Skip to Main Content
Proponents are about to initiate a project designed to issue standard identification codes for viruses, worms, and Trojan horses. This plan is designed to end the confusion produced by the current practice of security companies each having their own name for a specific type of malware. The US Computer Emergency Readiness Team - which coordinates cyberattack responses as part of the US Department of Homeland Security - has finished testing its Common Malware Enumeration (CME) project and is making it available for adoption by security companies. The MITRE Corp., which conducts R&D programs for the federal government, runs the CME project for US-CERT with the help of antivirus companies. When a malware attack occurs, an industry researcher would submit a code sample and a description to CME officials. A CME panel of security-company representatives would discuss the malware and determine whether it is the same as or different from an existing threat. If different, the board would issue an identifier. MITRE would then publish information about the malware on the CME Web site.