Intel has announced that it is to bring anti-virus and anti-malware functionality to the GPU, offloading the heavy lifting of analysis to reduce the strain on CPUs.
GPU offload - also known as General Purpose GPU (GPGPU) - where a highly-parallelisable workload is taken from the central processor and moved to the graphics processor's many cores is nothing new, of course. From graphics rendering to video compression, many applications take advantage of GPUs - but Intel's new 'silicon-level security technologies', introduced in the wake of the poorly-handled Spectre and Meltdown silicon-level security vulnerabilities, aim to do the same for anti-virus and -malware engines.
'Current scanning technologies can detect system memory-based cyberattacks, but at the cost of CPU performance,' explains Rick Echevarria in an announcement posted late last night. 'With Accelerated Memory Scanning, the scanning is handled by Intel’s integrated graphics processor, enabling more scanning, while reducing the impact on performance and power consumption. Early benchmarking on Intel test systems show CPU utilization dropped from 20 percent to as little as two percent.'
The idea already has one major backer: Microsoft has confirmed that Windows Defender's Advanced Threat Protection implementation, which targets business users, will be the first to receive Intel's Accelerated Memory Scanning capability. At the same time, Echevarria announced a secondary security technology dubbed Advanced Platform Telemetry, designed to detect threads in data centre settings, which is to be added to Cisco's Tetration platform.
'Today we are also launching Intel Security Essentials, which will ensure a consistent set of critical root-of-trust hardware security capabilities across Intel Core, Intel Xeon, and Intel Atom processors,' Echevarria continues. 'These capabilities are platform integrity technologies for secure boot, hardware protections (for data, keys and other digital assets), accelerated cryptography and trusted execution enclaves to protect applications at runtime. This standard set of capabilities will accelerate trusted computing as customers build solutions rooted in hardware-based protections. Further, these capabilities, directly integrated into Intel silicon, are designed to improve the security posture of computing, lower the cost of deploying security solutions and minimise the impact of security on performance.'
Thus far Intel has not named any anti-virus vendors beyond Microsoft as looking to implement Accelerated Memory Scanning, and neither has the company confirmed whether the technology is able to take advantage of non-Intel graphics hardware for its acceleration - which would include the AMD-provided integrated graphics processors bundled with some of Intel's own processors.
March 25 2020 | 14:00