Internet security glossary Free glossaries at translation jobs
Home Free Glossaries Free Dictionaries Post Your Translation Job! Free Articles Jobs for Translators

Internet security glossary

By Paul Glen,
paul [at] relevantsitecontent com

Become a member of at just $12 per month (paid per year)


Use the search bar to look for terms in all glossaries, dictionaries, articles and other resources simultaneously


Active Content
This term is used to describe any code that is delivered and executed on a desktop host during network access. Users may not be aware of the Active Content activity. Active Content is typically driven by (but not limited to) HTML documents. It can be delivered by various tools (e.g., browser, email, office application) and protocols (e.g., HTTP, FTP, and SMTP). Finjan’s Vital Security™ products provide proactive protection against potentially harmful Active Content such as ActiveX, Java, executables, JavaScript, VBScript, Screen Savers, and plug-ins, delivered via HTTP, FTP over HTTP, and Native FTP.

Active Content Object
A generic name for a specific Active Content unit. This may refer to Java Applets, ActiveX Controls, JavaScript scripts, VBScripts, plug-in modules, etc. Active Content objects may also be referred to as "downloadables", or simply as “objects".

Programs that facilitate delivery of advertising content to the user through their own window, or by utilizing another program's interface. In some cases, these programs may gather information from the user's computer, including information related to Internet browser usage or other computing habits, and relay this information back to a remote computer or other location in cyber-space.

Adware can be downloaded from websites (typically in shareware or freeware), email messages, and instant messengers. Additionally, a user may unknowingly receive and/or trigger Adware by accepting an End User License Agreement from a software program linked to the Adware or from visiting a website that downloads the Adware with or without an End User License Agreement.

A program written in the Java programming language and implemented as a Java Applet.
A browser that supports Java may download and run the applet automatically.
Any miniature application transported over the Internet, especially as an enhancement to a Web page. Authors often embed applets within the HTML page as a foreign program type.

A native-code program that conforms to the ActiveX Control specifications. A browser that supports ActiveX may download and run it automatically. ActiveX controls are software modules based on Microsoft's Component Object Model (COM) architecture. They add functionality to software applications by seamlessly incorporating pre-made modules with the basic software package. Modules can be interchanged but still appear as parts of the original software. On the Internet, ActiveX controls can be linked to Web pages and downloaded by an ActiveX-compliant browser. ActiveX controls turn Web pages into software pages that perform like any other program launched from a server. ActiveX controls can have full system access. In most instances this access is legitimate, but one should be cautious of malicious ActiveX applications.

Detects and blocks known viruses attempting to enter the network via the web.

An attempt to subvert or bypass a system's security. Attacks may be passive or active. Active attacks attempt to alter or destroy data. Passive attacks try to intercept or read data without changing it.

Back to top


Behavior Based
Proactively protects networks against web threats by monitoring actual code behavior and blocking any action that violates corporate security policies. It is the only technology on the market that can stop both known and unknown threats at the gateway, before they enter your network.

Behavior Profile
All the operations that an Active Content object has the potential to invoke on the resources of the client computer.

Blended Threat
Blended threats combine the characteristics of viruses, worms, Trojan Horses, and malicious code with server and Internet vulnerabilities to initiate, transmit, and spread an attack. By using multiple methods and techniques, blended threats can rapidly spread and cause widespread damage. Characteristics of blended threats include:
  • Causes harm: Launches a Denial of Service (DoS) attack at a target IP address, defaces Web servers, or plants Trojan Horse programs for later execution.
  • Propagates by multiple methods: Scans for vulnerabilities to compromise a system, such as embedding code in HTML files on a server, infecting visitors to a compromised Web site, or sending unauthorized email from compromised servers with a worm attachment.
  • Attacks from multiple points: Injects malicious code into the .exe files on a system, raises the privilege level of the guest account, creates world read and writeable network shares, makes numerous registry changes, and adds script code into HTML files.
  • Spreads without human intervention: Continuously scans the Internet for vulnerable servers to attack.
  • Exploits vulnerabilities: Takes advantage of known vulnerabilities, such as buffer overflows, HTTP input validation vulnerabilities, and known default passwords to gain unauthorized administrative access.

Effective protection from blended threats requires a comprehensive security solution that contains multiple layers of defense and response mechanisms.

Back to top


Cluster Virus
Cluster viruses modify the directory table entries so the virus starts before any other program. The virus code only exists in one location, but running any program runs the virus as well. Because they modify the directory, cluster viruses may appear to infect every program on a disk.

Compromise security settings
This payload may attempt to gain access to passwords or other system-level security settings. It may also search for openings in the Internet-processing components of the computer to install a program on that particular system, which an individual could remotely control over the Internet.

Content Filtering
A subcategory of a security policy that pertains to the semantic meaning of words in text. It can also include URL filtering.

Cookies are blocks of text placed in a file on your computer's hard disk. Web sites use cookies to identify users who revisit the site. Cookies might contain login or registration information, "shopping cart" information or user preferences. When a server receives a browser request that includes a cookie, the server can use the information stored in the cookie to customize the Web site for the user. Cookies can be used to gather more information about a user than would be possible without them.

Back to top


Damage potential
A malware's damage potential rating may be high, medium, or low based on its inherent capacity to cause both direct and indirect damage to systems or networks. Certain malware are designed specifically to delete or corrupt files, causing direct damage. Denial of service (DoS) malware may also cause direct and intended damage by flooding specific targets. Mass-mailers and network worms usually cause indirect damage when they clog mail servers and network bandwidth, respectively.

Distributed Denial of Service (DDoS)
Attempts to bring down large sites through DoS attacks are often not feasible for a single attacking machine due to the large amount of resources available to the attacked site. Thus, hackers have developed the distributed denial of service approach, whereby a number of machines are simultaneously commanded to attack a target system. Each of these DDoS 'agents' contributes part of the total 'load' that eventually brings down the attacked service or server, or, alternatively, each agent machine contributes part of the bandwidth necessary to clog the network connections to the attacked server.

Software that dials a phone number. Some dialers connect to local Internet Service Providers, while others connect to toll numbers without user awareness or permission. Dialers are used by Spyware to silently dial one of several ISPs to download a hostile executable or to dial highly charged international phone numbers often associated with pay porn sites.

Most anti-virus software carries out disinfection after reporting the presence of a virus to the user. During disinfection, the virus may be removed from the system and, whenever possible, any affected data is recovered.

Back to top


A change made to data, code, or a file such that it can no longer be read or accessed without processing (or un-encrypting). Viruses may use encryption in order to hinder detection by hiding their viral code.

Encryption Virus
An encrypted virus' code begins with a decryption algorithm and continues with scrambled or encrypted code for the remainder of the virus. Each time it infects, it automatically encodes itself differently, so its code is never the same. Through this method, the virus tries to avoid detection by anti-virus software.

An exploit is code that takes advantage of a software vulnerability or security hole. Exploits are often incorporated into malware, which are consequently able to propagate into and run intricate routines on vulnerable computers.

Exploit ShellCode
A piece of software which is used inside exploits to execute code on the victim.

An exposure is a state in a computing system (or set of systems) which is not a universal vulnerability, but either:

  • Allows an attacker to conduct information gathering activities
  • Allows an attacker to hide activities
  • Includes a capability that behaves as expected, but can be easily compromised
  • Is a primary point of entry that an attacker may attempt to use to gain access to the system or data
  • Is considered a problem according to some reasonable security policy

Back to top


False Positive, False Negative
From a security perspective, false positives refer to identification of a virus or malicious piece of content when in fact the content is clean. Conversely, if a virus or piece of malicious code passes through the security scanner (e.g., is not detected as being malicious), a false negative error has been made. False negatives probably seem more serious than false positives, but both are undesirable. False positives can cause a great deal of down-time and lost productivity. With good security scanners, false positives are rare. False negatives are a more common problem with virus scanners because known-virus scanners tend to miss completely new or heavily modified viruses. False positives have, historically, been quite a problem for scanners that make heavy use of heuristic detection mechanisms.

FTP File Transfer Protocol


The operation of gaining access without the proper permission to a secure system or performing actions in a system without sufficient security privileges

HTML HyperText Markup Language

 HTTP HyperText Transfer Protocol


Back to top


“In the Wild”
A virus is "in the wild" if it is verified as having caused an infection outside a laboratory situation. Most viruses are in the wild and differ only in prevalence.


JVM Java Virtual Machine


Load Balancing
A group of two or more servers linked together to balance variable workloads or provide continued operation in the event that one server fails.

Back to top


Malicious Code
A piece of code designed to damage a system or the data it contains, or to prevent the system from being used in its normal manner.

Malware is a program that performs unexpected or unauthorized, but always malicious, actions. It is a general term used to refer to both viruses and Trojans, which respectively include replicating and non-replicating malicious code.

Back to top


A utility which compresses and encrypts a file, in order to avoid detection by anti-virus software. Packers add a header that upon execution automatically expands the file in memory, and then transfers control to that file. Some packers can also unpack without starting the packed file. Packers are often used by writers of Trojan horses to foil anti-virus products.

Payload refers to what the virus does (dialer, keylogger, hijacker) in terms of damage, rather than how it spreads. Similar to military jargon, the virus is seen as the delivery vehicle' (e.g., the missile) and the damage routine is the payload (also known as warhead).

Phishing attacks use both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials. Social-engineering schemes use 'spoofed' e-mails to lead consumers to counterfeit websites designed to trick recipients into divulging financial and personal data such as credit card numbers, account usernames, passwords, social security numbers, mother's Maiden name, and Driver's License number. Phishing attacks can arrive as an email message where the attacker has forged, or spoofed, the sender's address to make the message look authentic. These spoofed messages usually redirect the user to a fraudulent websites or proxy servers to enter personal information, which is then used by the phisher for criminal purposes.

Proof of Concept
The first implementation of an idea that had previously only been discussed as a theoretical possibility or concept. In the anti-virus context, Proof of Concept describes a virus that is the first to infect a given platform or implement a given infection technique. Proof of Concept is sometime used to described a virus that is very simplistic or bug-ridden (or both), and thus unlikely to pose a real-world threat itself.

Back to top


Real-time Scanner
An anti-virus software application that operates as a background task, allowing the computer to continue working at normal speed, with no perceptible slowing.

Remote Code Execution
Programs that allow one computer to access another computer (or facilitate such access) without explicit authorization when an access attempt is made. Once access is gained, usually over the Internet or by direct dial access, the remote access program can attack or alter the other computer. It may also have the ability to gather personal information, or infect or delete files. They may also create the risk that third party programs can exploit its presence to obtain access. Such remote access programs generally:
  • Attempt to remain unnoticed, either by actively hiding or simply not making their presence on a system known to the user, and/or
  • Attempt to hide any evidence of their being accessed remotely over a network or Internet Means by which these programs provide access may include notifying a remote host of the machine by sending its address or location, or employing functionality that wholly or partially automates access to the computer on which the program is installed.

Back to top


Security Policy
The set of operations that is allowed to be performed on the resources of desktop computers. A security policy may be defined for each user or group within an organization.

A search pattern, often a simple string of characters or bytes, expected to be found in every instance of a particular virus. Usually, different viruses have different signatures. Anti-virus scanners use signatures to locate specific viruses.

SMTP Simple Mail Transfer Protocol

SSL (Secure Sockets Layer)
A program layer created by Netscape for managing the security of message transmissions in a network. The programming for keeping messages confidential is contained in a program layer between the application layer (such as Web browser or HTTP) and the Internet's TCP/IP layers. The "sockets" part of the term refers to the sockets method of passing data back and forth between a client and a server program in a network or between program layers in the same computer.


Spyware is any technology that aids in gathering information about a person or organization without their knowledge. Spyware frequently attempts to remain unnoticed, either by actively hiding or by simply not making its presence on a system known to the user. Spyware can be downloaded from Web sites (typically in shareware or freeware), email messages, and instant messengers. Additionally, a user may unknowingly receive and/or trigger spyware by accepting an End User License Agreement from a software program linked to the spyware or from visiting a website that downloads the spyware with or without an End User License Agreement.

Back to top


A Trojan horse program is a malicious program that pretends to be a benign application; a Trojan horse program purposefully does something the user does not expect. Trojans are not viruses since they do not replicate, but Trojan horse programs can be just as destructive. Many people use the term to refer only to non-replicating malicious programs, thus making a distinction between Trojans and viruses.

Back to top


URL Universal Resource Locator

URL Filtering

These products filter Web traffic based on content category, specific URL and time of day in order to give organizations full control over the web browsing activities of their employees. Unmanaged access to inappropriate or distracting Web content involves legal risks, compromises network security and reduces employee productivity.

Back to top


A computer program file capable of attaching to disks or other files and replicating itself repeatedly, typically without user knowledge or permission. Some viruses attach to files so when the infected file executes, the virus also executes. Other viruses sit in a computer's memory and infect files as the computer opens, modifies or creates the files. Some viruses display symptoms, and some viruses damage files and computer systems, but neither symptoms nor damage is essential in the definition of a virus; a non-damaging virus is still a virus.

A vulnerability is a software flaw in a computing system that could be exploited by malicious code to gain unauthorized access to information or process. The presence of known vulnerabilities in programs and operating systems can leave these systems very much open to malware and hacker attack. This is because programs that take advantage of known vulnerabilities, commonly referred to as exploits, are often publicly available as source code, which can be customized to create a malware or a hacking tool. Software vendors typically provide fixes or patches for vulnerabilities found on their products.

Vulnerability Anti.dote™
Identifies and blocks content that tries to exploit known software vulnerabilities

Back to top


The time span between when either a new vulnerability is published or when an Internet attack is launched until a signature update or patch to combat that virus is delivered. During the Window-of-Vulnerability, computers exposed and vulnerable for hours, and sometimes days, to new attacks.

A piece of self-replicating malicious code that spreads throughout a network without human interaction. Worms are parasitic computer programs that replicate, but unlike viruses, do not infect other computer program files. Worms can create copies on the same computer, or can send the copies to other computers via a network. Worms often spread via IRC (Internet Relay Chat).

Back to top


Zero-Day Detection
To be able to detect and prevent an item of malware or other undesired attack at first strike. To close the Window-of-Vulnerability by identifying and providing protection from viruses before they are known and before signatures are published.

A collection of viruses used for testing by researchers. See also: In the Wild

Published - August 2009


Find free glossaries at

Find free dictionaries at

Subscribe to free newsletter

Need more translation jobs from translation agencies? Click here!

Translation agencies are welcome to register here - Free!

Freelance translators are welcome to register here - Free!

Submit your glossary or dictionary for publishing at

Free Newsletter

Subscribe to our free newsletter to receive news from us:

Use More Glossaries
Use Free Dictionaries
Use Free Translators
Submit Your Glossary
Read Translation Articles
Register Translation Agency
Submit Your Resume
Obtain Translation Jobs
Subscribe to Free Newsletter
Buy Database of Translators
Obtain Blacklisted Agencies
Vote in Polls for Translators
Read News for Translators
Advertise Here
Read our FAQ
Read Testimonials
Use Site Map
translation directory

christianity portal
translation jobs


Copyright © 2003-2024 by
Legal Disclaimer
Site Map