A Free Educational Resource Created by Carnegie Mellon University to Empower You to Secure Your Part of Cyberspace

Encyclopedia of Risks and Threats

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

Index of entries

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z
  • Account Hijacking Using someone else's personal information to access current financial accounts or create new ones
  • Active Content Interactive Web content that can carry malicious code
  • Adware Software that displays advertising banners or pop-up windows
  • Anonymizer A tool that makes your Web navigation untraceable
  • Anti-virus Software Software that protects your computer from malware
  • Asymmetric Encryption Encryption method that uses two different keys
  • Authentication, Authorization, Accounting (AAA) The three elements necessary to insure the privacy and security of online information
  • Backdoor A method of accessing a computer system undetected for either illegitimate or legitimate access
  • Bandwidth How fast information can be moved from one computer to another
  • Biometrics Using biological information to authenticate people
  • Black Hat A person who compromises a computer system's security without authorization, typically maliciously
  • Blacklist A way to filter Internet traffic so that all traffic is allowed except for that from selected servers
  • Blogging Publishing an online diary
  • Bluebugging Use of Bluetooth to illegitimately access sensitive information on mobile devices
  • Bluejacking Using Bluetooth to send unsolicited messages to nearby Bluetooth-enabled devices
  • Bluesnarfing Stealing information from mobile devices using a wireless connection
  • Bluetooth A way for portable devices to communicate with each other over short-distances
  • Bookmark A browser feature that allows you to click to a Web site, rather than have you type the address.
  • Botnet A group of compromised computers controlled by a central authority, usually a hacker
  • Bridge A device that connects two local area networks that use the same protocol
  • Brute Force Attack Figuring out a password by trying every possible combination of letters, numbers, and symbols
  • Buffer Overflow A type of vulnerability in software that allows attackers to go inside the system and damage it
  • CALEA A law requiring telecommunications companies to cooperate with operations by law enforcement agencies to intercept communications
  • CAN-SPAM A law that sets standards for sending unsolicited email
  • CAPTCHA A software tool used on Web sites to tell apart humans and Internet bots
  • CERT An organization at Carnegie Mellon University devoted to creating and distributing information on best practices for computer security
  • CERT/CC A major coordination center at Carnegie Mellon University dealing with Internet security problems
  • Cache Temporary data storage area on your computer
  • Caller ID Anti-Spoofing Act A law in Florida against the dishonest use of a telephone caller identification (ID) system with the intent to deceive, defraud or mislead
  • Certificate Authority (CA) Entity that issues digital certificates
  • Certificate Revocation List (CRL) List of digital certificates that have expired or been revoked
  • Chanslash Fan fiction that involves underage characters in romantic pairings
  • Chat Code A system of symbols, acronyms, and abbreviations used online
  • Chat Room Virtual locations on the Internet where two or more users can communicate with one another in real time
  • Children's Internet Protection Act (CIPA) A law that pushes schools and libraries to have an Internet safety policy and technology protection measures for children
  • Children's Online Privacy Protection Act (COPPA) A law that sets limits on Web sites that market to children
  • Click Fraud The imitation of clicking on web advertisements to increase ad revenue for the Web site owner
  • Client A computing system that acts like a user by requesting services from another computer called a server
  • Client Authentication A process Web sites use to identify valid users
  • Cloud Computing A service that broadly shares access of computer resources via the Internet
  • Communications Protocol A set of rules or standards that allow two computers to "talk" to each other.
  • Computer Fraud and Abuse Act A law to protect information and computer systems from the attacks of hackers
  • Confidentiality Accessibility of computer information exclusively to those authorized to access it
  • Cookie Information, usually in a file, about someone’s Internet activities, such as the date of the last visit to a Web site, preferences, etc.
  • Cookie Scrubber A tool for removing cookies, which contain a user's sensitive authentication and web-surfing history information
  • Cracking Trying to get into computer systems in order to steal, corrupt, or illegitimately view data
  • Crimeware A special type of malware used to commit financial crimes
  • Cross-site Request Forgery A malicious exploit that allows an unauthorized request on behalf of an authenticated user on a website.
  • Cross-site Scripting (XSS) A vulnerability of dynamic Web content where a malicious user may embed code into a Web site that may cross over to a victim's computer
  • Cryptology The science of disguising meaning by using codes or ciphers
  • Cryptovirology The study of how hackers create and deploy powerful malicious software
  • CyLab An initiative led by Carnegie Mellon University to research and provide education about secure computing and communications systems
  • Cyber Espionage The use of software tools to obtain secret or private government or business information
  • Cyberbullying Using the Internet to harass, intimidate, embarrass, or demean others
  • Cyberpiracy Using the Internet to copy a digital document without authorization
  • Cyberstalking Using the Internet to threaten or make unwanted advances towards someone else
  • Cyberterrorism Threat, harm or extortion via the Internet
  • Cyberwoozling The unauthorized gathering of data from visitors of a Web site
  • Data Theft The unauthorized taking or interception of computer-based information
  • Decryption Conversion of a coded message to a readable form
  • Deleting Online Predators Act (DOPA) A proposed U.S. law to prohibit the use of community Web sites by online predators
  • Demilitarized Zone (DMZ) The protective hardware and software between an internal network (LAN) and the external network (Internet)
  • Denial of Service (DoS) A type of attack used to prevent legitimate users from accessing services or resources
  • Digital Certificates A way to authenticate the identity of a computer or user
  • Digital Dirt Traces left behind of your Internet activity that could reflect poorly on you
  • Digital Identity A name and credentials created to participate in electronic transactions
  • Digital Millennium Copyright Act (DMCA) A law against the use of technology to violate copyright
  • Digital Rights Management A system that restricts use of digital media to only the rightful owner
  • Digital Signature A special file used to confirm the identity of the sender and integrity of an electronic document
  • Digital Subscriber Line (DSL) A method of digital data transmission over the telephone network
  • Digital Wallet The electronic equivalent of a wallet for e-commerce transactions
  • Digital Watermarking Copyright information in the form of bits that are inserted into digital content and difficult to remove
  • Directory Traversal Attack Attacks that access restricted files by combing through a computer's directories
  • Disk Scrubber A tool that makes it difficult for data deleted from a computer's hard disk to be recovered
  • Distributed Denial of Service (DDoS) Interfering with a computer system by sending more Internet traffic to it than it can handle
  • Domain Name A string of text that identifies one or more computers on the Internet
  • Drive Encryption Tools Tools used to store sensitive or other information on your hard drive or disk partition in a form that only you can read
  • Dummy Account An email account created to divert unimportant or unsolicited mail
  • E-commerce Buying items online and conducting business over the Internet
  • E-money Activities such as online banking, online money transfers and online trading
  • Easter Egg A hidden feature or functionality in software that usually activates only when certain keystrokes or commands are typed
  • Eavesdropping Method of secretly listening in on a conversation
  • Electronic Auctions Auctions where the transaction takes place over the Internet
  • Email A system for sending and receiving electronic messages over a computer network
  • Email Client A software application that handles electronic mail
  • Email Privacy Tools Software using encryption, digital signatures and other methods to prevent compromise of information in emails.
  • Encryption Disguising information to make it unreadable
  • Ethernet A communication protocol that provides rules for signaling and communication between two computers or devices on a local area network
  • Evil Twin Hotspot A fraudulent WiFi access point that has been set up by hackers to look legitimate
  • Exploit A piece of software that targets vulnerabilities in installed software in order to take over a computer
  • Extensible Markup Language (XML) A computer language that can be used across many different computer operating systems and environments.
  • Fake Anti-spyware Harmful programs disguised as anti-spyware
  • Family Education Rights and Privacy Act (FERPA) A law that safeguards the records and personal information of students
  • File Sharing Making files available for others to download, or downloading such files
  • File Transfer Protocol (FTP) A common method for transferring files between two computers on a network
  • Firewall A device that monitors and controls the traffic coming into and out of your computer
  • Firmware Software that is embedded in hardware
  • Fisking Criticism that highlights perceived errors or other problems in a statement, article, essay or blog entry
  • Flaming Posting messages that are deliberately hostile and insulting
  • Flight Mode A PDA or mobile phone setting that enables only non-wireless features
  • Folksonomy A system of classifying data based on user-created metadata, or "tags"
  • Forensics Using computer science and technology to investigate crimes
  • Geographical Information Systems (GIS) A system for collecting, analyzing and managing spatially related data
  • Geotagging The method of adding location information to digital media, such as photos and text messages
  • Griefer Individuals who play multiplayer online games with the intent to harass other players
  • HTTP A communication protocol that defines how messages are sent across the World Wide Web
  • HTTPS A method of secure Web-based information transfer
  • Hacking Trying to get into computer systems in order to steal, corrupt, or illegitimately view data
  • Health Insurance Portability and Accountability Act (HIPPA) A law that safeguards computer-based health information
  • Hoax Phony email warning about a computer virus or other threat
  • Honeypot A trap or decoy used to divert, detect and characterize would-be attackers of a computer system
  • Hyper Text Markup Language (HTML) A computer language that is used for creating World Wide Web pages
  • IEEE 802.11 A suite of wireless communication protocols
  • IJacking Theft of a laptop by snatching it from an owner's hands
  • IP Address A number used to identify a computer or other device on the Internet
  • IP Spoofing Using fake computer identification to communicate with another machine, usually for malicious purposes
  • Identity Theft When someone uses your personal information to commit fraud
  • Information Networking Institute (INI) An integral department of Carnegie Mellon University’s College of Engineering and the nation’s first research and education center devoted to information networking
  • Instant Messaging (IM) A communication service that allows you to chat online using text messages
  • Internet The world’s biggest computer network, providing many services, including email, e-commerce and multimedia
  • Internet Bot A software program that performs tasks over the Internet in an automated manner
  • Internet Message Access Protocol (IMAP) Email protocol that allows you to access email via the Internet
  • Internet Privacy The general freedom from compromise of your personal or other sensitive information while using the Internet
  • Internet Protocol (IP) A set of rules used by the Internet for computer communication and addressing
  • Intrusion Getting into someone's computer without their permission
  • Intrusion Detection System A piece of software or hardware that recognizes attacks against computers and networks and responds with alarms and countermeasures
  • Java Popular programming language
  • JavaScript Java-based scripting language for Web pages
  • Keylogger A device or software that records keystrokes entered by a user, usually to secretly monitor and/or maliciously use this information
  • Laptop Theft Stealing of laptop computers, typically from public places where they are left behind or unattended
  • Leetspeak A way of communicating online in code by changing the spellings of words
  • Lightweight Directory Access Protocol (LDAP) A phonebook-like method for accessing and compactly presenting information on users and resources available on a computer network
  • Local Area Network (LAN) A group of computers within a small area, such as a house, office or school, that are connected to each other
  • Lurking Hanging out on Internet bulletin boards or chat rooms without posting
  • MAC Address A unique identifier for network interface cards
  • Malware Programs that are designed to harm your computer
  • Man in the Middle Attack Intercepting communications between two parties without either party knowing about it
  • Megan Meier Cyberbullying Prevention Act A bill introduced to Congress after a tragic case of cyberbullying led to a young teenager's suicide
  • Misinformation Incorrect or misleading information on Web sites
  • Mobile Browsing Using a mobile phone to access the Internet
  • Mobile Device Portable devices for communication and computation
  • Mobile Operating System A generic term for the system and resource management software (i.e., operating system) for mobile devices
  • Mobile Software Application software for mobile devices
  • Moblogging An application that lets you read and write emails using a Web browser
  • Near Field Communication (NFC) A method of short-range wireless communications intended for processing transactions and transferring small amounts of data
  • Netiquette A code of conduct followed on the Internet in order to be respectful and clearly understood (Internet + etiquette)
  • Network Address Translation A method for hiding the internal structure of a network and allowing it to use a single public IP address
  • Online Dating A web service for establishing friendships and romantic relationships
  • Online Gambling The placing of bets using the Internet
  • Online Grooming Working to gain the trust of children and young people, often with the goal of a sexual relationship, though the use of cyber technology like the Internet or mobile phone
  • Online Identity A social identity that network users establish in online communities
  • Packet Filtering Selectively allowing or preventing chunks of information from entering a computer network
  • Packet Sniffer A program that reads or snoops on network traffic
  • Palmtop A computer that fits in the palm of your hand
  • Parental Control Software Software that allows parents to monitor and limit children's online activity
  • Passcard Means of identification for granting access, either physically or using software
  • Password A string of letters, numbers and/or symbols that grants access to something private
  • Password Cracking Trying to figure out someone else's computer password to get past a security system
  • Password Security Tools Software that stores multiple website-access passwords in encrypted form, so you can use them by remembering a single master password
  • Patch A modification to a software program or an operating system that is issued by the manufacturer
  • Pay Per Click An arrangement whereby Web advertisers pay Web site owners for each click on an advertisement.
  • Pharming Redirecting users from legitimate Web sites they are trying to visit to fraudulent Web sites
  • Phishing Using fake Web sites to trick you into giving away personal information
  • Photo Sharing Sharing and distributing digital photos over the Internet
  • Pin Cracking A procedure for breaking into Bluetooth devices by determining the personal identification number (PIN) used for secure transmissions
  • Plagiarism Using content that has been created by others without giving them due credit
  • Platform for Privacy Preferences (P3P) A protocol that allows a Web site to declare to users its intended use for the information it collects
  • Plug-in A software module that adds some specific service or function to a larger system
  • Pop-up Blocker Software to suppress automatically displayed browser windows, called pop-ups, which are often used for advertisements
  • Port An interface on a computer used to connect it to another device
  • Port Scanning Trying to find open ports on a computer in order to gain access to it
  • Portable Document Format (PDF) A format of electronic documents that permits viewing and accessing without the need to have the software that originally created it
  • Post Office Protocol (POP) Email protocol that downloads email to your computer
  • Privacy Tools Software or hardware that helps to keep your personal information from being illegitimately seen or acquired
  • Proxy Server A server used to make an Internet connection from certain computers
  • Quick Response (QR) Code A two-dimensional barcode that mobile phones can quickly scan
  • RSS A tool for incrementally or selectively downloading digital content from frequently updated sources, such as news sites
  • Radio-Frequency Identification A means of uniquely identifying objects via radio-frequency communication
  • Remote Desktop (RD) Technology that allows you to interact with a remote computer as if it were in front of you
  • Router A computer networking device that forwards data between networks
  • SMS Spam Junk mail sent to mobile phones
  • SSL Client Certificate Certificate used in SSL connections that contains detailed identification information about a user
  • Script Kiddie Someone who relies on existing tools and programs to exploit weaknesses in computers
  • Search Engine Software that quickly finds information on the Web
  • Secure Instant Messaging Software that makes data less likely to be compromised when using instant messaging
  • Secure Remote Login A way of accessing a distant computer with low risk of compromising a username, password and data
  • Secure Shell (SSH) A protocol for gaining secure access from your computer to a remote computer
  • Secure Sockets Layer (SSL) A protocol that dictates how two computer systems should exchange messages
  • Security Key A tool used to encrypt and decrypt content
  • Server Computer system that provides shared resources over a network
  • Sexting A slang term for the sending of sexually explicit or suggestive content between mobile devices
  • Short Message Service (SMS) A service that lets you send short text messages between mobile devices, known as "texting"
  • Smart Cards and Tokens Objects that have microchips in them loaded with identifying information
  • Smurfing In gaming, targeting players below your skill level; Also, a type of Denial of Service attack
  • Social Engineering Using manipulation and deceit to trick victims into giving out confidential information
  • Social Media Online communication tools that enable users to make instant connections and interactions
  • Social Networking Sites Sites that let you post a profile and create a network with other people
  • Spam Unwanted email used mainly for advertising
  • Spoofing Card A communication service that allows you to choose what phone number displays on caller ID when someone receives a call from you
  • Spyware Software that sends information from your computer to a third party without your consent
  • Steganography A process of hiding secret information within other inconspicuous information
  • Streaming Media Media that can be played while it is still being received
  • Switch A device that connects multiple computers or devices within a single network
  • Symmetric Encryption Encryption method where the same key is used to encrypt and decrypt messages
  • Team Dating An online service facilitating social interactions among groups
  • Transmission Control Protocol/Internet Protocol (TCP/IP) The set of rules for communication on which most major networks are based
  • Trojan Horse A malicious program disguised as legitimate software
  • Trolling A person who posts rude or offensive messages on the Internet with the intent to disrupt a discussion or upset its participants
  • Uniform Resource Locator (URL) Address of a Web page or other Web resource
  • Virtual Private Network (VPN) The set of rules for communication on which most major networks are based
  • Virtual Tourism The activity of "visiting" sites of interest over the Internet without having to physically travel to them
  • Virus A self-replicating program that spreads by inserting copies of itself into other code or documents
  • Vishing Using fake phone numbers to trick you into giving away personal information
  • VoIP Technology that allows you to make telephone calls using the Internet
  • War Driving Driving around with a computer to find and access wireless networks
  • Web 2.0 The second generation of the World Wide Web, characterized by social networking and a high degree of content created by users
  • Web Beacon An invisible object that is placed on a web page or in an email that is used to monitor the activities of users
  • Web Browser Software that allows you to view Web pages
  • Web Page The basic unit of information on the Web
  • Web Site A group of Web pages with related content and a home page as a main point of entry
  • Web Traffic Measurements of the frequency and time spent by Web site visitors on a site, which indicate the popularity and utility of the site
  • Web-based Group A forum on the Internet set up for dialogue among a community of interest
  • Web-based Keyboard A computer program that displays a keyboard image with all its keys on the screen
  • Webmail An application that lets you read and write emails using a Web browser
  • WiFi Wireless Fidelity, shorthand for various wireless networking technologies
  • Wiki A type of Web site that allows users to easily add and edit content using any Web browser
  • Wireless Application Protocol (WAP) A set of rules for how data should be sent between mobile devices during wireless communication
  • Worm A self-replicating, self-spreading malicious program
  • Zero Day Attack An attack against a computer application even before a vulnerability or fix for it has been announced
  • Zombie Machine A computer that an attacker has taken control of using malware
My home page