Intel Corp."s researchers are working to outwit cyber attackers, including those employing stealthy rootkits. The chip maker"s Communications Technology Lab, in a project called System Integrity Services, has created a hardware engine to sniff out sophisticated malware attacks by monitoring the way operating systems and critical applications interact with hardware inside computers.
By watching a computer"s main memory, the System Integrity Services can detect when an attacker takes control of the system—such attacks sever the ties between data loaded into memory by an application and the application itself—and can fool a system so as to avoid detection while potentially allowing for surreptitious pilfering of data or the perpetration of other attacks. "Our threat model assumes that the attacker gets on the system somehow and has unrestricted access to the system," said Travis Schluessler, a security architect inside Intel"s Communications Technology Lab.