Select Committee on Science and Technology Fifth Report


419 fraud

Form of advance fee fraud, in which the victim is persuaded to put down a sum of money in anticipation of a much larger gain, which then fails to materialise. Named after the relevant article of the Nigerian criminal code.

Abstraction [of network layers]

Principle that there are different layers in a network and each one has a specific function, with clear boundaries between adjacent layers.


Controller of a botnet.


Collection of compromised computers (individually called robots or zombies) running malicious programs that allow them to be controlled remotely; commonly used to distribute spam or launch Distributed Denial of Service attacks.


Computer program which permits the viewing of material on the World Wide Web.

Can-Spam Act

2003 Act of the United States Congress designed to regulate the use of spam.


See e-crime.

Distributed Denial of Service attack

Attack launched by means of compromised systems (typically controlled via botnets), designed to overwhelm a particular servers or networks by flooding them with packets of information.


Name identifying a computer or computers belonging to a single organisation on the Internet.


Crime committed against or with significant use of electronic networks.

End-to-end [principle]

Principle that the network core should only carry traffic, and that additional services should be delivered at the edges of the network, by end-points, not within the network core.


Known way of taking advantage of a security problem with a system on the Internet.

File sharing

Practice of making files available for others to download over the Internet.


Device controlling the passage of data between areas of a network that are more or less trustworthy.


Person who tests out computer security, whether lawfully or unlawfully (e.g. for research, or for criminal purposes).


Text on a computer that leads the user to other information, e.g. by means of a "hyperlink".

Instant Messaging

Real-time communication between users of a network, by means of typed text.


The global network of interconnected networks that transmits data by means of the Internet Protocol.

Internet Protocol

Protocol for communicating data via the Internet using packet-switching.

Internet Relay Chat

Form of real-time Internet communication via dedicated channels.


Program that surreptitiously captures a user's keystrokes so that a remote attacker may learn passwords etc.

Level 1/2/3 crime

Crime that affect a local police force only (level 1); that crosses force boundaries (level 2); or that is committed nationally or internationally (level 3).


Malicious code.

Man in the middle

Attack in which the attacker places himself between two parties, e.g. the individual end-user and his bank, without those parties being aware that the link between them has been compromised.


Interconnected group of computers.


Device within a network.

Operating system

Program that manages the hardware and software resources of a computer.

Operation Ore

Police investigation into over 7,000 individuals in the United Kingdom whose details were found on a database held by Landslide Inc, an American company offering access to child abuse websites.


Block of data carried by a computer network.

Packet switching

Paradigm for communicating information by which communications between end-points are broken down into packets, and then routed between the nodes making up the network, before being reconstructed at the destination end-point.


Piece of software designed to fix a software vulnerability.


Network in which participants share files or bandwidth, all participants being equals, rather than communicating through a central server.


Criminal activity that relies on social engineering to persuade victims to enter user names, passwords etc on a spoof website.


Set of guidelines governing communication between computers.

Root [name server]

One of the thirteen servers that answer requests for the "root domain" (the empty sequence at the end of every domain name) and redirect such requests to the "top level domain" (e.g. ".uk" or ".com") name-servers.


Device that determines the proper path for data to travel between networks.


Virtual container in which programs that are not trusted can safely run within infecting the rest of the computer or network.


Unsolicited bulk email messages.


Launching an attack by masquerading as someone else.


A set of inter-related programs for a particular purpose, such as the production of malware or the incorporation of exploits into a Trojan.


The Onion Router, a system allowing users to communicate anonymously on the Internet.

Trojan [horse]

Program that installs malicious software, under the guise of doing something else.

Two factor [authentication]

Authentication requiring two different methods to be used, typically something known (a password) and something owned (often a key-fob generating a random sequence of six-digit numbers).


Manufacturer of software or some other product.


Malicious program, attaching itself to an existing program, which can copy itself and infect or corrupt computers without the knowledge or permission of their owners.


Weakness in a system that exposes it to attack.


Wireless communications medium used by mobile computing devices.

World Wide Web

System of documents, identified or located by means of Uniform Resource Identifiers (that is, strings of characters used to specify particular resources or pages), interlinked by means of hypertext, and accessed via the Internet.


Malicious program that replicates itself and sends copies to other computers, so endangering the network by consuming bandwidth, but which does not need to attach itself to an existing program and may or may not corrupt the host computer itself.


Compromised machine controlled by an external source, typically forming part of a botnet.

previous page contents next page

House of Lords home page Parliament home page House of Commons home page search page enquiries index

© Parliamentary copyright 2007