Other Classifications of Malware
Other malware classification systems use some terms that this malware taxonomy does not, including:
- Drive-by download. This term refers to exploits that target vulnerabilities in web browsers, which can lead to computers becoming compromised if a user simply browses to the malicious site. The project Broad Street taxonomy presented here does not use this term; it classifies all exploits according to whether a security update addressing the vulnerability is available and how long ago it was released.
- Exploit kit. Exploit kits are collections of exploits that usually target web browsers and plugins in the form of packages that can be deployed on a web server. Project Broad Street sees exploit kits as collections of attacks that exploit vulnerabilities.
- Pay per install. This term is used to identify malware that is distributed by other malware as part of an affiliate scheme. This taxonomy is focused on the initial compromise, and does not take economic arrangements into consideration.
- Bluetooth. Some security software vendors highlight malware that uses Bluetooth wireless connections to propagate. Analysis of Bluetooth as a propagation mechanism is out of scope for this project, but it seems likely that use of this vector would be classified as either social engineering or exploits, or potentially a new part of the taxonomy.