Microsoft will take advantage of a feature Intel is enabling within the integrated graphics chips of its Core microprocessors, allowing a PC to be scanned for threats without monopolizing the CPU.
Normally, your system’s CPU scans the PC’s memory for malware and other threats, taking up 20 percent or so of the PC’s computing resources. Intel has now developed a feature called Accelerated Memory Scanning, part of what it calls Intel Threat Detection Technology, to use the GPU instead. That will drop CPU consumption to about 2 percent, Intel Platforms Security general manager Rick Echevarria (above) said in an evening briefing at the RSA Conference in San Francisco on Monday.
So far only Microsoft has signed on to use the Threat Detection Technology, Echevarria said. The capability is live now, for 6th-, 7th- and 8th-generation Core chips that live within PCs that use Microsoft’s Windows Defender Advanced Threat Protection. But the technology is also being actively marketed to other anti-malware providers, other executives said. Those Intel executives declined to comment when asked how long it would take to integrate the technology in other solutions.
The other piece of Intel’s Threat Detection Technology is what Intel calls Advanced Platform Telemetry, which combines machine learning with platform telemetry to better understand what threats are meaningful and need to be acted upon. That portion will be integrated within the Cisco Tetration platform for data centers.
What this means to you: Right now, the only security vendor who has signed on to use this capability is Microsoft, which has integrated it within its Windows Defender ATP service for enterprises. But it sounds like a potentially smart move for consumer clients as well, especially for PCs with an integrated graphics core that might be sitting idle. (Let’s hope that Windows recognizes when you’re playing a game, and doesn’t schedule a virus scan.)
Note, too, that Intel believes that Threat Detection Technology could be another factor in persuading you to buy an Intel-based PC rather than one from AMD. Adding Threat Protection to a platform-specific feature like Intel Optane differentiates Intel further from AMD, and that’s not bad at all.
Your PC’s GPU: an untapped resource
Minimizing the CPU resources needed for anti-malware scanning could make security solutions smarter in the future suggested Sridhar Iyengar, a vice president at Intel Labs and director of security and privacy research. In addition to more frequent scanning, antimalware could perform targeted scanning, providing a more sophisticated response when a PDF was loaded, or when a browser was opened.
Though enterprise customers can turn to Intel’s Xeon Phi as an engine for machine learning within servers, it’s only recently that the computing industry has turned to the PC’s GPU to perform the same tasks. Microsoft recently announced Windows ML, an API that taps the PC GPU for machine learning algorithms, as a way to introduce more artificial intelligence into the PC. The Threat Detection Technology is yet another route.
Why use the GPU? “Pattern recognition,” Iyengar replied, noting that the GPU is ideally suited for repetitive, algorithmic tasks like machine vision or virus scanning.
Intel actually has nearly a dozen different technologies that it has developed to secure PCs—many of which fly beneath the radar, even those that it has marketed at consumers, like True Key. Intel’s sought to lock down the PC from the BIOS, to the OS, to the apps and data. Intel’s final announcement was what it called Intel Security Essentials, a way to standardize the security features built into the Atom, Core, and Xeon processors so that developers could build applications that take advantage of these in a consistent way.