P. 1
H-Book What Actually the Words Mean ?

H-Book What Actually the Words Mean ?

|Views: 13|Likes:
Published by api-3798769
Presented by: Sudeep Sakalle
Presented by: Sudeep Sakalle

More info:

Published by: api-3798769 on Oct 17, 2008
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





H-BOOK What actually the words mean ?

Abstract This is a collection of words which are generally used by security professionals , system administrators ,hackers etc. it is very helpful to have a collection or information about these common terms .

1)Back door : Synonymous with trap door. 2)Between-the-lines entry :Unauthorized access obtained by tapping the temporarily inactive terminal of a legitimate user. See piggy back. 3)Compromise :A violation of the security policy of a system such that unauthorized disclosure of sensitive information may have occurred. 4)Compromising emanations : Unintentional data-related or intelligence-bearing signals that, if intercepted and analyzed, disclose the information transmission received, handled, or otherwise processed by any information processing equipment.

5)Computer abuse : The misuse, alteration, disruption or destruction of data processing resources. The key aspect is that it is intentional and improper. 6)Computer fraud :Computer-related crimes involving deliberate misrepresentation, alteration or disclosure of data in order to obtain something of value (usually for monetary gain). A computer system must have been involved in the perpetration or coverup of the act or series of acts. A computer system might have been involved through improper manipulation of input data; output or results; applications programs; data files; computer operations; communications; or computer hardware, systems software, or firmware. 7)Denial of service :Any action or series of actions that prevent any part of a system from functioning in accordance with its intended purpose. This includes any action that causes unauthorized destruction, modification, or delay of service. Synonymous with interdiction. 8)Entrapment : The deliberate planting of apparent flaws in a system for the purpose of detecting attempted penetrations. 9)Exploitable channel :Any information channel that is usable or detectable by subjects external to the trusted computing base whose purpose is to violate the security policy of the system. 9)Failure access :An unauthorized and usually inadvertent access to data resulting from a hardware or software failure in the system. 10)Flaw hypothesis methodology :A systems analysis and penetration technique in which specifications and documentation for the system are analyzed and then flaws in the system are hypothesized. The list of hypothesized flaws is then prioritized on the basis of the estimated probability that a flaw exists and, assuming a flaw does exist, on the ease of exploiting it, and on the extent of control or compromise it would provide. The prioritized list is used to direct a penetration attack against the system.

11)Impersonating :Synonymous with spoofing. 12)Logic bomb :A resident computer program that triggers the perpetration of an unauthorized act when particular states of the system are realized. 13)Loophole :An error of omission or oversight in software or hardware that permits circumventing the system security policy. 14)Malicious logic : Hardware, software, or firmware that is intentionally included in a system for an unauthorized purpose; e.g., a Trojan horse. 15)Masquerading : Synonymous with spoofing. 16)Mimicking : Synonymous with spoofing. 17)Penetration : The successful act of bypassing the security mechanisms of a system. 18)Penetration study : A study to determine the feasibility and methods for defeating controls of a system. 19)Penetration testing : The portion of security testing in which the evaluators attempt to circumvent the security features of a system. The evaluators may be assumed to use all system design and implementation documentation, which may include listings of system source code, manuals, and circuit diagrams. The evaluators work under the same constraints applied to ordinary users. 20)Piggyback : Gaining unauthorized access to a system via another user's legitimate connection. See betweenthe-lines entry. 21)Risk : The probability that a particular threat will exploit a particular vulnerability of the system.

22)Risk analysis : The process of identifying security risks, determining their magnitude, and identifying areas needing safeguards. Risk analysis is a part of risk management. Synonymous with risk assessment. 23)Scavenging : Searching through object residue to acquire unauthorized data. 24)Security fault analysis : A security analysis, usually performed on hardware at gate level, to determine the security properties of a device when a hardware fault is encountered. 25)Security flaw : An error of commission or omission in a system that may allow protection mechanisms to be bypassed. 26)Spoofing : An attempt to gain access to a system by posing as an authorized user. Synonymous with impersonating, masquerading or .mimicking. 27)Tampering : An unauthorized modification that alters the proper functioning of an equipment or system in a manner that degrades the security or functionality it provides. 28)Technical attack : An attack that can be perpetrated by circumventing or nullifying hardware and software protection mechanisms, rather than by subverting system personnel or other users. 29)Technical vulnerability :A hardware, firmware, communication, or software flaw that leaves a computer processing system open for potential exploitation, either externally or internally, thereby resulting in risk for the owner, user, or manager of the system. 30)Threat : Any circumstance or event with the potential to cause harm to a system in the form of destruction, disclosure, modification of data, and/or denial of service.

31)Threat agent : A method used to exploit a vulnerability in a system, operation, or facility. threat analysis The examination of all actions and events that might adversely affect a system or operation. 32)Threat monitoring : The analysis, assessment, and review of audit trails and other data collected for the purpose of searching out system events that may constitute violations or attempted violations of system security. 33)Trap door : A hidden software or hardware mechanism that can be triggered to permit system protection mechanisms to be circumvented. It is activated in some innocent-appearing manner; e.g., a special "random" key sequence at a terminal. Software developers often introduce trap doors in their code to enable them to reenter the system and perform certain functions. Synonymous with back door. 34)Trojan horse : A computer program with an apparently or actually useful function that contains additional (hidden) functions that surreptitiously exploit the legitimate authorizations of the invoking process to the detriment of security or integrity. 35)Virus : A self-propagating Trojan horse, composed of a mission component, a trigger component, and a selfpropagating component. 36)Vulnerability : A weakness in system security procedures, system design, implementation, internal controls, etc., that could be exploited to violate system security policy. 37)Vulnerability analysis : The systematic examination of systems in order to determine the adequacy of security measures, identify security deficiencies, and provide data from which to predict the effectiveness of proposed security measures. 38)Vulnerability assessment : A measurement of vulnerability which includes the susceptibility of a particular system to a specific attack and the opportunities available to a threat agent to mount that attack.

Trojan horses A Trojan horse is a program that does something that the programmer intended, but the user would not approve of if he knew about it in advance. Because most current security systems are based primarily on user-level privilege rather than program-level privilege, any program that you run can read any object you have read-access to, write to any object that you have write-access to, and execute any program or command that you are authorized to execute. A Trojan horse concealed in a random game program downloaded from your favorite newsgroup can read any file you have read access to, and mail it anywhere in the world. It can erase, or just shuffle around a few bytes in, any file you can write to. It can send obscene messages to the White House, or post embarassing things to random newsgroups.

And it can copy itself into any program that you have write access to (see Viruses and Worms below). In a mobile-agent system, it is critical to ensure that arriving agents execute in a controlled environment, and are able to do only those things that they are authorized to do. Agents should be trusted only as far as the least-trusted entity that may have been able to alter the program or internal state of the agent; secure authentication methods (such as digital signatures) must be used carefully when it is necessary to establish the real author or sender of an agent. See Itinerant Agents for Mobile Computing for some related security considerations in these sorts of systems.

Viruses and Worms A virus is a program (generally a Trojan horse) that spreads, by making copies of iteslf in one way or another. In the microcomputer environment,

viruses generally spread by writing copies of themselves into other programs, or into boot records of disks and diskettes. (For more information on computer viruses in PC-compatible machines, see the IBM Computer Virus Information Center.) A worm in a networked environment is generally a self-sufficient program that spreads by spawning copies of itself on other hosts in the network. One famous worm caused great disruption on the Internet in 1988. There is no hard line between viruses and worms; in general, if the spreading entity is a self-sufficient program, it will be called a worm, whereas if it embeds itself inside other programs or boot code, it will be called a virus. Can a virus spread between agents in a mobile-agent system? So far, the consensus seems to be that there is no particular reason to allow one agent to alter the code of another already-existing agent. If the agent infrastructure does not allow this, no virus will be able to spread from

agent to agent. On the other hand, if the infrastructure accidentally or purposely does allow one agent to alter another, inter-agent viruses will be possible. Are worms possible in mobile-agent systems? If one agent can create another agent, the possibility of runaway worm reproduction exists. Agent reproduction must be controlled in one way or another to limit the possibility; if agents can create other agents, they must be charged in some scarce currency, or limited in how large their tree of descendants can get, or otherwise kept from having children and grandchildren without bound.

Flash Crowds The term Flash Crowd was first used by Larry Niven, in a science fiction short story. In the story, cheap local teleportation has become possible;

now, the sites of attractive news stories are instantly innundated with rubberneckers teleporting in to watch. As systems become more interconnected and more powerful, we have the equivalent of cheap teleportation; if a Web site becomes known as particularly interesting, its usage curve can go exponential, causing network bottlenecks and server crashes. In networks of agents, a vast number of similarly-programmed agents, like a horde of similarly-programmed trading programs causing a market crash, can cause network congestion and server overload. And if the agents all adopt similar fallback strategies in response to overload, the flash crowd can migrate from server to server on the net, leading to surging hard-to-remedy travelling overloads.

Weeds, Freeloaders and Flying Dutchmen A weed is a program (or anything else in a system) that does no one any

good, but that uses such a small amount of resources that it's often not cost-effective to do anything about it. Eventually, weeds start to accumulate, and it's time to get out the clippers. Or the herbicide. A freeloader is a program that uses some system or server resources to survive and possibly benefit its creator, without paying for them. Servers may provide some minimal service for free, in order to attract paying customers, or unintentionally, as an unintended effect of complex cost structures; there may be ways to arrange for some transaction charges, especially small ones, to be lost in the shuffle. A freeloader exploits these sorts of things to operate free of charge. Named for the legendary ghost-ship, a Flying Dutchman is a freeloader that manages to become effectively immortal, without paying for the resources that it uses to survive. A Flying Dutchman may move from host to host, never quite using enough resources to be killed; it may spawn a copy of itself on

another host just before it is terminated, ensuring an unending gene-line. A Zombie is similar to a Flying Dutchman; it is a program that has been terminated, but continues to consume some resources anyway, due to (sometimes infinite) delays in cleaning up all the resources associated with it. Zombies can sometimes get enough resources to do actual processing; more often, they exist only as the undead owners of various kinds of space. A single freeloading or immortal program will not in itself damage a distributed system, and we anticipate that a typical agent-based system will tolerate a low level of freeloading. An analogy is to physical stores, which will tolerate a certain number of people coming in to get out of the rain and using the restrooms, on the chance that they may eventually buy something. Uncontrolled, a large number of weeds can waste significant amounts of

system resources; distributed systems will need the ability to monitor this sort of activity, and impose controls if it gets out of hand. Requests from known freeloaders may be charged for, even in cases that are normally free. Intelligent monitoring processes may be needed to identify and terminate intentionally or accidentally immortal programs that are serving no useful purpose. Other sorts of weeds will no doubt require other sorts of solutions; the unexpected is likely. The Usual Suspects As well as these new and somewhat speculative threats, most of the traditional computer-security worries, such as basic access control, authentication, secure encryption, and so on, also apply to network and agent security. IBM Research has various other security-related projects. Or follow this link for some good leads on both traditional and non-traditional computer security topics in the rest of the universe

Submitted By: Sudeep Sakalle I.I.P.S MCA –VII Sem

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->