click below
click below
Normal Size Small Size show me how
CSCI340 Jakob Ch1
LU CSCI340 Jakobsson text Ch 1
Term | Definition |
---|---|
crimeware | software that performs illegal actions unanticipated by a user running the software; these actions are intended to yield financial benefits to the distributor of the software |
phishing | Online identity theft, in which confidential information is illicitly obtained through a computer network and used for profit |
click fraud | online advertisers are cheated into paying criminals who simulate clicks on advertisements they host themselves |
ransomware | data on a compromised machine is encrypted, and the criminal then offers to decrypt the data for a fee |
browser helper object | can detect changes to the URL and log information when a URL is affiliated with a designated credential collection site |
hooking | An application-level software package used to intercept keystroke data |
device driver | A kernel-level form of software that can store keyboard and mouse inputs in conjunction with monitoring the user’s activities. |
screenscraper | monitors both the user’s inputs and portions of the display. can thwart alternate on-screen input security measures. |
scancode | a numeric representation of the key that the user pressed |
DNS cache | stored on the user’s local machine and keeps track of responses provided by DNS servers |
trawler phishing | A web proxy attack, in which a malicious web proxy receives all web traffic from a compromised computer and relays it to a legitimate site, collecting credentials and other confidential information in the process. |
session hijacking attack | information is received from a user and passed through to the legitimate site until the desired authentication and/ or transaction initiation has been performed, whereupon the session is hijacked. |
hostname lookup (pharming) attack | a website at the correct hostname, but incorrect IP address, relays data between the user and legitimate site, to provide verisimilitude and delay detection. |
staged downloaders/modular malicious code | Crimeware instances employing a two-stage approach |
backdoor | opens up a means for remote control of the victim’s computer, usually via a TCP/IP port on which it listens for commands, either manually sent or sent en masse to a botnet |