Hardware acceleration of anti-virus protection is in trend
In April, the RSA Conference was held in San Francisco, which has recently become one of the main global platforms for discussing computer security issues. This year, the main topics of the conference were protection from global threats and the security of the Internet of Things. Proposals from Intel were also added to the common piggy bank - they seemed to us interesting enough to tell about them, even in the absence of further details.
All proposed technologies involve the use of Intel hardware components to speed up or implement computer protection algorithms. The first technology is called Threat Detection Technology (TDT) and consists of two parts:
Accelerated Memory Scanning (AMS) is the technology used by Intel integrated graphics to search for malicious code in memory or storage. Nowadays, CPU resources are used for this, which slows down the operation of a computer and negatively affects energy consumption. The GPU does well with simple signature search and more intelligent heuristic algorithms. The load on the graphics core is generally smaller and more predictable, so checks can be performed more frequently and more intensively.
Intel Advanced Platform Telemetry (IAPT) is a technology for using low-level telemetry data collected by Intel hardware components to detect suspicious activity that may be malicious. Depersonalized and generalized telemetric information is analyzed in specialized cloud services using Deep Learning and then the results are transmitted to the developers of anti-virus software, in order to more effectively deal with malware in general and zero-day threats in particular
')
Finally, the new security umbrella brand Intel Security Essentials was introduced, which will bring together all the security technologies implemented "in hardware" of Intel Core and Xeon processors, such as: safe boot, elements of cryptography and data protection, control of code execution, and so on, still appear.
Accelerated Memory Scanning technology is implemented in Intel iGPU, starting from the 9th generation, so we can use it, starting with Skylake processors. AMS support is already announced in Microsoft Windows Defender Advanced Threat Protection. For other technologies, the forecasts are less specific, but one thing is clear - and this evidence was again emphasized by the RSA Conference: it is useless to fight global threats with local protection measures. Only by overcoming mistrust and disunity, can we make the digital world safer.