IEEE clean file metadata exchange

Mark Kennedy Symantec
Igor Muttik McAfee

False positives (FPs) are a huge problem for security vendors. As much engineering time is spent on reducing FPs as on detecting malware, sometimes more. One of the keys to reducing FPs is to have a solid database of known clean files. This effort is to create just such a database.

FPs don't just affect security vendors, they also affect commercial software developers. When they occur, commercial software developers must go to each security vendor to resolve the issue. By creating a database that is shared by security vendors, commercial developers will need only to work with a single point of contact. They can submit metadata (no files) for their products, and that metadata will be relayed to all security vendors at once.

While the funding mechanism is being developed, it should be little to no cost for commercial software developers (submitters) and a subscription fee to cover the cost of operation will be paid by the security vendors.

This system is in Alpha now, and should be fully operational by the time of the VB conference.

VB2013 takes place 2-4 October 2013 in Berlin, Germany.

The full programme for VB2013, including abstracts for each paper, can be viewed here.

Click here for more details about the conference.



twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.