Glossary of Cyber Security Terms

         



This glossary is a work in progress. New terms are added when a need for a definition is identified as part of the process of writing a new book.

The objective of this glossary is to provide definitions which are easily accessible and could be used by a student of computing or computer science.

If a term cannot be found in this glossary, please check the other glossaries on this site as well.

Top

A   B   C   D   E   F   G   H   I   J   K   L   M   N   O   P   Q   R   S   T   U   V   W   X   Y   Z   Go to bottom

A

Anti-virus software

Software designed to identify cyber threats. Threats are usually identified by scanning for either software with a specific signature or specific characteristics or behaviour patterns.

Go to Top   Go to Bottom

B

Back-up

A copy of key documents kept separately from the original. To be effective a back-up needs to be not only held on a separate device but also preferably in a separate location. This is not specifically associated with cyber security, but restoring data from a back-up is often the only practical recourse in the event of a cyber-attack. See also Ransomware.

Black hat hacker

A hacker who breaks into or attempts to break into a computer that does not belong to him or her, with destructive or criminal intent. See also White Hat Hacker.

Botnet

A network of computers which have been taken over by a cyber-criminal without the knowledge of the owners of the machines. Machines in a botnet are used to send out spam, phishing mails and as the source of messages sent to a machine targeted in a DoS attack. A machine in a botnet will appear to be working normally even though its processing resources are being used by cyber criminals. See also phishing, spam, zombie and DoS.

Go to Top   Go to Bottom

C

Code Injection (insertion)

Malicious code introduced into a computer during the processing of an infected dataset. That dataset could be a document, a file, a web page or an image.

Cypher also spelt Cipher

A method for encrypting texts with the purpose of keeping the content of those texts private and secure. The cypher can be thought of as the process or an algorithm used for converting a plan text into a cypher text. A cypher key is usually needed to make the process work. See also cypher text, plain text, encryption and decryption.

Cypher Key

Usually a sequence of characters used in combination with a method to encrypt text. In a simple cypher, the key could simply be an alternative arrangement of the letters of the alphabet.

Cypher text

A text which has been rendered unreadable by encrypting it. See also plain text, encryption and decryption.

Go to Top   Go to Bottom

D

Decrypt

The process of converting an encrypted text into a readable (plain) text using a key.

Denial of Service (DoS)

A type of cyber attack where there is an attempt to overwhelm a specific computer with a high volume of messages. The object may be to cause damage through loss of business or the loss of an online function. See also DDoS.

Distributed Denial of Service (DDoS)

A type of cyber attack where there is an attempt to overwhelm a specific computer with a high volume of messages. In a DDoS, the source of the messages is from a wide range of machines. This is an attempt to bypass preventative measures. See also DoS.

Go to Top   Go to Bottom

E

Encryption (Encrypt)

The process of converting a readable (plain) text into an unreadable one using a structured method known as a cypher.

Go to Top   Go to Bottom

F

Firewall

Software which controls access to a device. The device is normally a computer, but can theoretically be any connected device capable of running software. Both inputs and outputs can be monitored and controlled with firewall software.

Go to Top   Go to Bottom

G

There are no terms in this glossary beginning with the letter 'G'.


Go to Top   Go to Bottom


H

Hacker

A person who breaks into, or attempts to break into the computer systems of another person with or without permission. See also white hat hacker and black hat hacker.

Honeypot

A machine, web site, web page or online application set up with the deliberate intention of attracting hackers. Honeypots are used to observe hacker behaviour and techniques as well as identifying new threats.

Go to Top   Go to Bottom

I

There are no terms in this glossary beginning with the letter 'I'.


J

There are no terms in this glossary beginning with the letter 'J'.


K

There are no terms in this glossary beginning with the letter 'K'.

L

There are no terms in this glossary beginning with the letter 'L'.


Go to Top   Go to Bottom


M

Malware

Malware is a catch-all term for a wide variety of damaging software created with criminal or malicious intent. It can take the form of trojans, viruses and worms. Malware can be delivered by any of the following mechanisms; spam, popups, fake websites, infected websites and downloads of fake or infected software products. See also trojan, virus and worm.

Go to Top   Go to Bottom

N

There are no terms in this glossary beginning with the letter 'N'.


O

There are no terms in this glossary beginning with the letter 'O'.


Go to Top   Go to Bottom


P

Phishing

Malware which tries to lure a victim into giving away passwords and other account information. For example, this often takes the form of an email which insists that the potential victim must sign into an account to verify some piece of information, but the associated link leads to a fake website which simply captures the victim's details. Phishing emails may also try to tempt a potential victim into opening a document or following a link by falsely suggesting there be some sort of monetary benefit such as a prize win or a refund. See also Spear Phishing.

Plain text

A text which has not been encrypted and which is readable by a human being.

Go to Top   Go to Bottom

Q

There are no terms in this glossary beginning with the letter 'Q'.


Go to Top   Go to Bottom


R

Ransomware

Malware which locks a victim's files using some form of encryption. This is usually a form of hostage situation where the victim is promised that access to their files will be restored on the payment of a sum of money, often quoted in bitcoins. This is neither a guaranteed nor a recommended solution. The only practical course of action is to format storage devices and memory on the infected computer and restore data from back-ups. See also backup.

Go to Top   Go to Bottom

S

Spam

In the context of computing spam consists of unsolicited emails. While much spam is simply advertising products and services, spam can also be a vehicle for malware.

Spear Phishing

A phishing attack which has been tailored for a specific recipient. Typically, an email which has been crafted to appear genuine and which contains attractive content which lures the recipient into linking to a fake website also crafted to appear genuine but which contains malware of some sort or software for recording personal and security details. See also phishing.

Go to Top   Go to Bottom

T

Trojan

A piece of software hidden in a victim's computer which allows a cyber-criminal to bypass security measures such as firewalls and obtain access without the victim's knowledge. A trojan usually gains initial access through a seemingly innocent download or email attachment.

Go to Top   Go to Bottom

U

There are no terms in this glossary beginning with the letter 'U'.


Go to Top   Go to Bottom


V

Virus

A piece of software inserted into a program without the owner's knowledge or permission. The virus 'reproduces' by creating more copies of itself when its host program is executed. These new copies are inserted into the code of other programs. Any type of software can be affected. A virus may have other malicious functions in addition to replication. See also worm.

Go to Top   Go to Bottom

W

White hat hacker

A hacker who breaks into or attempts to break into a computer that does not belong to him or her, with good intent. This is done to expose weaknesses in that computer's cyber security precautions. White hat hackers may also break into a system to retrieve information for political reasons. Even if the intention is good, hacking for political reasons is open to question.

Worm

A piece of software which can reproduce itself without needing any other software as a host. This is in contrast to a virus which is embedded in another piece of software and only replicates when that software is executed. Worms usually operate to take advantage of loop holes in software infrastructure such as browsers and operating systems.

X

There are no terms in this glossary beginning with the letter 'X'.

Y

There are no terms in this glossary beginning with the letter 'Y'.

Z

Zombie

An Internet connected device which has been incorporated into a botnet. See also botnet.

Bottom

Go to Top