For this week’s security assessment write up, I decided to talk about arstechnica.com’s article titled “Intel, Microsoft to use GPU to scan memory for malware.” This topic jumped out at me as in past weeks I have talked about attacks that have gone on or advances by hackers that are making detection and threats harder to deal with, but this article describes new and innovative ways the industry is attempting to push back against the threat. The article describes that “certain kinds of malware refrain from writing anything to disk” (Bright, 2018) and causes problems when anti-malware software needs to scan for a threat. To compound the problem, the CPU must use a significant amount of power to do the scanning, upwards of “20 percent” (Bright, 2018) dedicated to scanning the system for malware. This is something you can directly see in your own personal machine as starting any anti-malware scan causes programs to be slow and laggy. To help combat this, Intel has both proposed plans that will utilize the GPU, either integrated or installed, to do the scanning. The article states that the GPU is usually “only light loaded” (Bright, 2018) and could easily take on the hard work of doing the scanning.
When I ran through this article I thought this to be a rather ingenious way to deal with the problem as during most operations on a computer, outside watching a movie or playing a computer game, the GPU is not necessarily being taxed. These cards also carry some serious power in them in most cases and can do the work with ease. While I do think that this is an interesting idea to help solve a problem of scan time and cost, I wonder how this will affect the already hard-hit market of GPUs. With the rise of cryptocurrency mining, GPUs have been a hot commodity that have seen their prices sky rocket in the past year. If features for security are pushed to the GPU, you could see the demand for them increase and cause the prices to go up higher than they are right now. While this might be a possibility, I think this might be a necessary evil to bare.
This article also talks about Microsoft’s changes to the Windows Defender program that is bundled with it’s Windows products. To help the Defender program protect your computer, Microsoft is starting to utilize “cloud-based machine learning with endpoint data collection” (SOURCE) to help spot anomalous usage on a machine to get in front of affected machines. I found this bit of information to be incredibly fascinating as it’s attempting to watch for when a machine is infected, instead of just trying to stop from getting infected. I think with both approaches combined in one solution, the amount of attacks and infections will start to decrease.
My overall take away this week was one of hope. There are companies out there who are leading the fight against these agents of chaos and are coming up with new and innovative ways to fight them. While the news may be filled with articles on successful attacks and damages to systems, we should take the occasional time out to look at those who are trying to save us.
Sources Cited:
Bright, P. (2018, April 17). Intel, Microsoft to use GPU to scan memory for malware. Retrieved April 18, 2018, from https://arstechnica.com/gadgets/2018/04/intel-microsoft-to-use-gpu-to-scan-memory-for-malware/
No comments:
Post a Comment