Select Committee on Science and Technology Fifth Report


APPENDIX 7: GLOSSARY


419 fraud

Form of advance fee fraud, in which the victim is persuaded to put down a sum of money in anticipation of a much larger gain, which then fails to materialise. Named after the relevant article of the Nigerian criminal code.

Abstraction [of network layers]

Principle that there are different layers in a network and each one has a specific function, with clear boundaries between adjacent layers.

Botmaster

Controller of a botnet.

Botnet

Collection of compromised computers (individually called robots or zombies) running malicious programs that allow them to be controlled remotely; commonly used to distribute spam or launch Distributed Denial of Service attacks.

Browser

Computer program which permits the viewing of material on the World Wide Web.

Can-Spam Act

2003 Act of the United States Congress designed to regulate the use of spam.

Cybercrime

See e-crime.

Distributed Denial of Service attack

Attack launched by means of compromised systems (typically controlled via botnets), designed to overwhelm a particular servers or networks by flooding them with packets of information.

Domain

Name identifying a computer or computers belonging to a single organisation on the Internet.

E-crime

Crime committed against or with significant use of electronic networks.

End-to-end [principle]

Principle that the network core should only carry traffic, and that additional services should be delivered at the edges of the network, by end-points, not within the network core.

Exploit

Known way of taking advantage of a security problem with a system on the Internet.

File sharing

Practice of making files available for others to download over the Internet.

Firewall

Device controlling the passage of data between areas of a network that are more or less trustworthy.

Hacker

Person who tests out computer security, whether lawfully or unlawfully (e.g. for research, or for criminal purposes).

Hypertext

Text on a computer that leads the user to other information, e.g. by means of a "hyperlink".

Instant Messaging

Real-time communication between users of a network, by means of typed text.

Internet

The global network of interconnected networks that transmits data by means of the Internet Protocol.

Internet Protocol

Protocol for communicating data via the Internet using packet-switching.

Internet Relay Chat

Form of real-time Internet communication via dedicated channels.

Keylogger

Program that surreptitiously captures a user's keystrokes so that a remote attacker may learn passwords etc.

Level 1/2/3 crime

Crime that affect a local police force only (level 1); that crosses force boundaries (level 2); or that is committed nationally or internationally (level 3).

Malware

Malicious code.

Man in the middle

Attack in which the attacker places himself between two parties, e.g. the individual end-user and his bank, without those parties being aware that the link between them has been compromised.

Network

Interconnected group of computers.

Node

Device within a network.

Operating system

Program that manages the hardware and software resources of a computer.

Operation Ore

Police investigation into over 7,000 individuals in the United Kingdom whose details were found on a database held by Landslide Inc, an American company offering access to child abuse websites.

Packet

Block of data carried by a computer network.

Packet switching

Paradigm for communicating information by which communications between end-points are broken down into packets, and then routed between the nodes making up the network, before being reconstructed at the destination end-point.

Patch

Piece of software designed to fix a software vulnerability.

Peer-to-peer

Network in which participants share files or bandwidth, all participants being equals, rather than communicating through a central server.

Phishing

Criminal activity that relies on social engineering to persuade victims to enter user names, passwords etc on a spoof website.

Protocol

Set of guidelines governing communication between computers.

Root [name server]

One of the thirteen servers that answer requests for the "root domain" (the empty sequence at the end of every domain name) and redirect such requests to the "top level domain" (e.g. ".uk" or ".com") name-servers.

Router

Device that determines the proper path for data to travel between networks.

Sand-box

Virtual container in which programs that are not trusted can safely run within infecting the rest of the computer or network.

Spam

Unsolicited bulk email messages.

Spoofing

Launching an attack by masquerading as someone else.

Toolkit

A set of inter-related programs for a particular purpose, such as the production of malware or the incorporation of exploits into a Trojan.

Tor

The Onion Router, a system allowing users to communicate anonymously on the Internet.

Trojan [horse]

Program that installs malicious software, under the guise of doing something else.

Two factor [authentication]

Authentication requiring two different methods to be used, typically something known (a password) and something owned (often a key-fob generating a random sequence of six-digit numbers).

Vendor

Manufacturer of software or some other product.

Virus

Malicious program, attaching itself to an existing program, which can copy itself and infect or corrupt computers without the knowledge or permission of their owners.

Vulnerability

Weakness in a system that exposes it to attack.

WiFi

Wireless communications medium used by mobile computing devices.

World Wide Web

System of documents, identified or located by means of Uniform Resource Identifiers (that is, strings of characters used to specify particular resources or pages), interlinked by means of hypertext, and accessed via the Internet.

Worm

Malicious program that replicates itself and sends copies to other computers, so endangering the network by consuming bandwidth, but which does not need to attach itself to an existing program and may or may not corrupt the host computer itself.

Zombie

Compromised machine controlled by an external source, typically forming part of a botnet.


 
previous page contents next page

House of Lords home page Parliament home page House of Commons home page search page enquiries index

© Parliamentary copyright 2007