Ensuring antivirus security is a mission-critical task for enterprises in view of the increasing number of malicious attacks and their destructive potential. The authors of this paper focus on the problem of evaluating the potential harm caused by computer viruses.

The authors define a computer virus’ harm in terms of four criteria, each with multiple indexes:

• Current infection scale, which includes four indexes: the number of infected independent sites, the number of general infected computers, the number of infected areas, and the number of infected trades.
• Way of transmission, which includes indexes on transmission by file, by email, by local area network (LAN), by Internet, by system vulnerability, by system configuration defect, by social engineering, and by operation free from person.
• Destructive behavior, which includes indexes on actions that delete/modify files, trigger events, block networks, actively and sustainably disseminate via network, paralyze systems, access sensitive information, reduce network performance, and modify system configuration, as well as other active attacks.
• Self-complexity, which includes the following indexes: prevent computer from getting latest patch, utilizing new attack method, compound mode of transmission, and anti-clear.

The overall harm of the virus is calculated as a combination of all the indexes. Based on the calculated harm number, the virus is assigned a grade ranging from five (devastating) to one (slight). The paper presents a step-by-step description of the evaluation process. Experts use an analytical hierarchy process to assess the weight of each index. They also determine the score indexes for specific viruses. The proposed evaluation model was tested on a specific virus (Worm.WhBoy.h). The paper presents detailed quantitative results.

The paper will interest practitioners and researchers specializing in the evaluation of computer viruses, as well as those studying grey systems as a method to represent uncertainty. Although the authors note that many factors can or should be taken into consideration when evaluating the harm of a virus, they do not provide a rationale for the selection of the factors and indexes used in the proposed method. The authors’ claim that the proposed method is “more objective” is not sufficiently explained. A similar approach has been used for supplier evaluation [1].