Misplaced Pages

Intel Threat Detection Technology

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.

This is an old revision of this page, as edited by Maslen (talk | contribs) at 04:28, 12 December 2024 (Initial draft.). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Revision as of 04:28, 12 December 2024 by Maslen (talk | contribs) (Initial draft.)(diff) ← Previous revision | Latest revision (diff) | Newer revision → (diff)

Intel Threat Detection Technology (TDT) is a CPU-level technology created by Intel in 2018 for using the CPU to detect threats to a system. TDT consists of multiple components including Accelerated Memory Scanning, which uses the CPU's integrated GPU to scan memory, and Advanced Platform Telemetry, which uses processor-level activity monitoring to detect unusual activity.

Intel TDT is integrated into several 3rd-party anti-malware solutions including Microsoft Defender and others.

Accelerated Memory Scanning

Accelerated Memory Scanning uses the CPU's integrated GPU to scan memory for malicious code, instead of using the CPU directly. This improves system responsiveness during anti-malware scanning and lowers power consumption. Note that this feature is also referred to as "Advanced Memory Scanning".

Advanced Platform Telemetry

Advanced Platform Telemetry collects CPU-level telemetry to detect uncommon activity patterns which might be indicative of malware. The telemetry data is collected from the CPU performance monitoring unit and doesn't require a large signature database to detect malware.

For example, Microsoft Defender is able to use TDT to detect processor usage patterns indicative of ransomware and crypto-jacking with TDT so it can detect them.


References

  1. ^ "Intel, Microsoft to use GPU to scan memory for malware". 16 April 2018.
  2. ^ "Intel® Threat Detection Technology Demo". 21 May 2018.
  3. "Intel Announces Chip-Level Security Initiatives, iGPU-Based Malware Scanning". 17 April 2018.
  4. "Intel's security light bulb moment: Chips to recruit GPUs to scan memory for software nasties". 17 April 2018.
  5. ^ "Microsoft Defender for Endpoint CPU (Intel) based Threat Detection of Ransomware". 7 March 2022.
  6. "Hardware acceleration and Microsoft Defender Antivirus" (PDF).
  7. "A Closer Look at Intel's Hardware-Enabled Threat Detection Push". 11 August 2021.
  8. "Defending against ransomware with Microsoft Defender for Endpoint and Intel TDT: A Case Study". 3 March 2022.
  9. "Intel, Microsoft to use GPU to scan memory for malware". 16 April 2018.
Category: