0xDEADBEEF 43 Posted April 18, 2018 Share Posted April 18, 2018 Apparently Intel's GPU accelerated memory scan is on all kinds of tech news today... Interestingly, the scanner they demonstrated is also called AMS (accelerated memory scanning) Engine https://www.intel.com/content/www/us/en/security/hardware/threat-detection-technology-demo-video.html Though this is idea is neither exciting nor new, and I don't know what ESET's detection algorithm is, it'd be interesting to see if ESET will adopt this in future products Link to comment Share on other sites More sharing options...
itman 1,758 Posted April 18, 2018 Share Posted April 18, 2018 Problem is it only applies to Intel processors. So if yours is AMD, you're out of luck. Link to comment Share on other sites More sharing options...
0xDEADBEEF 43 Posted April 18, 2018 Author Share Posted April 18, 2018 1 hour ago, itman said: Problem is it only applies to Intel processors. So if yours is AMD, you're out of luck. True. Originally I thought it was for accelerating the realtime memory monitoring, later found out it was not (it can hardly be the case due to the memory coherence issue across CPU and GPU domain). But I think it might be helpful for accelerating yara-like string matching workloads. Interestingly, they only talked about offloading the work, but barely talked about the runtime benefit. Link to comment Share on other sites More sharing options...
ESET Staff J.D. 33 Posted April 18, 2018 ESET Staff Share Posted April 18, 2018 Hi, We had multiple talks with Intel and evaluated this technology. It may be really interesting but for poorly written security software ;-) Our real-time memory scanner has negligible performance impact. Our HIPS is monitoring operations of the processes and only new or changed executables pages are needed to be scanned, which are not created from image on the disk (like exe or dll). In standard applications there are almost no pages that need to be checked (with exclusion of JIT, we have it handled). Additionally their scanner is just a pattern matching. We do much more - deep analysis of file to extract DNA features. Link to comment Share on other sites More sharing options...
Recommended Posts