response to the recent Meltdown and Spectre vulnerabilities that has affected virtually almost every last generation processors from every manufacturers down to the hardware level.