UC InfoSec

UC Home

Maps

A-Z Index

Web Search

People Search

Blackboard OneStop Libraries BOL E-mail UCMail

UC Tools

From the Director
Events
How To...
Top 10...
Threat/Countermeasure
Software Guide
Training & Education
Media - RSS Feeds

Applicable Laws
InfoSec Policies
Projects
Risk Management
Standards & Guidelines
Services
Meet the Team

InfoSec Home
UCit Home

Dictionary of InfoSec Terms

These are a few terms used on this site that may not be familiar.

A-B-C-D-E-F-G-H-I-J-K-L-M-N-O-P-Q-R-S-T-U-V-W-X-Y-Z

A

Alert: Notification that a specific attack has been directed at the information system of an organization.

Attack: Intentional act of attempting to bypass one or more computer or network security controls.

Authenticate: To verify the identity of a user, user device, or other entity, or the integrity of data stored, transmitted, or otherwise exposed to unauthorized modification in an information system, or to establish the validity of a transmission.

Authentication: Security measure designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual's authorization to receive specific categories of information.

B

Back Door: Hidden software or hardware mechanism used to circumvent security controls. Synonymous with trap door.

Bayesian filtering is the process of using Bayesian statistical methods to classify documents into categories based on the probability tests. The system can then take action that the document. For example, spam can be automatically filed in a junk mail folder. (More)

C

Countermeasures: Action, device, procedure, technique or other measure that reduces the vulnerability of an information system.

D

Data Driven Attack: A form of attack that is encoded in seemingly innocuous data, which is executed by a user or a process to implement an attack. A data driven attack is a concern for firewalls, since it may get through the firewall in data form and launch an attack against a system behind the firewall.

Denial of Service: Result of any action or series of actions that prevents any part of an information system from functioning.

Dictionary Attack: An attack that uses a brute-force technique of successively trying all the words in some large, exhaustive list.

Distributed Tool: A tool that can be distributed to multiple hosts, which can then be coordinated to anonymously perform an attack on the target host simultaneously after some time delay.

DNS Spoofing: Assuming the DNS name of another system by either corrupting the name service cache of a victim system, or by compromising a domain name server for a valid domain.

F

Firewall: A firewall is a hardware or software solution to enforce security policies. From a physical perspective, a firewall is equivalent to a lock on a door. It permits only authorized users such as those with a key or access card to enter. A firewall has built-in filters that block unauthorized or potentially dangerous material from entering the system. It also logs attempted intrusions.

Flooding: Type of incident involving insertion of a large volume of data resulting in denial of service.

H

Hacker: Unauthorized user who attempts to or gains access to an information system and the data it supports.

I

Intrusion: Unauthorized act of bypassing the security mechanisms of a system.

M

Malicious Code: Software capable of performing an unauthorized process on an information system.

Mobile Code: Software modules obtained from remote systems, transferred across a network, and then downloaded and executed on a local system without explicit installation or execution by the recipient. Malicious mobile code is designed, employed, distributed, or activated with the intention of compromising the performance or security of information systems and computers, increasing access to those systems, disclosing unauthorized information, corrupting information, denying service, or stealing resources.

P

Packet: A block of data sent over the network transmitting the identities of the sending and receiving stations, error-control information, and message.

Packet Filtering: A feature incorporated into routers to limit the flow of information based on pre-determined communications such as source, destination, or type of service being provided by the network. Packet filters let the administrator limit protocol specific traffic to one network segment, isolate email domains, and perform many other traffic control functions.

Packet Sniffer: A device or program that monitors the data traveling between computers on a network.

Probe: An attempt to gather information about an information system for the apparent purpose of circumventing its security controls.

Proxy: Software agent that performs a function or operation on behalf of another application or system while hiding the details involved.

R

Replicator: Any program that acts to produce copies of itself. Examples include; a program, a worm, or virus.

Retro-virus: A retro-virus is a virus that waits until all possible backup media are infected too, so that it is not possible to restore the system to an uninfected state.

Rootkit: A hacker security tool that captures passwords and message traffic to and from a computer. A collection of tools that allows a hacker to provide a backdoor into a system, collect information on other systems on the network, mask the fact that the system is compromised, and much more. Rootkit is a classic example of Trojan Horse software. Rootkit is available for a wide range of operating systems.

S

Smurfing: Software that mounts a denial of service attack by exploiting IP broadcast addressing and ICMP ping packets to cause flooding.

Spam: Indiscriminately sending unsolicited, unwanted, irrelevant or inappropriate messages, especially commercial advertising in mass quantities, is considered spam. Another term used to describe spam is "electronic junk mail."

Spoofing: Impersonating another person or computer, usually by providing a false email name, URL or IP address.

T

Threat: Any circumstance or event with the potential to adversely impact an information system through unauthorized access, destruction, disclosure, modification of data, and/or denial of service.

V

Virus: Self-replicating, malicious code that attaches itself to an application program or other executable system component and leaves no obvious signs of its presence.

Vulnerability: Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited.