Wikipedia:WikiProject Malware

From Wikipedia, the free encyclopedia

This is a draft WikiProject. Its aim is to help set up standards of organization and presentation for articles on computer viruses, computer worms, and other forms of malicious software, or "malware" for short.Knick 02:44, 27 January 2007 (UTC)

Contents 1 Scope 2 Parentage 3 Descendant WikiProjects 4 Participants 5 Structure 5.1 Basic stub 5.2 Advanced stub 5.3 Full article 6 Major issues 6.1 Name formatting 6.2 Redirects 7 Tasklist 8 FAQ 9 Wikipedia Root Points 9.1 Root articles 9.2 Root categories 9.3 Root templates

[edit] Scope

This WikiProject aims to help organise and format articles about malicious computer software.

[edit] Parentage

This WikiProject is subcategory of WikiProject Software

WikiProject Science.

WikiProject Computer science

WikiProject Software

WikiProject Malware

WikiProject Microsoft Windows

WikiProject Macintosh

WikiProject Linux

[edit] Descendant WikiProjects

No descendant WikiProjects have been defined.

[edit] Participants

• Scorchiolio - 11 April 2006
• Trafton - 11 January 2006
• l337p4wn-15 January 2006
• iguana_nirvana14- 29 January 2006
• TheJC ^Talk_{Contributions} 05:26, 16 May 2006 (UTC)
• Hezzy 21:11, 4 August 2006 (UTC)
• Jacroe - 4 January 2006
• AchedDamiman
• Sephiroth storm - 25 January 2008
• Igorberger - 25 January 2008
• KingDoomed - 27 January 2008
• Sljaxon - 18 February 2008
• Linuxgeek007 (talk) 22:50, 30 April 2008 (UTC)
• SusanLesch - 11 May 2008
• Tyw7 - June 8, 2008
• techpro5238 - June 12, 2008

[edit] Structure

At present, there are three different kinds of Wikipedia articles on viruses (articles are not all belonging to this Project's author because of egotism, but only because they are what he is familiar with):

[edit] Basic stub

Basic stubs contain what type of virus is in question, and perhaps very basic information about a significant payload, if there is one. Generally, the template is not used. These articles should be considered placeholders for expansion. An example article is Alex & Solo (computer virus).

[edit] Advanced stub

Advanced stubs contain advanced descriptions of behaviour, but not a complete analysis. Some minor details, such as text strings may be missing. The template is generally used. This should be used for semi-common viruses or formerly common viruses, and does not require immediate expansion; expanding these articles is low priority. An example article is AntiCMOS (computer virus).

[edit] Full article

A full, thorough description and analysis is included. An example is Westwood (computer virus).

[edit] Major issues

[edit] Name formatting

Articles should follow the format Virusname (computer virus) for viruses, Wormname (computer worm) for worms, Trojanname (trojan horse) for trojan horses, etcetera. These should not include prefixes and suffixes. For instance, what one virus scanner calls Win32.Sobig.A@mm should be shortened to Sobig (computer worm). Variants can usually be included in the original article, but the B version of Sobig would be included at Sobig.B (computer worm). DOS viruses are similar; the original A variant (or a general family description) should be included at one space (for instance, Jerusalem (computer virus)), with variants spanning out.

DOS viruses offer a problem. For instance, Westwood is a variant of Jerusalem. It would be acceptable to include Westwood at either Westwood (computer virus), or Jerusalem.Westwood (computer virus), although a redirect from the former would be necessary if the later was used.

[edit] Redirects

Aliases, alternative names, shortform names, etc. should all be redirected. It is also recommended to redirect ".A" variants to the main articles (for instance, AntiCMOS.A (computer virus) is redirected to AntiCMOS (computer virus).

[edit] Tasklist

It might be worth adding entries from the WildList before the rarer viruses.

[edit] FAQ

How much knowledge is required to contribute?
Although basic computer knowledge is fairly essential, all are encouraged to contribute. The one suggested "golden rule" is "contribute only what you understand." Even if you paraphrase something from another article, it may be "lost in translation."

How can I know whether the information I am getting is accurate?
The short answer is, you can't. The average computer virus analysis contains several errors, and even more omissions. This is especially common among "partially analysed" older viruses. Scott's Valley is one example. It was never determined whether Scott's Valley had a destructive payload. Some articles simply ignore this. McAfee[1], however, generally mentions this, which is helpful. The best thing to do is cross-check articles to check for discrepancies, and note them if they exist.

How can I know which virus has which aliases?
Short answer: you probably cannot. Long answer: if you have a sample of the virus in question you can submit it to VirusTotal or some such service and jot down the various reports.

[edit] Wikipedia Root Points

[edit] Root articles

• Malware
• Computer virus
• Computer worm
• Trojan horse
• List of computer viruses

[edit] Root categories

• Category:Computer viruses
• Category:Malware
• Category:WikiProject Malware

[edit] Root templates

• Template:Computer virus.