The Common Malware Enumeration Initiative

Desiree Beck, Julie Connolly The MITRE Corporation

During high-profile malware outbreaks, incident responders often face significant confusion when trying to correlate aberrant system and network behaviour, public and community-specific incident reports, and the protections provided by their anti-virus and information security software. The Common Malware Enumeration (CME) initiative aims to address this confusion by assigning unique identifiers to high profile malware threats. Led by the United States Computer Emergency Readiness Team (US-CERT), CME is working in cooperation with public, private and international entities to adopt a neutral, shared identification method for malware and to improve communication and information sharing between anti-virus vendors and the rest of the information security community. CME is not an attempt to replace current naming schemes for viruses and other forms of malware, but instead aims to facilitate the adoption of a shared, neutral indexing capability for malware.

This paper will update the community on the status of CME since its October 2005 public launch at Virus Bulletin 2005. Topics will include the growing involvement of the incident response community; plans for expanding the scope of the project beyond the current focus on high-profile malware threats; and case studies illustrating the value of CME to the security community.

VB Conferences

VB2010 (Vancouver)

VB2009 (Geneva)

VB2008 (Ottawa)

VB2007 (Vienna)

VB2006 (Montréal)

VB2005 (Dublin)

VB2004 (Chicago)

VB2003 (Toronto)

VB2002 (New Orleans)

VB2001 (Prague)

VB2000 (Orlando)

VB99 (Vancouver)

VB98 (Munich)

VB97 (San Francisco)

VB96 (Brighton)

VB95 (Boston)

VB94 (Jersey)

VB93 (Amsterdam)

VB92 (Edinburgh)

VB91 (Jersey)

‘In terms of networking, this conference has been superb.’

Poll

Who in your company is responsible for installing software patches?

Leave a comment

VB100 certification

The final VB100 of the year sees a double whammy of potential pitfalls for our comparative participants - the Vista operating system, which still seems shiny and new as well as a little scary (to both developers and users), as well as the x64 architecture, whose ostensible compatibility with standard 32-bit software belies oddities and intricacies that developers ignore at their peril. The announcement of the test brought a few surprises, as several regulars opted to skip this one, but the majority of veteran competitors took part as usual, along with several newer faces, many of whom look set to join the ranks of our regulars.
See full results.

Virus Bulletin currently has 148,281 registered users.

Fighting malware and spam