Like any other discipline, there is a large variety of terms associated with Computer and Internet Security. From time-to-time you are likely to hear or read on of these terms, and just like any other field that you may not be familiar with, it could sound like a foreign language.
But don't worry, many of these terms are pretty easy to surmise, while others are pretty easy to define. Below, you will find what we find to be a pretty comprehensive list of IT Security related definitions. If you have any questions about these definitions, or if you'd like to ask us to define any additional terms on this page, please feel free to email us at
The definitions below were provided in the October 2010 edition of the SANS Institute Security Newsletter of Computer Users (OUCH!). You can read additional editions of the OUCH! Newsletter and subscribe at http://www.sans.org/newsletters/ouch/
Anti-virus and anti-malware
Software applications that scan your computer for certain patterns of infection. The patterns they scan for are the signatures, or definitions, of known forms of malware. Since Bad Guys are creating new forms of malware continuously, it is important that you keep your anti-virus and anti-malware definitions updated. See the "Patches" and "Updates" section below. All K-Staters can get free Anti-Virus software from http://antivirus.k-state.edu.
A software tool built into Windows ("Microsoft Update") and OS X ("Auto Update") and many other applications which can download and install important security updates and patches for software installed on your computer automatically. See the "Patches" and "Updates" section below.
Hackers who use their skills for explicitly criminal or other malicious ends, such as writing malware (malicious software) to steal credit card numbers and banking data or by phishing; a.k.a. the Bad Guys.
Botnets consist of large numbers of hijacked computers that are under the remote control of a criminal or a criminal organization. The hijacked computers, a.k.a. "zombies" or "bots" (short for "robots"), are recruited using viruses spread by email or drive-by downloads. Worms are used to find and recruit additional computers. The biggest botnets consist of thousands and even millions of computers, most often unprotected home computers.
A kind of malware that installs itself automatically when you visit a booby-trapped website. Symptoms of a drive-by download include: your homepage has been changed, unwanted toolbars have been added, and unfamiliar bookmarks appear in your browser.
Fake anti-virus software is the equivalent of a virtual Trojan Horse. It purports to be a helpful program than can find and remove malware, but in fact it is malware. After taking over your computer, it pretends to do security scans, tells you it has found malware, and then asks you to pay to have the non-existent malware removed. Whether or not you pay, fake anti-virus is likely to install more malware.
An attack in which a criminal hacker intercepts information sent between your computer and the website of your financial institution and then uses that information to impersonate you in cyberspace. The hacker is able to defeat even very sophisticated security measures and gain access to your account. A simple way to help prevent this is to use SSL or TLS to encrypt you Internet traffic. See the "Encryption" section below.
Encryption is a tool used to help keep your information safe even if it is visible to others. They use public and private keys to encrypt information so that only the people those keys are given to can access the data. Some examples of this are SSL or the PGP Whole Disk Encryption that K-State currently uses.
Operating systems, like Windows or OS X, as well as software applications, like Internet Explorer and Firefox, may be found to contain flaws or holes in their security that make your computer vulnerable to attack. To remedy this, makers release patches to plug the holes on a regular basis. The fastest and surest way to get these installed quickly is to use auto-updating via the Internet. Some software applications require manual updating. See the "Patches and Updates" section below.
On the second Tuesday of each month Microsoft releases security patches for Windows, Internet Explorer, Office and its other software products. You can have these installed automatically using Microsoft Update. To check for updates manually, go to the "Windows Update" application from the start menu. See the "Patches and Updates" section below.
Software that monitors incoming and outgoing traffic on your computer and checks for suspicious patterns indicating the presence of malware or other malicious activity. A personal firewall alerts you to these threats and attempts to block them. Like anti-virus and anti-malware software, personal firewalls require frequent updates to provide effective protection.
The practice of sending out fake email messages that look as if they come from a trusted person or institution, such as a bank, in order to trick people into handing over confidential information. The emails often direct you to a website that looks like that of the real financial institution. But it is a fake and has been rigged to collect your personal information, such as passwords, credit card numbers and bank account numbers, and transmit them to the Bad Guys. For more information click here.
Security software relies on frequent updates in order to be able to counteract previously undetected forms of malware. Consequently, your computer may suffer a "window of vulnerability" between the time a new form of malware is identified and the time when your security software can block it or remove the infection. Having your software set to automatic updates will help ensure that you get these updates as soon as possible.
A malicious program that usually requires some action on the part of a user in order to infect a computer; for example, opening an infected attachment or clicking on a link in a rigged email may trigger a virus to infect your computer.
Hackers who use their skills for positive ends, and often for thwarting blackhats. Many whitehats are security professionals who spend their time identifying and fixing vulnerabilities in software that blackhats seek to exploit for criminal or other malicious purposes.
Self-replicating malware that, for instance, hunts down unprotected computers and recruits them for criminal or other malicious purposes. Unlike a virus, worms do not require any action on your part in order to infect your computer.