Intel developing zero-day attack blocker

Intel CTO says its promised new security technology will not depend on signatures to stop zero-day attacks

Intel CTO Justin Rattner says the chip maker is working on security technology that will stop all zero-day attacks. And, while Rattner would give few details about it, he said he hopes the new technology will be ready to be released this year.

"I think we have some real breakthrough ideas about changing the game in terms of malware," Rattner said. "We're going to see a quantum jump in the ability of future devices, be them PCs or phones or tablets or smart TVs, to defend themselves against attacks."

[ Keep up on the day's tech news headlines with InfoWorld's Today's Headlines: Wrap Up newsletter. ]

He noted that the technology won't be signature-based, like so much security is today. Signature-based malware detection is based on searching for known patterns within malicious code. The problem, though, is that zero-day, or brand-new, malware attacks are often successful because they have no known signatures to guard against.

Intel is working around this problem by not depending on signatures.

And the technology will be hardware based, though it's still unclear if it will have a software component.

"Right now, anti-malware depends on signatures, so if you haven't seen the attack before, it goes right past you unnoticed," said Rattner, who called the technology "radically different." "We've found a new approach that stops the most virulent attacks. It will stop zero-day scenarios. Even if we've never seen it, we can stop it dead in its tracks," he said.

Dan Olds, an analyst with The Gabriel Consulting Group, said if this technology works as Rattner says it will, it could be a major advance for computer security. "If Intel has hardware technology that can reliably stop zero-day attacks, that would be a huge win in the war against malware," Olds said. "The key is that it's reliable. It has to have the ability to discern legit software from malware. But if they can pull this off, it would give them quite a competitive advantage versus AMD."

And Olds noted that technology that takes advantage of hardware could be interesting. "The best security is a combination of hardware and software," he said. "Hardware security can be stronger and faster in some situations, but isn't as flexible as software-only mechanisms. The big change here is that it sounds like Intel is pulling security functions into the chip or the chipset."

Rattner said Intel researchers were working on the new security technology before the company moved to buy security software maker McAfee. However, he said that doesn't mean that McAfee might not somehow be involved. With that $7.68 billion deal, Intel will become more than just a chip maker. It will become a security company, as well.

Sharon Gaudin covers the Internet and Web 2.0, emerging technologies, and desktop and laptop chips for Computerworld. Follow Sharon on Twitter at @sgaudin or subscribe to Sharon's RSS feed. Her email address is sgaudin@computerworld.com.

Read more about processors in Computerworld's Processors Topic Center.

This story, "Intel developing zero-day attack blocker" was originally published by Computerworld.

Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Join the discussion
Be the first to comment on this article. Our Commenting Policies