Pulse

By GCN Staff

Blog archive

NIST draft standard details approximate matching

The National Institute of Standards and Technology’s draft publication SP 800-168, Approximate Matching: Definition and Terminology, provides a description of approximate matching and includes requirements and considerations for testing. 

Approximate matching is a technique designed to identify similarities between two digital artifacts or arbitrary byte sequences such as a file.

A similarity between two artifacts is determined by a particular approximate matching algorithm. One process the technology uses to find these similarities is resemblance. In this method, two similarly sized objects are compared and searched for common traits. For example, successive versions of a piece of code are likely to share many similarities.

A second way approximate matching measures similarities is containment. This method examines two different sized objects and determines whether the smaller one is inside the larger one, such as a file and a whole-disk image.

This technology is very useful for security monitoring and forensic analysis by filtering data.  It provides a result from a range of outcomes [0, 1], which are interpreted as a level of similarity. The reliability of a result is assessed by the robustness of the algorithm, its precision, and whether the algorithm includes security properties designed to prevent attacks, as the manipulation of the matching technique.

A public comment period on Special Publication 800-168 begins on Jan. 27, 2014, and runs through March 21, 2014.  Comments can be sent to match@nist.gov with “Comments on SP 800-168” on the subject line.

Posted by Mike Cipriano on Jan 31, 2014 at 7:38 AM


Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.