Malware Response Naming Scheme for Security Control Service
The Computer Anti-virus Research Organization (CARO) malware naming scheme was created more than 30 years ago. During the 30 years, the malware naming scheme has changed a lot, the number of malware entities has explosively increased with the network evolution, and corporate and public organizations...
Saved in:
| Published in: | 2020 International Conference on Information and Communication Technology Convergence (ICTC) pp. 1549 - 1552 |
|---|---|
| Main Authors: | , , , |
| Format: | Conference Proceeding |
| Language: | English |
| Published: |
IEEE
21-10-2020
|
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | The Computer Anti-virus Research Organization (CARO) malware naming scheme was created more than 30 years ago. During the 30 years, the malware naming scheme has changed a lot, the number of malware entities has explosively increased with the network evolution, and corporate and public organizations have introduced integrated security solutions to deal with Advanced Persistent Threat (APT) attacks from attackers who aims a specific target. Due to this, we have entered the era of integrated security. There is a limitation for an information security officer to understand the excessive amount of information produced from the integrated security solution and quickly respond to attacks such as APT. To solve this problem, we propose a response naming scheme in the form of a structure containing the definition of malware's type and property information, the endpoint response status, and the status of other vendors' anti-virus detection. This guides the information security officer to a reasonable early-response in controlling the malware just as anti-virus researchers created the malware naming scheme to understand malware's information 30 years ago. |
|---|---|
| DOI: | 10.1109/ICTC49870.2020.9289450 |