The IEEE is to focus on better standards for malware sample sharing
August 21, 2009
The IEEE (The Institute of Electrical and Electronics Engineers) has said that, in the coming weeks, it will focus on better industry standards for malware sample sharing. Vendors including AVG, McAfee, Microsoft, Sophos, Symantec and Trend Micro have signed up to the newly-formed Industry Connections Security Group (ICSG).
Anti-virus researchers at these firms (and others such as Kaspersky and F-secure have yet to sign up with ICSG) have been sharing virus samples for many years. What the ICSG wants to bring to the Internet community is better organisation and standardisation to this process.
Get the best Linux or Windows Web hosting plan for your website.
The IEEE's mission statement says "While there has been some ad-hoc co-operation in the industry in areas such as malware and phish URL sharing, this co-operation has not been standardized or documented in a format that lends itself to systematic improvement in operational efficiency or visibility and review by people outside the vertical industries."
The ICSG currently has one Working Group looking at Malware, but expects to add other Working Groups over time.
There is already a multitude of industry groups that currently exist in this area, such as the Anti Phishing Working Group (APWG), the much older Computer Anti-Virus Research Organisaion (CARO), the AMSTO anti-virus testing group, and a few others.
Overall, the IEEE group is focusing on industry standards as it relates to Internet security, at least initially, and it hopes to also embark on even broader security protection challenges over time.
It already has huge IT companies such as Cisco that operate outside the hardcore of anti-virus vendors involved as contributors, and wants to bring in more potentially interested parties, such as banks and ISPs.
Organizing the sharing of malware samples in a more streamlined way is important, since growing malware volumes threaten to derail existing informal virus sample sharing arrangements.
First up for ICSG is the goal of developing a sharing standard, incorporating XML data including information on where a sample originates, to increase the current malware sample sharing process.
"We already have the CVE scheme for classifying vulnerabilities systematically and ICSG wants to do something similar for virus classification," said an IEEE spokesperson.
However, whether it ever breaks out of that small quagmire remains far from certain.
Just the seemingly straightforward task of agreeing names for malware samples has reduced strong men to tears of frustration and for many years.
Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.
You can link to the
Internet Security web site as
much as you like. Read our section on how your company can participate in our
reciprocal link exchange program
and increase your rankings
in the major search engines such as
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing