The reverse engineer – better known amongst security researchers by his nom de plume, Halvar Flake – created an automated system for classifying software into groups, a process for which he believes machines are much better suited.
Research using the system has underscored the sometimes-arbitrary decisions humans make in classifying malicious programs, he said. Among other anomalies, he found that Sasser.D has only a 69 percent correlation to previous members of the Sasser family, while two examples of bot software, Gobot and Ghostbot, are more similar.
Read the complete story here. (Security Focus)