Malware threatsMalware intelligence system allow organizations to share threat information
As malware threats expand into new domains and increasingly focus on industrial espionage, researchers are launching a new tool to help battle the threats: a malware intelligence system which will help corporate and government security officials share information about the attacks they are fighting
As malware threats expand into new domains and increasingly focus on industrial espionage, Georgia Tech researchers are launching a new tool to help battle the threats: a malware intelligence system which will help corporate and government security officials share information about the attacks they are fighting.
A Georgia Tech release reports that the system, known as Titan, will be at the center of a security community which will help create safety in numbers as companies large and small add their threat data to a knowledge base that will be shared with all participants. Operated by security specialists at the Georgia Tech Research Institute (GTRI), the system builds on a threat analysis foundation — including a malware repository that analyzes and classifies an average of 100,000 pieces of malicious code each day.
“As a university, Georgia Tech is uniquely positioned to take this white hat role in between industry and government,” said Andrew Howard, a GTRI research scientist who is part of the Titan project. “We want to bring communities together to break down the walls between industry and government to provide a trusted, sharing platform.”
Members contributing information will do so anonymously so other members won’t know which specific organizations have been attacked. GTRI will independently verify information provided to Titan and carefully vet the members of the community before they are allowed to participate.
“People tend to think that if an organization gets hit, it was because they had poor security measures,” said Christopher Smoak, a GTRI research scientist who heads up the Titan project.
“That’s not necessarily true, because a variety of factors contribute to intrusions. But until we get to the point that there’s no longer a stigma attached to having an infiltration, people are going to want anonymity to participate.”
The release notes that in addition to receiving information about attacks and responses at other organizations, members will receive quick reports on malware samples they submit. Based on what they have learned from the malware repository and by reverse-engineering malicious code, GTRI researchers will be able to provide information on the potential harm from an attack, the likely source, the best remedy for it and the risks to the organization.
“We hope to provide information about the trends that organizations can expect to see, and help them prioritize what they should do to address the risks,” said Howard. “We have a significant system behind the scenes to facilitate the exchange of
