IEEE SA Industry Connections Security Group — The threat is diverse. The industry is united.
The threat to computer security isn’t “out there.” It’s everywhere. A few years ago the risk to computer security was a small number of threats — like a single virus — being spread as widely as possible. Such threats were at least easy to identify and work against systematically — which is why so many “doomsdays” were averted in the 1990s and 2000s.
Today it’s a rapidly-mutating universe of malware threats coming from all directions — what security experts call microdistribution. No one threat gets much attention — but only because there’s a new one every minute.
The IEEE SA Industry Connections Security Group is built for this new era of diverse, multiplied security threats. The Industry Connections Security Group (ICSG) was established in 2009 under the umbrella of the IEEE SA Industry Connections program to respond to this new malware environment.
ICSG is designed to be more flexible and nimble by bringing experts together to develop industry-wide responses which can be put into effect quickly and with wide buy-in from industry players. Working Groups on different aspects of the problem keep discussion and action on a practical, tactical level that is already delivering results.
About IEEE SA Industry Connections
The Industry Connections program provides a platform for industry to come together to address shared issues in an efficient, economical, safe harbor environment for building consensus, and producing shared results. IEEE SA provides the institutional support for producing fast-track results from white papers to standards proposals to online databases.
Taggants: because the first step in stopping a threat is knowing who’s behind it.
When law enforcement wants to find who’s behind a bomb attack, they look at the chemistry of the bomb fragments left behind in the explosion. Taggants are chemical markers added to explosives during the manufacturing process that help identify where the explosives were made — the first step toward narrowing the list of possible suspects behind the explosion.
One of the key ICSG initiatives at present is the development of a Software Taggant System. By adding taggants to the legitimate software packer products — often also used in the creation of packed malware — it becomes easier to track malware and its creators.
The IEEE Software Taggant System was developed by the Malware Working Group of ICSG and is now being deployed across the software security and software packer industries. This adds to a growing collection of tools, including the IEEE Malware MetaData Exchange Format (MMDEF), which helps the computer security industry respond more quickly and effectively to the latest malware threats.
Multiple threats require multiple Working Groups.
The structure of the ICSG is a series of Working Groups formed as needed to address specific areas of computer security. Current Working Groups include:
- ICSG Malware Working Group
The threat from malware — viruses and other software — evolves constantly. The Malware Working Group is built to respond just as flexibly.
- ICSG Malware MetaData Exchange Format (MMDEF) Working Group
Identifying malware and the perpetrators behind it is crucial to fighting it. This group works to expand the information that is captured and shared about malware.
- ICSG Stop eCrime Working Group
Humans are, sad to say, often the weakest link in computer security. This group focuses on electronic crime and protecting the parts of the human economy that rely on technology.
- ICSG Privilege Management Protocols (PMP) Working Group
A locked door is better than having to call the police. This group develops protocols for efficient authentication and secure determination of “who can do what.”