 |
| |
|
Current StatusCME was developed to address the pandemic model of malware in which CME identifiers were assigned to "high-profile threats." The changed nature of the malware threat since late 2006 — away from pandemic, widespread threats to more localized, targeted threats — greatly reduced the need for co mmon malware identifiers to mitigate user confusion in the general public. This CME Web site and CME List have therefore been moved to archive status and all CME-related efforts have transitioned into support to the "DHS/DoD Software Assurance Forum Ma lware Working Group." The goal of the Malware Working Group is to develop a consensus on software that behaves in potentially malicious ways to facilitate detection and enable use rs to make informed decisions when discovering the presence of this software on their systems. The working group will develop definitions of malicious code a nd create a standard language for describing and characterizing its attributes and behaviors. The working group will consider multiple dimensions, including legal, technical, educational, and economic. It will leverage previous related efforts, including the work of the Anti Spyware Coalition and CME. Anyone who would like to become involved with the Malware Working Group should send email to swa-forum-malware-wg-list@lists.mitre.org. For information on how MITRE's other information assurance data standards continue to help make security more measurable, visit http://makingsecuritymeasurable.mitre.org. |
|
|
|
|
||
was created to provide single, common identifiers to new virus threats and to the most prevalent virus threats in the wild to reduce public confusion during malware incidents. This community effort was not an attempt to replace the vendor names used for viruses and other forms of malware, but instead to facilitate a shared, neutral indexing capability for malware.