Slashdot Mirror

← Back to Stories (view on slashdot.org)

Name That Worm

Posted by Zonk on from the more-sense-less-clutter dept.

Ant wrote to mention a C|NET article reporting on the Common Malware Enumeration (CME) initiative, now emerging from its test phase. From the article: "Next month, the U.S. Computer Emergency Readiness Team (CERT) plans to officially take the wraps off the effort, meant to reduce the confusion caused by the different names security companies give worms, viruses and other pests. The project assigns a unique identifier to a particular piece of malicious software. When included in security software, in alerts and in virus encyclopedia entries, this identifier should help people determine which pest is hitting their systems and whether they are protected ..."

2 of 80 comments (clear)

  1. Please mod parent up. by msauve · · Score: 2, Informative
    For the sake of language.

    http://linuxmafia.com/~rick/faq/plural-of-virus.ht ml

    --
    "National Security is the chief cause of national insecurity." - Celine's First Law
  2. Re:CARO? by Anonymous Coward · · Score: 2, Informative

    Yes, I wondered about that as well. The CARO system has worked well for a long time now, and there have been a number of initiatives to regularise the virus naming taxonomy - I remember Jim Bates coming up with one in the 80s, which was all numeric!

    The problem is that the researcher working on a virus has to name it very rapidly. Viruses are often varients of others, so you need expertise in name allocation - it can only be done by the researchers. I would have though that the CARO system had sorted out all the bugs by now. Perhaps the US Cert are just tagging on the coat tails of CARO?

    Incidently, for anyone who wants to translate virus names from one product to another, the indistry tool of choice is VGREP, which can be found here - http://www.virusbtn.com/news/vb_news/2005/02_10.xm l