Performance analysis and the design of computer and networking systems have traditionally accounted for the stochastic nature of the problem addressed and been based on stochastic type analysis, mainly expected value ("the good"). In some related disciplines, mainly computer science and algorithmic design, worst-case analysis ("the bad") have been popular. In recent years we have experienced a wave of DDoS and Cyber attacks threatening the welfare of the internet. These are launched by malicious users whose only incentive is to degrade the performance of other, innocent, users. This has triggered a new direction of research aiming at evaluating system performance while accounting for the malicious behavior of the attackers ("the ugly"). The performance metrics in this case differs from both the average-case and the worst-case and can affect system design considerably. The purpose of this work is to expose and discuss this new analysis approach as well as to distinguish it from the traditional approaches. We use a wide array of cases and results derived in the literature to demonstrate how such analysis can be carried out. We further use them to show what kind of metrics can be used to evaluate the effect of malicious behavior and the resilience of the system against them.