Research Article

Evaluating Grayware Characteristics and Risks

Table 5

Malicious activities carried out by grayware.

ID Payload Description Keyword

1Attack security softwareLower security level, disable security applicationsAntivirus, firewall, security
2Hijack SessionIntercept connections or communication channelsHijack, affiliate, redirect
3Popup advertisementsShow ads out of contexts or overlap othersPop-up, pop-under
4Information theftCollect sensitive data and keystrokes, send to attackersPasswords, information
5Configuration changeModify homepage, preference, bookmarks, registryFolder, registry, config
6Arbitrary commandsExecute arbitrary programs by attackersArbitrary code, execute, run
7Download softwareAct as downloaders or droppers for extra programsDownload, drop
8Terminate processKill system daemons or network applicationsTerminate, kill, stop
9Network connectionOpen network connections to grant attacker full controlConnect, proxy
10File manipulationAdd, modify, move, or delete system/data filesFile, overwrite, load, move