Microsoft and Intel to use GPU power to identify cyber threats in memory

New approach to security sparked by Spectre and Meltdown flaws

Microsoft and Intel are planning to use the power of GPUs to monitor security threats in memory as part of their response to the Spectre and Meltdown security flaws.

The feature will be part of Intel's new Threat Detection Technology, which has been designed to make use of security features at a silicon level to detect new security threats.

One such feature is Accelerated Memory Scanning which taps into the processing power of the integrated GPUs found on many Intel chips.

Current scanning tech relies on the main CPU, which comes at a cost to performance, but offloading the rogue code detraction to a graphics processors bypassed this problem. GPU performance will likely take a hit but most people after heaps of graphics power will probably already have a machine with a dedicated graphics card.

Intel claims early testing has seen CPU utilisation drop from 20 to two per cent, which looks to free up a good chunk of CPU performance as well as reduce power consumption.

Microsoft will make use of Accelerated Memory Scanning by integrating it into the Windows Defender Advanced Threat Protection antivirus tool.

Another noteworthy new Intel security feature is Advanced Platform Telemetry, which rather than use security events captured at an operating system level, it taps into elementary at the processor level. Data on unusual processor activity is then subjected to machine learning algorithms which look for unusual patterns in the data that could show the presence of malicious code lurking in memory.

This would be one way to combat the speculative branch execution exploits the Spectre vulnerabilities enable, as the security feature would be able to detect mispredictions the processor makes and feed it into a cloud system which applies the machine learning smarts and works out if a system is having problems or under a hack attack.

Both Microsoft and Cisco will adopt Advanced Platform Telemetry, with the latter putting the tech into the Cisco Tetration platform designed to provide data centre security and protect cloud workloads.

Intel is also launching Security Essentials, which is effectively a re-branding and packaging of its existing hardware-level security features across its Core, Xeon and Atom processors, with tools that ensure secure boot and accelerated cryptography being built into Intel's new slices of silicon.

The chipmaker is clearly looking to make up for any reputation and trust lost to the Meltdown and Spectre flaws detected in its chips. And there's a good chance its next wave of processors will be more secure, which is handy given it won't be fixing a Spectre flaw in some of its older chips.