Information Security Glossary

[A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]

 

 

 

A
Adware
Adware is software that displays advertising banners while the program is
running. A lot of adware is also spyware.
Anti-antivirus Virus
A virus that attacks, disables, or avoids infecting specific anti-virus software.
Also called a retrovirus.
 

 

 

B
door
door is a general term for a malicious program that listens for commands on a certain network port. Most backdoors consist of a client component and a server component. The client resides on the intruder’s remote computer, and the server resides on the infected system. When a connection between client and server is established, the remote intruder has some degree of control over the infected computer.
Botnet
A botnet is a network of zombie computers under the remote control of a master.
Brute Force Attack
Brute force attack is a technique used to break an encryption or authentication system by trying all possibilities.
 

 

 

C
Certification authority (CA)

In cryptography, a certificate authority or certification authority (CA) is an entity which issues digital certificates for use by other parties. It is an example of a trusted third party. CAs are characteristic of many public key infrastructure (PKI) schemes.

There are many commercial CAs that charge for their services. Institutions and governments may have their own CAs, and there are also CAs which are free of charge.

Code Injection Attack
An attack technique to introduce code into a computer program or system to form an unexpected action. The attack is usually accomplished by taking advantage of an un-enforced or loosely implemented input validation process.
Companion Virus
A virus that creates a new program with the same file name as an existing program, but in a different place or with a different file type, so that typing the program’s name on the command line causes the virus program to be executed instead of the original program.
 

 

D
Data Driven Attack
A form of attack encoded in innocuous-seeming data which is then executed by a user or software to enforce the attack.
Denial of service
A prevention of the use of information resources either intentionally or unintentionally, which affects the availability of the information resources. Examples of such attacks are SYN flood, Ping O death, packet flooding and Ping flooding.
Dictionary Attack
Dictionary attack is a technique used to break an encryption or authentication system by trying words that can be found in a dictionary.
DNS spoofing
Pretend to be the DNS name of another system by compromising the domain name server for a valid domain.
 

 

E
Encryption
A process to encode the contents of message so as to hide it from outsiders. That is, it is a process of scrambling and transforming data from an easily readable and understandable format (plaintext) into an unintelligible format that seems to be useless and not readily understandable (ciphertext).
 

 

F
File Infector Virus
It is a virus that infects executable files. Usually, the virus will get control when the program is first executed. In most cases, the virus will return control to the original program after it has completed its own execution.
Firewall
A firewall is a device or set of devices configured to permit, deny, encrypt, or proxy all computer traffic between different security domains based upon a set of rules and other criteria.
 

 

H
Hacker
In computer security, a hacker is someone with a strong interest in understanding and manipulating computer systems, and specialises in work with the security mechanisms for these systems. Nowadays, it is most commonly used by the mass media to refer to a person who maliciously uses computer knowledge to gain unauthorised access and cause damage to computers and data.
Hoax
This usually consists of an email message warning recipients about a new and terribly destructive virus. It ends by suggesting that the reader should warn his or her friends and colleagues, perhaps by simply forwarding the original message to everyone in their address book. The result is a rapidly growing proliferation of pointless emails that can increase to such an extent that they overload systems.
Honeypot
A honeypot is a decoy system put on a network as bait for attackers. The attackers believe the honeypot is a legitimate system and attack on it, without being known that their activities are being monitored.
 

 

I
Identity certificate

In cryptography, a identity certificate is an electronic document which incorporates a digital signature to bind together a public key with an identity — information such as the name of a person or an organization, their address, and so forth. The certificate can be used to verify that a public key belongs to an individual.

In a typical public key infrastructure (PKI) scheme, the signature will be of a certificate authority (CA). In a web of trust scheme, the signature is of either the user (a self-signed certificate) or other users (“endorsements”). In either case, the signatures on a certificate are attestations by the certificate signer that the identity information and the public key belong together.

Intrusion Detection
A method or process to detect the break-ins or attempts to attack via the use of software systems which operate on the network. Intrusion detection systems often combine the network monitoring with real-time capture and analysis in order to identify for attacks.
IPsec (IP Security)
IPsec provides interoperable, high quality and cryptographically based security services for traffic at the IP layer, such as authenticity, integrity, confidentiality and access control to each IP packet.
 

 

K
Keylogger
Keylogger is a device or program that captures activities from an input device. Malicious people can make use of keyloggers to capture personal information being input into a computer system.
 

 

L
Logic Bomb
A piece of code left within a computing system with the intent of it executing when some condition occurs. The logic bomb could be triggered by a change in a file, by a particular input sequence to the program, or at a particular time or date. Logic bombs get their name from malicious actions that they can take when triggered.
 

 

M
Macro Virus
Macro virus is a program written in the macro language which is provided with some software applications (word processors, spreadsheets, etc.) To propagate, macro viruses exploit the capabilities of the macro languages to transfer themselves from one infected file (document or spreadsheet) to another.
Mail Bomb
A mail bomb is the sending of a massive amount of email to a specific person or system. A huge amount of mail may simply fill up the recipient’s disk space on the server or, in some cases, may be too much for a server to handle and may cause the server to stop functioning.
 

 

N
Network-based Scanner
Network-based scanner is installed on a single machine that scans a number of other hosts on the network. It helps detect critical vulnerabilities such as mis-configured firewalls, vulnerable web servers, risks associated with vendor-supplied software, and risks associated with network and systems administration.
 

 

O
Open System Authentication
Open System Authentication is the default authentication protocol for 802.11 standard. It consists of a simple authentication request containing the station ID and an authentication response containing success or failure. On success, both stations are considered mutually authenticated.
 

 

P
Pharming
An attack redirects users to a bogus website such as fraudulent websites or proxy
servers, typically through DNS server hijacking or poisoning.
Phishing
In computing, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from PayPal, eBay, Youtube or online banks are commonly used to lure the unsuspecting. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a website. Phishing is an example of social engineering techniques used to fool users.Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.
PKI
PKI stands for Public Key Infrastructure, an architecture to proof the identities of people, web sites, computer programs, etc. on the Internet. In a PKI, Certificate Authority (CA) issues Digital Certificates to applicants. CA also verifies the identity of applicants, and publishes certificates on an on-line repository where people can lookup others’ certificates.
 

 

R
Relay Attack
A replay attack is an attack in which the attacker intercepted a communication session from a legitimate user and then repeated in a later time the captured session in an attempt to impersonate the legitimate user.
 

 

S
Shoulder Attack
Shoulder attack is an attack in which attacker might be able to observe what one types and hence steal the password by direct observation by looking over one’s shoulder, or indirect monitoring by using a camera when one types in his password.
Spam
“Spam” is defined as an unsolicited commercial bulk e-mail. In addition, spam is an e-mail that one did not ask for and do not want.
Spyware
Spyware is computer software that is installed surreptitiously on a personal computer to intercept or take partial control over the user’s interaction with the computer, without the user’s informed consent.
Stealth Virus
A virus that actively seeks to conceal itself from discovery or defends itself
against attempts to analyze or remove it.
Strong password
“strong password” can be set by following the rules below
a. Set your passwords with at least eight characters composed of random letters, digits and symbols;
b. Use different sets of password in different systems, and;
c. Never use dictionary words and personal related information such as name, date, telephone number, HKID and user ID, etc.
 

 

V
Vishing
Vishing is a type of phishing attack that targeted VoIP. It can be used by the attacker to steal the identities or money of the victim.
VMware
VMware, Inc. (NYSE: VMW) is a software developer and a global leader in the virtualization market. The company was founded in 1998 and is based in Palo Alto, California. The name “VMware” comes from the acronym “VM”, meaning “virtual machine”, while ware comes from second part of “software”.
VMware’s desktop software runs on Microsoft Windows, Linux, and Mac OS X. VMware’s enterprise software, VMware ESX Server, runs directly on server hardware without requiring an additional underlying operating system.
VPN
A virtual private network (VPN) is a computer network in which some of the links between nodes are carried by open connections or virtual circuits in some larger network (e.g., the Internet) instead of by physical wires. The link-layer protocols of the virtual network are said to be tunneled through the larger network when this is the case. One common application is secure communications through the public Internet, but a VPN need not have explicit security features, such as authentication or content encryption. VPNs, for example, can be used to separate the traffic of different user communities over an underlying network with strong security features.
Vulnerablity
A flaw or weakness in a system that could be exploited by intruders to violate the security policy.
 

 

W
Wi-Fi Protected Access (WPA)
Wi-Fi Protected Access (WPA) is a wireless security protocol to fix known security issues of WEP. WPA provides users with a high level of assurance that their data will remain protected by using Temporal Key Integrity Protocol (TKIP) for data encryption.
 

 

X
XML Encryption
XML encryption is a specification developed by W3C that provides a process for encrypting data and representing the result in XML.
 

 

Z
Zero-day Attack
An attack exploiting a newly discovered vulnerability appears before the release of the corresponding patch by the software vendor.
Zombie Computer (or Zombie)
A computer attached to the Internet that has been compromised by intruder with computer viruses or Trojan Horses and manipulated without the knowledge of the computer owner. The computer is usually used to perform malicious attacks such as denial of service attack under remote control.