An end to the virus-naming problem?
A new initiative that aims to standardise malware naming may be in operation as early as January 2005.
The US Department of Homeland Security’s Computer Emergency Readiness Team,
US-CERT
, is set to coordinate a Common Malware Enumeration initiative among anti-virus vendors, according to
a letter
sent to
The SANS Institute
and signed by representatives of the DHS, Symantec, Microsoft, McAfee, and Trend Micro. Rather like Mitre Corp’s
Common Vulnerabilities and Exposures
(CVE) list, US-CERT will maintain and coordinate a database of malware identifiers.
The letter stated: ‘By building upon the success of CVE and applying the lessons learned, US-CERT, along with industry participants… hopes to address many of the challenges that the anti-malware community currently faces.’ With such an enormous task ahead, the enumeration project will make a start with just the ‘major’ threats.
The letter acknowledged that the task would not be a straightforward one, saying, ‘There are significant obstacles to effective malware enumeration, including the large volume of malware and the fact that deconfliction [sic] can be difficult and time-consuming.’
Further details of the scheme were not available, but a pilot is planned for January 2005.
VB doubts whether the anti-virus industry’s most contentious issue will be laid to rest without a hefty struggle, but awaits the introduction of the scheme with interest.
Read some views on the thorny issue of virus-naming:
–
What’s in a name?
(Nick FitzGerald, June 1998)
–
What’s in a name?
(Jakub Kaminski, Nov 2001)
–
A virus by any other name – virus naming updated
(Nick FitzGerald, Jan 2003)
–
That which we call Rose.A
(Sarah Gordon, March 2003)
–
Hunting the UNICORN
(Andrew Lee, May 2004)
–
VGrep
Posted on 25 November 2004 by
Virus Bulletin
Leave a Reply