According to the company, when malicious code resides on the hard drive it can be obfuscated or simply encrypted. Theoretically, when it ends up in memory it becomes easier to detect.More details at BetaNews.
The process of scanning memory for signs of malware is maintained by an Intel driver and runs in the so-called application ring, or Ring 3. However, the capabilities of this solution can be expanded to the kernel, or Ring 0. The scan intensity can be adjusted to GPU load. For instance, if the user is playing a video game, the scan job can be postponed or assigned to spare cores of the graphics processing unit only.
Intel to leverage integrated graphics to detect malware
Posted on Friday, Jul 27 2018 @ 11:54 CEST by Thomas De Maesschalck