Before I start describing various types of malware, I would like to first define what I understand by the term malware:
Malware is a piece of code which changes the behavior of either the operating system kernel or some security sensitive applications, without a user consent and in such a way that it is then impossible to detect those changes using a documented features of the operating system or the application (e.g. API).
The above definition is actually different from the definition used by A/V industry (read most other people), as e.g. the simple botnet agent, coded as a standalone application, which does not hook OS kernel nor any other application, but just listens for commands on a legally opened (i.e. opened using documented API functions) TCP port, would not be classified as malware by the above definition. However, for completeness, I decided to also include such programs in my taxonomy and classify them as type 0 malware.
Download the paper in PDF format here.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.