Malware Working Group
Activities
Accomplishments
- Examined key issues: threat landscape, software assurance in the development life cycle, novel approaches to malware.
- Identified organizations that can be potential partners and products that can be leveraged.
- Malware Attribute Enumeration and Characterization (MAEC) development started; white paper Introduction to Malware Attribute Enumeration and Characterization (MAEC) [pdf] released.
current activities
Continuing development of MAEC. An initial release of MAEC, focusing on low-level attributes relevant to dynamic malware analysis engines (i.e. sandboxes), is scheduled for early Q3 2010.
Planned activities
- Analyze and enumerate higher-level malware attributes (behaviors) for MAEC.
- Re-evaluate MAEC use cases and plan further development accordingly.
- Integrate MAEC with Common Attack Pattern Enumeration and Classification (CAPEC).