Intel Threat Detection uses GPU to Speed Up Antivirus

Intel announced new innovations in antivirus technology that will leverage the parallel processing of GPUs to make antivirus scans faster.

GPUs will also enable AI to enhance the protection offered by antivirus programs. Intel calls their new technology Intel TDT or Threat Detection Technology – a technology that will offload the scanning task to the GPU.

Memory Scanning with GPU

The GPU or the Graphics Processing Unit is the processor responsible for generating every frame you see on your computer screen. It sports a highly parallel architecture, with hundreds of cores, as opposed to 4 or 8 cores in the CPU.

Each core of the GPU is quite underpowered, but together, they do parallel tasks quite efficiently. This technology can be used in scanning the memory.

Intel GPU

Intel calls this part of TDT Accelerated Memory Scanning. It allows the antivirus program to scan the memory (that is, the RAM) using the GPU. It is generally the first part of any antivirus scan.

Any antivirus program first scans for any active threats or threats that are already loaded onto the system memory. This can be done using the GPU, lowering CPU usage from 100% to 20%.

This technology will be available in Windows Defender in the upcoming versions of Windows. Intel processors from 6th generation onwards will be able to perform scans using Accelerated Memory Scanning.

This will allow Windows to perform full scans much faster. At this moment, Windows Defender only performs Quick scans. Automatically.

Real-Time Threat Recognition Using Artificial Intelligence

Present day antivirus programs detect malware by comparing them to a set of virus signatures. The comparison is either done on the PC, or in the cloud.

Some antivirus programs also use heuristic methods that can guess if a piece of computer code is a virus or not.

The heuristic analysis can also be done using artificial intelligence. Bitdefender, for example, is an antivirus vendor that sports AI-powered security programs.

These security programs can now run more efficiently on devices with GPU power.

Intel calls this Advanced Platform Telemetry. It is mostly aimed towards datacenters and cloud computing services.

Intel security

It will use machine learning to analyze the telemetry data of running systems and understand if any system is behaving abnormally.

Intel did not expand on what telemetry data that will be analyzed, but we can expect the machine level instructions in the system that can show if a process is executing any malware or not.

What does it mean for consumers?

For consumers, it means that now the antivirus programs will offer protection at the silicon level. This means they will work much closer to the bare metal and have a much less overhead.

Future processors and antivirus products will provide better protection against lower usage of resources.

Intel, however, still failed to patch all CPUs exhibiting the Spectre and Meltdown vulnerability. But they are redesigning new chips to ensure that such issues do not appear in the future.

It will also be interesting to see how AMD implements this technology once it becomes mainstream.

Leave a Reply