CNT4403 Malware

Malware

Software with "malicious intentions."

Virus

A type of malware that is generally included as part of an executable file and requires some assistance to infect a system.

Worm

A type of malware that is similar to a virus but is able to self-propagate across a network without assistance.

Trojan

A type of malware consisting of infected software that generally does not spread on its own.

Ransomware

Malware that denies a user access to a resource (e.g., by encrypting files) until a payment is made.

Botnet

A network of software robots (bots) that run on compromised machines and are administered by command and control (C&C) networks.

Bot

A compromised machine running a software robot as part of a botnet.

Bot master

The owner and/or controller of a botnet.

Bot theft

The act of bot controllers penetrating and "stealing" bots from other botnets.

BotHunter

An Intrusion Detection System (IDS) approach that detects bots by correlating multiple events based on the bot's "Circle of Life" communication structure, rather than a single signature.

DDoS (Distributed Denial of Service)

An attack campaign where a bot master uses hundreds of thousands of malicious devices to unleash massive torrents of traffic at a single target.

(Fast) Flux

A technique used by botnets to avoid shutdown where they use Dynamic DNS to quickly move their hosting infrastructure between many different IP addresses.

Fighting "Fast Flux"

ISPs try to solve the issue of botnets using the fast flux technique by spotting the secret codes or formulas (called Domain Generation Algorithms) the bots use to create new website names.

Spam

Unsolicited mass emailing, generally attempting to advertise a product.

Click Fraud

The act of generating revenue from paid-advertising links by clicking on them automatically, without any genuine user desire or interest.