Real-time multilanguage threat descriptions using an intelligent template system
Oliver Auerbach, Cosmin Ancuta, Robert Harja Avira
During the last few years detailed threats descriptions have become more important than
ever. In particular, companies invest large amounts of money and effort in order to have
the latest descriptions on their web pages. These analyses vary from phishing to vulnerabilities
and special product detection, but they are mainly used for certain viruses such as worms,
backdoors, trojans, spyware or adware, and similar.
Since it requires a significant effort to create those descriptions and it takes a lot of
time to write one from scratch over and over again, it is a common procedure to use
templates. Such templates offer the possibility to select the parts someone would like to
use in the description he is currently working on. However, they have to be individualized
in order to fit the specific threat characteristics.
Another problem that arises after finalizing a description is the translation into different
languages. This will entail more expense and effort, but the highest cost is, in fact, associated
with the amount of time necessary for translations, since such descriptions are somehow
critical and the sooner they appear the better.
This paper describes how we managed to solve all the problems mentioned above. Using an
intelligent and dynamically extensible template system, we are able to create detailed descriptions.
It includes a careful template design, which addresses various details, including the singular-plural
difference or the different size-dependent display of listings, to name only a few
examples. The main benefit, however, remains the fact that multilanguage descriptions
become available in real time, no matter the number of languages implemented in the system.
This month VB's test team put 26 products to the test on
Windows Server 2008. John Hawes has the full results.