AbstractMalware represents one of the most prevalent threats to cyber security and is increasingly able to circumvent previously standardized detection, mitigation, and characterization techniques. Although new methods for combating malware have been developed, it is still difficult to communicate and share useful information garnered through these techniques without ambiguity and corresponding data loss. To close this significant gap in malware-oriented communication, this paper introduces and defines a language for characterizing malware based on its behaviors, artifacts, and attack patterns.
dynamic malware analysis engines (i.e. sandboxes)
development of MAEC
higher-level malware attributes (behaviors)
Integrate MAEC
Common Attack Pattern Enumeration and Classification