guy drawing formula

IEEE Anti-Malware Support Service (AMSS)

CMX and Taggant System: Enabling more effective and efficient response to malware threats.

IEEE Anti-Malware Support Service (AMSS)

IEEE Anti-Malware Support Service (AMSS) is a set of shared support services, created through the collaborative efforts of many of the major players in the computer security industry. It enables the individual security companies and the industry as a whole to respond more effectively and efficiently to the rapidly mutating universe of contemporary malware threats.

AMSS currently consists of two main services: the Clean file Metadata eXchange (CMX), and the Taggant System.

"We implemented Taggant blacklisting procedures and it proved to be a convenient and effective way to detect malware packed by commercial packers. As a result, we plan to use the Taggant System for clean files whitelisting.” - Alexander Liskin, Heuristic Detection Group Manager, Kaspersky Lab.


CMX provides real-time access to information related to clean software files, even prior to the publication of the corresponding software. This can help reduce the number of false positives detected by anti-virus software when more aggressively searching for malware.

The CMX system is live, fully operational, and being utilized. For example, Microsoft is posting all operating system related metadata from Windows XP through Windows 10. New public data being created by all metadata providers, including Microsoft is also being posted, enabling your company to gain access to relevant information about trusted clean software.

There are two types of CMX users:

Providers: They provide the metadata at the time of final software application build, for publicly released software and for internal corporate applications.

  • Requires an invitation, or an already existing Class 3 Digital Code Signing Certificate
  • There is no fee for providers

Consumers: They retrieve the metadata, for use in security product backend systems or other processing.

For more information download

Taggant System

The Taggant System places a cryptographically secure marker in the packed and obfuscated files created by commercial software distribution packaging programs (packers). Legitimate packers are often abused by malware creators to create many, difficult-to-detect variants of their malware. The Taggant System markers identify the specific packer user's license key, used to create an instance of packed malware. That packer user can then be blacklisted, and all files created by that packer user will be reported as suspicious in the Taggant System.

A new version, Taggant V2, was developed to address the need of applying taggants to different types of files. It also allows for adding a taggant after a file is created, as well as supporting multiple taggants on the same file. This functionality will be used by the Clean Software Alliance (CSA) to self-regulate the distribution of free and ad-supported software.

There are two types of users:

Software Packer Vendors (SPVs): They are the makers of commercial packing and obfuscation programs.

Security Software Vendors (SSVs): They provide security solutions, validate taggants and compare them to a blacklist of bad license keys. This requires licensing the use of the Taggant System IEEE Public Root Key and getting access to the blacklist.

For more information download

IEEE Anti-Malware Support Service: Subscribe Now

I am interested in the following aspects of AMSS. Please provide additional information and related application forms.
Check all that apply
CMX Consumer and/or Taggant SSV (price US $8,000.00)
  • Access to CMX for 1 year
  • Access to Taggant System IEEE Public Root Key, and blacklist for one year
CMX Provider (no charge)
Taggant SPV (charge for packer user certificates; price, US $0.33 per certificate)
Additional Comments
or Questions: