• Home
• News/Press
• Review Analysis
• Members
• FAQs
• Resources
• Documents
• Membership
• Meetings
• Contact Us
• About Us

Will AMTSO be working on the problem of inconsistent naming of malware?

Q: Will AMTSO be working on the problem of inconsistent naming of malware?

A: While the accurate identification of malware samples is a problem area in many types of testing, the bigger issue of standardized naming is currently out of scope for AMTSO.

Standardized naming presents many difficulties. There have been several attempts to achieve it, but they have not been altogether successful, despite the support and co-operation of most of the anti-malware industry. Vendor informational web pages do often include cross-references to the names used by other vendors for the more common malware families and variants. However, the administrative difficulties of extending cross-referencing across the whole range of malware are considerable. Here are a few resources related to this issue:

• "Current Status of the CARO Malware Naming Scheme" by Vesselin Bontchev: http://www.people.frisk-software.com/~bontchev/papers/naming.html
• Common Malware Enumeration (CME) homepage: http://cme.mitre.org/
• CME FAQ: http://cme.mitre.org/about/faqs.html
• "How Scientific Naming Works", by Joe Wells: http://www.wildlist.org/naming.htm

 

Last Updated on Monday, 10 March 2008 12:47