The Ontology of Malwares

  • Izzat Alsmadi
  • Robert Burdwell
  • Ahmed Aleroud
  • Abdallah Wahbeh
  • Mahmood Al-Qudah
  • Ahmad Al-Omari


Absolute security is almost impossible. On a daily basis the security of many systems is compromised. Attackers utilize different techniques to threaten systems’ security. Among different threats to systems’ security, malware poses the highest risk as well as the highest negative impact. Malware can cause financial losses as well as other hidden cost. For example, if a company system has been compromised, the company could suffer negatively on the reputation and trust level from a publicized malware incident. This chapter provides a detailed description about different malware categories and how to protect against each type.


  1. Abdelazim, H. Y., & Wahba, K. (2002). System dynamic model for computer virus prevalance. Paper presented at the 20th international conference of the system dynamics society, Palermo, Italy, July, available at: Accessed 19 June 2013.
  2. Alenezi, M., & Javed, Y. (2016). Open source web application security: A static analysis approach. Paper presented at the engineering & MIS (ICEMIS), International Conference on.Google Scholar
  3. Berberick, D. A. (2016). Analysis of the North Atlantic Treaty Organization’s (NATO) reaction to cyber threat. Utica College\ProQuest Dissertations Publishing.Google Scholar
  4. Brewer, R. (2016). Ransomware attacks: Detection, prevention and cure. Network Security, 2016(9), 5–9.CrossRefGoogle Scholar
  5. Buehrer, G., Weide, B. W., & Sivilotti, P. A. (2005). Using parse tree validation to prevent SQL injection attacks. Paper presented at the proceedings of the 5th international workshop on software engineering and middleware.Google Scholar
  6. Chien, E. (2005). Techniques of adware and spyware. Paper presented at the the proceedings of the fifteenth virus bulletin conference, Dublin Ireland.Google Scholar
  7. Dufel, M., Subramanium, V., & Chowdhury, M. (2014). Delivery of authentication information to a RESTful service using token validation scheme: Google Patents.Google Scholar
  8. Dunham, K., & Melnick, J. (2008). Malicious bots: An inside look into the cyber-criminal underground of the internet. Boca Raton: CrC Press.CrossRefGoogle Scholar
  9. Emigh, A. (2006). The crimeware landscape: Malware, phishing, identity theft and beyond. Journal of Digital Forensic Practice, 1(3), 245–260.CrossRefGoogle Scholar
  10. Farchi, E., Raz-Pelleg, O., & Ronen, A. (2012). Software bug predicting: Google Patents.Google Scholar
  11. FOSsi, M., Turner, D., Johnson, E., Mack, T., Adams, T., Blackbird, J., Low, M., McKinney, D., Dacier, M., Keromytis, A., Leita, C. (2009). Symantec report on rogue security software. Whitepaper, Symantec, October.Google Scholar
  12. Gandhi, V. K., & Thanjavur, T. N. S. I. (2012). An overview study on cyber crimes in internet. Journal of Information Engineering and Applications, 2(1), 1–5.Google Scholar
  13. Goertzel, K. M. (2009). Tools Report on Anti-Malware. Retrieved from
  14. Gordon, S. (2005). Fighting spyware and adware in the enterprise. Information Systems Security, 14(3), 14–17.CrossRefGoogle Scholar
  15. Gralla, P. (2005). PC Pest Control: Protect your computers from malicious internet invaders. Sebastopol, CA: “ O’Reilly Media, Inc.”.Google Scholar
  16. Grégio, A. R. A., Jino, M., & de Geus, P. L. (2012). Malware Behavior. PhD thesis, University of Campinas (UNICAMP), CampinasGoogle Scholar
  17. Hasan, M. I., & Prajapati, N. B. (2009). An attack vector for deception through persuasion used by hackers and crakers. Paper presented at the Networks and Communications, 2009. NETCOM'09. First International Conference on.Google Scholar
  18. Hong, J. (2012). The state of phishing attacks. Communications of the ACM, 55(1), 74–81.CrossRefGoogle Scholar
  19. Kapoor, A., & Sallam, A. (2007). Rootkits part 2: A technical primer. Retrieved from
  20. Karlof, C., Shankar, U., Tygar, J. D., & Wagner, D. (2007). Dynamic pharming attacks and locked same-origin policies for web browsers. Paper presented at the proceedings of the 14th ACM conference on computer and communications security.Google Scholar
  21. Kelly, A. (2010). Cracking passwords using keyboard acoustics and language modeling. Edinburgh: University of Edinburgh.Google Scholar
  22. Laranjeiro, N., Vieira, M., & Madeira, H. (2009). Protecting database centric web services against SQL/XPath injection attacks. Paper presented at the database and expert systems applications.Google Scholar
  23. Lemonnier, J. (2015). What Is Adware & How Do I Get Rid of It? Retrieved from
  24. Levow, Z., & Drako, D. (2005). Divided encryption connections to provide network traffic security: Google Patents.Google Scholar
  25. Li, P., Salour, M., & Su, X. (2008). A survey of internet worm detection and containment. IEEE Communication Surveys and Tutorials, 10(1). CrossRefGoogle Scholar
  26. Liu, J. (2015). Method, system, and computer-readable medium for automatically mitigating vulnerabilities in source code: Google Patents.Google Scholar
  27. Mali, Y., & Chapte, V. (2014). Grid based authentication system. International Journal, 2(10).
  28. Medley, D. P. (2007). Virtualization technology applied to rootkit defense. Retrieved from
  29. Morales, J. A., Clarke, P. J., Deng, Y., & Golam Kibria, B. (2006). Testing and evaluating virus detectors for handheld devices. Journal in Computer Virology, 2(2), 135–147.CrossRefGoogle Scholar
  30. Moya, M. A. C. (2008). Analysis and evaluation of the snort and bro network intrusion detection systems. Intrusion Detection System\Universidad Pontificia Comillas.
  31. Muscat, I. ( 2017). What are injection attacks? Retrieved from
  32. Muttik, I. (2014). Preventing attacks on devices with multiple CPUs: Google patents.Google Scholar
  33. Myers, M., & Youndt, S. (2007). An introduction to hardware-assisted virtual machine (hvm) rootkits. Mega Security.Google Scholar
  34. Nirmal, K., Ewards, S. V., & Geetha, K. (2010). Maximizing online security by providing a 3 factor authentication system to counter-attack'Phishing'. Paper presented at the Emerging Trends in Robotics and Communication Technologies (INTERACT), 2010 International Conference on.Google Scholar
  35. Osorio, F. C. C., & Klopman, Z. (2006). And you though you were safe after SLAMMER, not so, swarms not zombies present the greatest risk to our national internet infrastructure. Paper presented at the Performance, Computing, and Communications Conference, 2006. IPCCC 2006. 25th IEEE International.Google Scholar
  36. Patel, N., Mohammed, F., & Soni, S. (2011). SQL injection attacks: Techniques and protection mechanisms. International Journal on Computer Science and Engineering, 3(1), 199–203.Google Scholar
  37. Pathak, N., Pawar, A., & Patil, B. (2015). A survey on keylogger: A malicious attack. International Jourcal of Advanced Research in Computer Engineering and Technology.
  38. Pérez, P. M., Filipiak, J., & Sierra, J. M. (2011). LAPSE+ static analysis security software: Vulnerabilities detection in java EE applications. Future Information Technology, 184, 148–156.CrossRefGoogle Scholar
  39. Rotich, E. K., Metto, S., Siele, L., & Muketha, G. M. (2014). A survey on cybercrime perpetration and prevention: A review and model for cybercrime prevention. European Journal of Science and Engineering, 2(1), 13–28.Google Scholar
  40. Savage, K., Coogan, P., & Lau, H. (2015). The evolution of Ransomware. Mountain View: Symantec.Google Scholar
  41. Schmidt, M. B., Johnston, A. C., Arnett, K. P., Chen, J. Q., & Li, S. (2008). A cross-cultural comparison of US and Chinese computer security awareness. Journal of Global Information Management, 16(2), 91.CrossRefGoogle Scholar
  42. Shi, P. P. (2010). Methods and techniques to protect against shoulder surfing and phishing attacks. Concordia University\Master thesis, Ottawa.
  43. Somani, G., Agarwal, A., & Ladha, S. (2012). Overhead analysis of security primitives in cloud. Paper presented at the cloud and services computing (ISCOS), 2012 international symposium on.Google Scholar
  44. Sood, A. K., & Enbody, R. (2011). Chain exploitation—Social networks malware. ISACA Journal, 1, 31.Google Scholar
  45. Stone-GrOSs, B., Abman, R., Kemmerer, R. A., Kruegel, C., Steigerwald, D. G., & Vigna, G. (2013). The underground economy of fake antivirus software. In Economics of information security and privacy III (pp. 55–78). NewYork: Springer.CrossRefGoogle Scholar
  46. Subramanya, S. R., & Lakshminarasimhan, N. (2001). Computer viruses. IEEE Potentials, 20(4), 16–19.CrossRefGoogle Scholar
  47. Van Acker, S., Nikiforakis, N., Desmet, L., Joosen, W., & Piessens, F. (2012). FlashOver: Automated discovery of cross-site scripting vulnerabilities in rich internet applications. Paper presented at the proceedings of the 7th ACM symposium on information, computer and communications security.Google Scholar
  48. Vuagnoux, M., & Pasini, S. (2009). Compromising electromagnetic emanations of wired and wireless keyboards. Paper presented at the USENIX security symposium.Google Scholar
  49. Wang, S., & Ghosh, A. (2010). Hypercheck: A hardware-assisted integrity monitor. Paper presented at the Recent Advances in Intrusion Detection.Google Scholar
  50. Wang, Y. M., Roussev, R., Verbowski, C., Johnson, A., Wu, M. W., Huang, Y., & Kuo, S. Y. (2004). Gatekeeper: Monitoring Auto-Start Extensibility Points (ASEPs) for spyware management. Paper presented at the LISA.Google Scholar
  51. Wang, J., Xue, Y., Liu, Y., & Tan, T. H. (2015). JSDC: A hybrid approach for JavaScript malware detection and classification. Paper presented at the proceedings of the 10th ACM symposium on information, computer and communications security.Google Scholar
  52. Weaver, N., Paxson, V., Staniford, S., & Cunningham, R. (2003). A taxonomy of computer worms. Paper presented at the proceedings of the 2003 ACM workshop on rapid malcode.Google Scholar
  53. Wilkins, R., & Richardson, B. (2013). UEFI secure boot in modern computer security solutions. Paper presented at the UEFI Forum.Google Scholar
  54. William, S. (2008). Computer security: Principles and practice. New Jersey: Pearson Education India.Google Scholar
  55. Yee, C. G., Shin, W. H., & Rao, G. (2007). An adaptive intrusion detection and prevention (ID/IP) framework for web services. Paper presented at the convergence information technology, 2007. International conference on.Google Scholar
  56. Zadig, S. M., & Tejay, G. (2011). Emerging cybercrime trends: Legal, ethical, and practical issues. In Investigating Cyber Law and Cyber Ethics: Issues, Impacts and Practices (p. 37). IGI global.Google Scholar
  57. Zhang, F., Wang, H., Leach, K., & Stavrou, A. (2014). A framework to secure peripherals at runtime. Paper presented at the ESORICS (1).Google Scholar
  58. Zuo, Z., & Zhou, M. (2004). Some further theoretical results about computer viruses. The Computer Journal, 47(6), 627–633.CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2018

Authors and Affiliations

  • Izzat Alsmadi
    • 1
  • Robert Burdwell
    • 1
  • Ahmed Aleroud
    • 2
  • Abdallah Wahbeh
    • 3
  • Mahmood Al-Qudah
    • 4
  • Ahmad Al-Omari
    • 5
  1. 1.Texas A&M University San AntonioSan AntonioUSA
  2. 2.Department of Computer Information SystemsYarmouk UniversityIrbidJordan
  3. 3.Slippery Rock University of PennsylvaniaSlippery RockUSA
  4. 4.Yarmouk UniversityIrbidJordan
  5. 5.Schreiner UniversityKerrvilleUSA

Personalised recommendations