Categories
Definitions

Cyber Security Terminology

Here are some definitions for commonly used terminology within the realm of Cyber Security.

Cyber Security Terminology
  • Access Point (AP) – a device, such as a wireless router, that allows wireless devices to connect to a network.
  • Anonymity – any interaction a user has on the Internet that protects his or her identity from being shared with another user or with a third party.
  • AntiVirus – a program or software designed to detect and destroy computer viruses.
  • Asymmetric – in terms of encryption this is the use of a pair of public and private keys to encrypt and decrypt messages.
  • Authentication – the process of verifying the identity of a person or device which may be via a user / password combination.
  • Backdoor – a method to get around normal security measures and gain high level user access ( e.g. root) on a computer system, network, or software application.
  • Brute Force – this is a form of attack which can involve trying every combination of a PIN or common passwords that may be contained in a list until the combinations are exhausted or access is gained.
  • Certificate Authority (CA) – an organization that acts to validate identities and bind them to cryptographic key pairs with digital certificates.
  • Client-side – this means the action takes place on the user’s device e.g. smartphone, computer etc and may be via an app or web browser.
  • Compartmentalization – the limiting of access to information to persons or other entities on a need-to-know basis to perform certain tasks.
  • Confidentiality – the protecting of information from being accessed by unauthorized parties.
  • Credentials – in terms of authentication this is proof of access by authorized user or system e.g. user/password combination, security key or similar.
  • Cryptosystem – a suite of cryptographic algorithms needed to implement a particular security service, most commonly for achieving confidentiality (encryption).
  • Dark Net, Dark Web or Deep Web – a computer network with restricted access that is used chiefly for illegal peer-to-peer file sharing. The sites & pages are not indexed by conventional search engines.
  • Deauthentication – a type of attack that targets communication between a user and an Access Point (AP) on a wireless network. Can be referred to as a form of Denial-of-Service (DoS) attack.
  • Digital Certificate – an electronic document issued by a Certificate Authority that contains the public key for a Digital Signature and specifies the identity associated with the key e.g. organization name.
  • Digital Signature – confirms that the public key belongs to the specific organization.
  • Domain or Domain Name – an identification string that defines a realm of administrative autonomy, authority or control within the Internet e.g. MyWebSite.com.
  • Doxing – research on an individual to cause problems for victim or threat of releasing it.
  • Encryption – a way to conceal information by altering it so that it appears to be random data.
  • Firewall – a network security device that monitors incoming and outgoing network traffic and permits or blocks data packets based on a set of security rules.
  • Handshake – the process of one computer establishing a connection with another e.g. laptop logging onto a server. The steps within verifying this connection, including authorization, are referred to as ‘the handshake’.
  • Host or Network Host – a computer or device on a network.
  • Hypervisor – a lightweight software layer that allows multiple guest operating systems to be run on the same physical server or Host at the same time.
  • Identity Theft – this is when someones personal information is obtained and used to commit fraud or gain financial benefits.
  • Isolation – in terms of browsing the Internet this is a way of keeping the user’s browsing completely separate from information on their computer and network they are connected to in order to improve security.
  • Kernel – the central part of an operating system which manages the computer and hardware e.g. CPU, Memory, I/O devices, clocks.
  • Malware – software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system.
  • Main-In-The-Middle (MITM) – a type of attack where the attacker intercepts communications between the victim’s computer and the server they are communicating with. The aim is to either eavesdrop on those communications or modify the requests/responses.
  • Netmask – a 32-bit binary mask used to divide an Internet Protocol (IP) address into subnets and specify the network’s available hosts e.g. 255.0.0.0, 255.255.0.0, 255.255.255.0.
  • Non-repudiation – the assurance that someone cannot deny the validity of something.
  • Patching – applying a set of changes to software or a computer program to keep it up-to-date, fix problems or improve functionality.
  • Payload – the part of a data transmission that includes the actual message or could be Malware.
  • Phishing – tricking user to click on a link via link manipulation that redirects to a false site.
  • Pivoting – a method that uses the compromised computer to attack other computers on the same network to avoid restrictions such as firewall configurations, which may prohibit direct access to all machines.
  • Plausible Deniability – encryption techniques where the existence of an encrypted file or message is deniable in the sense that an adversary cannot prove that the plaintext data exists.
  • Privacy – the ability to protect sensitive information about personally identifiable information.
  • Proxy – in simple terms this is a computer that forwards web requests and associated responses plus can provide improved performance through caching. They are more often used to provide security by hiding the host’s IP address.
  • Sandbox – a security mechanism frequently used in testing to separate processing and running programs from the host computer and its own programs. This can provide both security and also guard against failures impacting the host computer.
  • Server-side – this means the action takes place on the target server (e.g. web server) and is frequently in response to a client-side request.
  • Session – lasts for the duration of a connection e.g. a web browser connecting to a website initiates a server-side program that then initializes the session and has subsequent access to variables that can be persisted throughout the user’s interaction.
  • SMShing – Phishing via SMS texts.
  • Sniffing – a process of monitoring and capturing all data packets passing through given network.
  • Social Engineering – a strategy used by attackers the involves tricking users into revealing private information that can then be leveraged for criminal or fraudulent purposes.
  • Spam – unsolicited messages via a variety of media.
  • Spoofing – when an attacker impersonates another device or user in order to launch an attack against a specific target.
  • SQL Injection – a type of exploit which involves placing SQL code into a web form to retrieve or modify database information.
  • SSL Stripping – this is an attack which involves intercepting an HTTPS web request and downgrading it to an insecure HTTP request. This then by-passes the HTTPS (SSL) encryption with the hope that the originating user will diverge private information such as username / password combination, credit card details etc.
  • Steganography – concealing information or files within other non-secret text or data e.g. hiding text in an image.
  • Subdomain – part of a larger domain e.g. if MyWebSite.com is the domain then this may contain subdomains such as store.MyWebSite.com or abc.MyWebSite.com.
  • Subnet or Subnetwork – a part of a larger network such as the Internet. Can be a mechanism of having multiple networks within an organization under a single Internet address e.g. 172.10.5.0 is the subnet and 172.10.5.18 is an individual user (or Host).
  • Symmetric – in terms of encryption this is the use of a single key that needs to be shared among the people who need to receive and decrypt the message.
  • Trojan or Trojan Horse – a type of Malware that is disguised as legitimate software. Once installed on the target’s computer can divulge information to the attacker by allowing a connection onto that computer.
  • Virtual Machine – a software program or operating system that not only exhibits the behavior of a separate computer, but is also capable of performing tasks such as running applications and programs like a separate computer.
  • Virtualization – to create a virtual version of a device or resource, such as a server, storage device, network or even an operating system where the framework divides the resource into one or more execution environments.
  • Vishing – phone or voice Phishing.
  • X.509 – a standard that defines the format of public key certificates.

Are there any definitions of terminology that need adding to the above list? If so please comment below and share with our audience.

Leave a Reply