Rogue software: Protection against potentially unwanted applications

Rogue software are applications which purport to perform some function, but, although appearing to, do not perform the stated function - often prompting the user to purchase the product. Tests by independent testing labs to measure the protection that commercial security products provide against rogue software usually assume general consensus that an application is either rogue or not. In practice, rogue applications may be unwanted by some users but tolerated by others. This has given rise to the term “potentially unwanted application” (PUA). Security product vendors have responded to this by selectively allowing some types of rogue software. This paper examines the patterns of rogue software allowance and detection by security applications. Three main groups of rogue software are identified: Affiliate PUAs, Pay-per-install PUAs, and Financial PUAs. Each group is analyzed in an attempt to understand their differing business dynamics and basis for security vendors deciding to detect or allow the rogue applications.