The Common Malware Enumeration Initiative

Desiree Beck, Julie Connolly The MITRE Corporation

During high-profile malware outbreaks, incident responders often face significant confusion when trying to correlate aberrant system and network behaviour, public and community-specific incident reports, and the protections provided by their anti-virus and information security software. The Common Malware Enumeration (CME) initiative aims to address this confusion by assigning unique identifiers to high profile malware threats. Led by the United States Computer Emergency Readiness Team (US-CERT), CME is working in cooperation with public, private and international entities to adopt a neutral, shared identification method for malware and to improve communication and information sharing between anti-virus vendors and the rest of the information security community. CME is not an attempt to replace current naming schemes for viruses and other forms of malware, but instead aims to facilitate the adoption of a shared, neutral indexing capability for malware.

This paper will update the community on the status of CME since its October 2005 public launch at Virus Bulletin 2005. Topics will include the growing involvement of the incident response community; plans for expanding the scope of the project beyond the current focus on high-profile malware threats; and case studies illustrating the value of CME to the security community.



twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.