A working group has formed to move towards establishing official language and terminology for describing malware to assist communicating and fighting malware. The working group is trying to establish the Malware Attribute Enumeration and Characterization (MAEC) language. There are a number of benefits to establishing a common malware terminology: eliminating innacuracy in describing malware, reduced duplication of efforts, improved awareness of malware, and decreased response time.
The Introduction to MAEC white paper was released yesterday and offers a promising start. From the abstract:
Malware represents one of the most prevalent threats to cyber security and is increasingly able to circumvent previously standardized detection, mitigation, and characterization techniques. Although new methods for combating malware have been developed, it is still difficult to communicate and share useful information garnered through these techniques without ambiguity and corresponding data loss. To close this significant gap in malware-oriented communication, this paper introduces and defines a language for characterizing malware based on its behaviors, artifacts, and attack patterns.
Hopefully the group will be able to make some progress and partner with security software developers, security researchers, and other big players in the computer industry to get this to take off so that the everyday computer user can benefit from their efforts. Read more at the MAEC website.