|General introduction of all information security glossary:|
|Glossary 1||Adware, Back door, Browser Hijacker, Dialer, Identity, Key Logger, Malware, etc.|
|Glossary 2||Password generator, Password manager, PUP, PIN, Spyware, Thiefware, Trackware, etc.|
(1) An identification number and/or password used to gain access into a computer system.
(2) The number used as a prefix to a calling number in order to gain access to a particular telephone service.
Programs that are downloaded and installed without user's consent or bound with other software to conduct commercial advertisement propaganda through pop-ups or other ways, which often lead to system slowness or exception after installing.
Antivirus software (AV)
Applicaiton designed to detect and potentially eliminate malicious software, such as viruses and worms, before they have had a chance to wreak havoc within the system. It may block user access to infected files, clean infected files or systems, or inform the user that an infected program was detected.
Plastic card authorizing the account holder to charge purchases against a preapproved credit line. Credit cards are issued by banks, thrift institutions, retailers, gasoline companies, and other credit grantors. Many card issuers charge an Annual Fee to cover account servicing costs.
denial of service attack
An attempt by a malicious (or unwitting) user, process, or system to prevent legitimate users from accessing a network service by exploiting a weakness or design limitation in an information system, which includes flooding network connections, filling disk storage, disabling ports, or removing power.
Software that automatically dials telephone numbers given in the program without user's consent. It generally dials long-distance or voice telephone and thus brings high telephone fees to users.
A digitally signed statement binding the identifying information of a user, computer or service to a public/private key pair, which is commonly used in the process of authentication and for securing information on networks.
Data that binds a sender's identity to the information being sent, which may be bundled with any message, file, or other digitally encoded information, or transmitted separately. Digital signatures are used in public key environments and provide nonrepudiation and integrity services to uniquely identifies the sender of the message and proves the message hasn't changed since transmission.
Distributed denial of service (DDoS)
A type of denial of service attack in which an attacker uses malicious code installed on various computers to attack a single target. This methods may be used by an attacker to have a greater effect on the target than is possible with a single attacking machine.
A denial of service attack in which an excessive amount of e-mail data is sent to an e-mail address attempting to break the e-mail service or to prevent the recipient from receiving legitimate messages.
The protection of data against unauthorized access. Programs and data can be secured by issuing passwords and digital certificates to authorized users. However, passwords only validate that a correct number has been entered, not that it is the actual person. Digital certificates and biometric techniques (fingerprints, eyes, voice, etc.) provide a more secure method. After a user has been authenticated, sensitive data can be encrypted to prevent eavesdropping.
Occurs when mail is forwarded from someone else through your mail server. Forwarding mail through a mail server is perfectly natural as long as either the originator of the message or the receiver is a local user. If neither the originator nor the receiver of the message is a local user, it is called third-party mail relaying. Usually the mail servers can be configured not to accept third-party mail relay, but often they are not. Mail servers that allow third-party mail relaying are of special attraction to "mail spammers" for sending large amounts of junk e-mail under false identity.
An Internet threat (e.g., Trojan horse) that appears to perform a useful or desirable function, but actually gains unauthorized access to system resources or tricks a user into executing other malicious logic.
Software that interferes with normal computer functions or sends personal data about the user to unauthorized parties over the Internet, which is designed to destroy, aggravate and otherwise make life unhappy.