HW can reveal the execution of even the best concealed malicious code at an instruction level. This talk goes into details of how scalable, deployable, runtime threat and anomaly detection solutions can be built with CPU telemetry and machine learning. Specifics of telemetry sources, feature selection, overhead management and platform domain specific design considerations will be discussed.

Pre-Requisites: Basic understanding of exploits/malwar and machine learning. Some knowledge of Intel architecture would be helpful but not absolutely required.