Malware (a contraction of "malicious software") refers to software developed for the purpose of doing harm.
Malware can be classified based on how they get executed, how they spread, and/or what they do. The classification is not perfect, however, in the sense that the groups often overlap and the difference is often not obvious, giving rise to frequent flame wars.
The first form of malware to evolve was the computer virus. Viruses work and spread (within the infected system) by attaching themselves to other pieces of software (or in the case of macro viruses, documents), such that during the execution of the program the viral code is executed. Viruses spread across computers when the software or document they attached themselves to is transferred from one computer to the other.
Computer worms are similar to viruses but are stand-alone software and thus do not require other pieces of software to attach themselves to. They do modify their host operating system, however, at least to the extent that they are started as part of the boot process. To spread, worms either exploit some vulnerability of the target system or use some kind of social engineering to trick users into executing them.
Trojan horses are similar to viruses in that they get executed by being part of an otherwise useful piece of software. However, Trojan horses are attached to the host software manually, they can not infect other pieces of software the way viruses can. To spread, Trojan horses rely on the useful features of the host software, which trick users to install them.
A backdoor is a piece of software that allows access to the computer system bypassing the normal authentication procedures. Based on how they work and spread there are two groups of backdoors. The first group works much like a Trojan, i.e., they are manually inserted into another piece of software, executed via their host software and spread by their host software being installed. The second group works more like a worm in that they get executed as part of the boot process and are usually spread by worms carrying them as their payload.
Spyware is a piece of software that collects and sends information (such as browsing patterns in the more benign case or credit card numbers in more serious ones) on users. They usually work and spread like Trojan horses.
Because viruses were historically the first to appear, the term "virus" is often applied, especially in the popular media, to all sorts of malware. Modern anti-viral software strengthen this broader sense of the term as their operation is never limited to viruses.
Malware should not be confused with defective software, that is, software which is intended for a legitimate purpose but has errors or bugs.
Malware can be classified based on how they get executed, how they spread, and/or what they do. The classification is not perfect, however, in the sense that the groups often overlap and the difference is often not obvious, giving rise to frequent flame wars.
The first form of malware to evolve was the computer virus. Viruses work and spread (within the infected system) by attaching themselves to other pieces of software (or in the case of macro viruses, documents), such that during the execution of the program the viral code is executed. Viruses spread across computers when the software or document they attached themselves to is transferred from one computer to the other.
Computer worms are similar to viruses but are stand-alone software and thus do not require other pieces of software to attach themselves to. They do modify their host operating system, however, at least to the extent that they are started as part of the boot process. To spread, worms either exploit some vulnerability of the target system or use some kind of social engineering to trick users into executing them.
Trojan horses are similar to viruses in that they get executed by being part of an otherwise useful piece of software. However, Trojan horses are attached to the host software manually, they can not infect other pieces of software the way viruses can. To spread, Trojan horses rely on the useful features of the host software, which trick users to install them.
A backdoor is a piece of software that allows access to the computer system bypassing the normal authentication procedures. Based on how they work and spread there are two groups of backdoors. The first group works much like a Trojan, i.e., they are manually inserted into another piece of software, executed via their host software and spread by their host software being installed. The second group works more like a worm in that they get executed as part of the boot process and are usually spread by worms carrying them as their payload.
Spyware is a piece of software that collects and sends information (such as browsing patterns in the more benign case or credit card numbers in more serious ones) on users. They usually work and spread like Trojan horses.
Because viruses were historically the first to appear, the term "virus" is often applied, especially in the popular media, to all sorts of malware. Modern anti-viral software strengthen this broader sense of the term as their operation is never limited to viruses.
Malware should not be confused with defective software, that is, software which is intended for a legitimate purpose but has errors or bugs.
No comments:
Post a Comment