The Ontology of Malwares

Absolute security is almost impossible. On a daily basis the security of many systems is compromised. Attackers utilize different techniques to threaten systems’ security. Among different threats to systems’ security, malware poses the highest risk as well as the highest negative impact. Malware can cause financial losses as well as other hidden cost. For example, if a company system has been compromised, the company could suffer negatively on the reputation and trust level from a publicized malware incident. This chapter provides a detailed description about different malware categories and how to protect against each type.

[1]  Peter J. Clarke,et al.  Testing and evaluating virus detectors for handheld devices , 2006, Journal in Computer Virology.

[2]  Preston Gralla PC pest control - protect your computers from malicious internet invaders , 2005 .

[3]  Pele Li,et al.  A survey of internet worm detection and containment , 2008, IEEE Communications Surveys & Tutorials.

[4]  Martin Vuagnoux,et al.  Compromising Electromagnetic Emanations of Wired and Wireless Keyboards , 2009, USENIX Security Symposium.

[5]  Gurvirender Tejay,et al.  Emerging Cybercrime Trends: Legal, Ethical, and Practical Issues , 2012 .

[6]  Robert K. Cunningham,et al.  A taxonomy of computer worms , 2003, WORM '03.

[7]  G. Somani,et al.  Overhead Analysis of Security Primitives in Cloud , 2012, 2012 International Symposium on Cloud and Services Computing.

[8]  Jiang Wang,et al.  HyperCheck: A Hardware-AssistedIntegrity Monitor , 2014, IEEE Transactions on Dependable and Secure Computing.

[9]  Jason Hong,et al.  The state of phishing attacks , 2012, Commun. ACM.

[10]  Mingtian Zhou,et al.  Some Further Theoretical Results about Computer Viruses , 2004, Comput. J..

[11]  Fernando C. Colón Osorio,et al.  And you though you were safe after SLAMMER, not so, swarms not Zombies present the greatest risk to our national Internet infrastructure , 2006, 2006 IEEE International Performance Computing and Communications Conference.

[12]  A. Samjani Mobile Internet protocol , 2001 .

[13]  Angelos Stavrou,et al.  A Framework to Secure Peripherals at Runtime , 2014, ESORICS.

[14]  Sarah Gordon Fighting Spyware and Adware in the Enterprise , 2005, Inf. Secur. J. A Glob. Perspect..

[15]  David Anthony Berberick Analysis of the North Atlantic Treaty Organization's (NATO) reaction to cyber threat , 2016 .

[16]  Bruce W. Weide,et al.  Using parse tree validation to prevent SQL injection attacks , 2005, SEM '05.

[17]  K. Geetha,et al.  Maximizing online security by providing a 3 factor authentication system to counter-attack 'Phishing' , 2010, INTERACT-2010.

[18]  Nuno Laranjeiro,et al.  Protecting Database Centric Web Services against SQL/XPath Injection Attacks , 2009, DEXA.

[19]  Mamdouh Alenezi,et al.  Open source web application security: A static analysis approach , 2016, 2016 International Conference on Engineering & MIS (ICEMIS).

[20]  S. R. Subramanya,et al.  Computer viruses , 2001 .

[21]  Ken Dunham,et al.  Malicious Bots: An Inside Look into the Cyber-Criminal Underground of the Internet , 2008 .

[22]  Aaron Emigh The Crimeware Landscape: Malware, Phishing, Identity Theft and Beyond , 2006, J. Digit. Forensic Pract..

[23]  Jim Q. Chen,et al.  A Cross-Cultural Comparison of U.S. and Chinese Computer Security Awareness , 2008, J. Glob. Inf. Manag..

[24]  Nilesh B. Prajapati,et al.  An Attack Vector for Deception Through Persuasion Used by Hackers and Crakers , 2009, 2009 First International Conference on Networks & Communications.

[25]  Wouter Joosen,et al.  FlashOver: automated discovery of cross-site scripting vulnerabilities in rich internet applications , 2012, ASIACCS '12.

[26]  E. K. Rotich,et al.  A Survey on Cyber Crime Perpetration and Prevention: A Review and Model for CyberCrime prevention , 2012 .

[27]  Christopher Krügel,et al.  The Underground Economy of Fake Antivirus Software , 2011, WEIS.

[28]  Yang Liu,et al.  JSDC: A Hybrid Approach for JavaScript Malware Detection and Classification , 2015, AsiaCCS.

[29]  Sy-Yen Kuo,et al.  Gatekeeper: Monitoring Auto-Start Extensibility Points (ASEPs) for Spyware Management , 2004, LISA.

[30]  José María Sierra,et al.  LAPSE+ Static Analysis Security Software: Vulnerabilities Detection in Java EE Applications , 2011 .

[31]  G.S.V.R.K. Rao,et al.  An Adaptive Intrusion Detection and Prevention (ID/IP) Framework for Web Services , 2007, 2007 International Conference on Convergence Information Technology (ICCIT 2007).

[32]  David A. Wagner,et al.  Dynamic pharming attacks and locked same-origin policies for web browsers , 2007, CCS '07.

[33]  Douglas P. Medley Virtualization Technology Applied to Rootkit Defense , 2012 .

[34]  Lawrie Brown,et al.  Computer Security: Principles and Practice , 2007 .

[35]  V.Karamchand Gandhi An Overview Study on Cyber crimes in Internet , 2012 .

[36]  Michael Buratowski The DNC server breach: who did it and what does it mean? , 2016, Netw. Secur..

[37]  Ross Brewer,et al.  Ransomware attacks: detection, prevention and cure , 2016, Netw. Secur..