[Dshield] System compromise rates

Pete Cap peteoutside at yahoo.com
Tue Jan 13 17:53:24 GMT 2004


Richard,
 
I am currently parsing the past five years of the WildList (www.wildlist.org).  Eliminating multiple entries for the same malware is taking some time.  But when it is done, we will have a (somewhat) comprehensive list of reported viruses, e.g. name, when they were first seen, when they dropped off the radar, etc.
 
If anyone wishes to assist in this, you could start adding data such as vector, payload, pervasiveness, etc.
 
I know this kind of information is currently held by the AV giants, yet they do not seem very interested in giving it away (for free, anyway), nor have I seen any analysis performed of malware trends.
 
A good indication of this last is that in 2003, dubbed "The Year of the Virus" or "Return of the Virus," etc. the vast majority of malware incidents which I'm seeing involves older viruses, worms, and trojans (in October 2003, wildlist continued to report on viruses first seen in 1995).  Couple this with the fact that Microsoft is extending support for w95, w95, etc. because so many users are still on legacy systems.
 
I'm sure trend analysis of these data will reveal many more interesting topics for discussion.
 
Pete

Richard Roy <Richard.Roy at justicetrax.com> wrote:
Pete,
I would be interrested in similar data, such as the number of known
virii in the wild, perhaps ordered by what they infect, and how they are
delivered.
I am interrested in the methods of infection particularly


---------------------------------
Do you Yahoo!?
Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes


More information about the list mailing list