Studying and Classification of the Most Significant Malicious Software

As the cost of information processing and Internet accessibility falls, most organizations are becoming increasingly vulnerable to potential cyber threats which its rate has been dramatically increasing every year in recent times. In this paper, we study, discuss and classify the most significant malicious software: viruses, Trojans, worms, adware and pornware which have made step forward in the science of Virology.

💡 Research Summary

The paper attempts to give a broad overview of the most significant types of malicious software—viruses, Trojans, worms, adware and pornware—by tracing their historical development, describing their technical characteristics, and proposing a classification scheme. The introduction frames the problem: as computing costs fall and Internet access expands, organizations and ordinary users become increasingly exposed to cyber‑threats that jeopardize confidentiality, integrity and availability.

In the “Theory of Computer Viruses” section the authors recount the theoretical origins of self‑replicating code, citing Fred Cohen’s 1983 dissertation that coined the term “computer virus,” earlier work by John von Neumann on self‑reproducing automata, and Lionel Penrose’s and Frederick Stahl’s experimental implementations on IBM‑650. They argue that these academic studies unintentionally laid the groundwork for later malicious programs.

The historical narrative (Section III) proceeds chronologically from the early 1970s Creeper worm on ARPANET, through the 1980s Elk Cloner (Apple II) and Brain (the first IBM‑compatible boot‑sector virus), to the infamous 1988 Morris Worm that exploited UNIX vulnerabilities on VAX and Sun machines. The authors then discuss the wave of high‑impact worms in the early 2000s—CodeRed, Nimda, Aliz, Badtrans II (2001), the 2003 Slammer (SQL‑Server file‑less worm) and Lovesan (Windows RPC DCOM exploit), the 2004 Bagle, Mydoom and Sasser families, and the 2008‑2009 Conficker/Kido/Downadup outbreak that leveraged the MS08‑067 vulnerability. Throughout they note the shift from simple file infection to network‑wide denial‑of‑service attacks, credential theft, and the emergence of “bootkits” and mobile‑oriented malware such as Cabir.

Section IV tackles definitions and taxonomy. The authors point out the difficulty of giving a precise virus definition, noting that modern anti‑virus products often treat any malware as a “virus.” They propose a functional definition of malware as software that damages information, abuses network resources, or disrupts normal operation. Within this framework they classify viruses by infection target (boot‑sector, file, macro, script) and describe representative examples (e.g., Virus.Win 9x.CIH, Macro.Word97, Virus.VBS.Sling). Worms are defined as network‑propagating programs that can operate autonomously; they are further divided by propagation channel (network, email, IRC, P2P, instant‑messenger). Trojans are characterized as non‑replicating payload carriers that rely on other malware or user action for delivery; their life‑cycle consists of penetration, activation, and execution of malicious functions.

A substantial part of the taxonomy is devoted to Trojans, using Kaspersky Lab’s three‑dimensional model based on violations of confidentiality, integrity, and availability. The paper lists concrete families: Backdoor, PSW, Spy, Banker, GameThief, MailFinder (confidentiality); Clicker, Downloader, Dropper, Proxy, Notifier, IM, SMS, Rootkits (integrity); DDoS, Ransom, ArcBomb (availability). The authors also discuss adware and pornware as “indirect” threats that do not directly damage systems but force unwanted advertising or connect users to paid adult sites; they note a surge in such behavior after 2004.

The conclusion acknowledges that the survey cannot cover every global threat but claims to capture the most current trends. It emphasizes the “triangle” of hacker, anti‑virus vendor, and user, identifying the end‑user as the weakest link. The authors argue that continuous user education and up‑to‑date threat intelligence are essential for effective protection.

Overall, despite numerous typographical errors, inconsistent citations, and a lack of rigorous methodology, the paper provides a high‑level historical timeline and a taxonomy that can serve as a starting point for readers new to the field of malware research.