Common Malware Enumeration (CME)
About > CME Documents  

CME Documents


The Common Malware Enumeration Initiative

This article reprint describing CME was published in the September 2005 issue of the Virus Bulletin. The article serves as the public launch of CME and describes what CME is and isn't, mentions the problems that use of CME's common identifiers will solve, describes CME identifiers, details the process for assigning CME identifiers, lists the members of the CME Editorial Board, and advocates the adoption of CME by the anti-virus and information security communities for the benefit of the public. The article was also presented as a briefing topic at the Virus Bulletin Conference on October 5th-7th, 2005 in Dublin, Ireland. September 2005 – CME Team Members Jimmy Kuo of McAfee, Inc. and Desiree Beck of MITRE Corporation.

PDF (1.06 Mb)

Back to top

CME Process and Technical Documents

The CME Process: Scope, Identifiers, and Guidelines for Deconfliction

This document addresses operational aspects of the CME initiative, including the purpose and scope of CME, how CME identifiers are assigned, and the initial process for the deconfliction of malware threat samples. We expect this document to evolve as a result of discussions among the Board and as additional identifiers are assigned over time. September 2005 – Desiree Beck.


Back to top

Other Documents

CME Initiative's Open Letter on SANS Internet Storm Center

An open letter from an anti-virus customer to anti-virus vendors was posted to the SANS Internet Storm Center calling for the vendors to solicit the help of a neutral 3rd party like SANS or US-CERT to help solve the malware identification problem. The CME Team drafted a response that was co-signed by MITRE's CME Team, US-CERT/DHS representatives, and the vendors participating on the CME Preliminary Editorial Board. The response letter was posted by the SANS Internet Storm Center on November 23, 2004 at

Back to top