CMX: IEEE Clean File Metadata Exchange

Presented at Black Hat USA 2013, Aug. 1, 2013, 9 a.m. (135 minutes).

False positives are a huge problem in the security space. Organizations can spend more time and engineering on reducing FPs than on detecting new malware. Whitelists can help, but there are difficulties with these. Many organizations will not permit the exchange of files for copyright reasons. 3rd party developers must deal with multiple security vendors to get their software whitelisted.

CMX is a system being operated by IEEE. 3rd party software developers can submit metadata for their applications to a single portal. Security vendor subscribers can then pull -- in realtime -- all the metadata being pushed into the system. Since only metadata is being exchanged, there are no copyright problems.

This system will greatly simplify the maintenance of global whitelists.


Presenters:

  • Mark Kennedy - Symantec
    Mark Kennedy is a Distinguished Engineer with Symantec Corporation, where he was worked for the past 22 years. After nearly a decade of working on disk utilities, Mark transitioned to software security in 2000. He pioneered the concept of Dynamic Testing for Anti-Malware software, and holds nearly 40 patents. Mark has a strong background in industry collaborative efforts. He was a charter member of the Anti-Malware Testing Standards Organization (AMTSO), and serves as Chairman of the IEEE's Industry Connections Security Group's Malware working group. He also serves as Chairman of the ICSG's Executive Committee.
  • Igor Muttik - McAfee
    Igor Muttik (PhD) is a Principal Research Architect with McAfee Labs™ which is part of Intel Corporation since 2011. He started researching computer malware in 1980s when anti-virus industry was in its infancy. He is based in the UK and worked as a virus researcher for Dr. Solomon's Software where he later headed the anti-virus research team. From 1998 to 2002 he ran McAfee's malware research in EMEA and switched to his architectural role in 2002. He takes particular interest in applied security research and design of new security software and hardware. Igor holds a PhD degree in physics and mathematics from the Moscow University. He is a regular speaker at major international security conferences and an author of more than 20 international patents.

Links:

Similar Presentations: