In the long term, there's a need for a way to automate the analysis of malware and match patterns of code to "start building a profile of malware we know is attributable to crimeware or a certain author and later on being able to spot that," Parker said. "There is way too much speculation going on these days."

Parker also plans to put forth some theories on why Stuxnet has some very sophisticated programming but also parts that could be considered quite amateurish. "There are some impressive components in it, but there's this other side that I don't think people are looking at as closely," Parker said.

In another briefing, security researcher Dan Kaminsky will release code that he says allows systems administrators to implement an authentication system into their applications that uses DNS Security Extensions (DNSSEC). The system uses public key cryptography to digitally "sign" the DNS records for websites and is being increasingly deployed to fortify Web security.

"This is code you can integrate into networks and applications that will make entire classes of security problems go away," said Kaminsky, who gained fame two years ago for finding a major flaw in the DNS (Domain Name System).

Unlike PKI (Public Key Infrastructure) systems, leveraging DNSSEC as a broader security mechanism has great benefits: It scales, and it is much cheaper to implement than other authentication systems such as passwords, Kaminsky said. Administrators will be able to deploy DNSSEC into applications in as little as two minutes with no configuration, he said. He is releasing most of the code free.