Research is underway to develop processors which can help to sniff out viruses, providing another line of defence against malware aside from traditional antivirus software.
The project, which is a partnership between researchers at Binghamton University and UC Riverside over in the US, has just received a grant of $275,000 (around £220,000, AU$355,000) and aims to modify the CPU to enable it to scan for anomalies potentially caused by malware.
If the processor picks up anything which it might deem to be suspicious behaviour, it can then alert the security software installed on the PC, which can subsequently investigate the issue more deeply and take action if necessary.
Essentially, it’s using hardware to enhance the effectiveness of security software, and Dmitry Ponomarev, who is a professor in the department of computer science at Binghamton and heads up the project, commented: “The modified microprocessor will have the ability to detect malware as programs execute by analysing the execution statistics over a window of execution.”
The processor will apparently use ‘low complexity’ machine learning to better hone its efforts in terms of attempting to spot malicious activity.
Ponomarev noted: “Since the hardware detector is not 100% accurate, the alarm will trigger the execution of a heavyweight software detector to carefully inspect suspicious programs.
“The software detector will make the final decision. The hardware guides the operation of the software; without the hardware the software will be too slow to work on all programs all the time.”
It’s hoped, then, that the net effect will be to take a load off system resources, as the hardware has a very light footprint in terms of its activity, and the software only has to kick in with a heavier drain when needed.
UC Riverside has recently been in the news regarding security and CPUs, although last month the talk was of a flaw in Haswell processors which allows attackers to bypass ASLR (a memory protection measure that aims to defend against the likes of stack overflow and other memory corruption attacks).
But hopefully the future will be all about what the CPU can do to seriously bolster security and streamline anti-malware processes, not provide exploits which can be leveraged by malicious parties.