Web application security Definitions

Browse Definitions
Search Definitions
  • A

    anonymous Web surfing (Web anonymizer, SafeWeb)

    Anonymous Web surfing allows a user to visit Web sites without allowing anyone to gather information about which sites the user visited.

  • B

    buffer overflow

    A buffer overflow occurs when a program attempts to write more data to a fixed length block of memory, or buffer, than the buffer is allocated to hold. Buffer overflow exploits may enable remote execution of malicious code or denial of service attacks.

  • C

    cache cramming

    Cache cramming is a method of tricking a computer into running Java code it would not ordinarily run.

  • content filtering (information filtering)

    On the Internet, content filtering (also known as information filtering) is the use of a program to screen and exclude from access or availability Web pages or e-mail that is deemed objectionable.

  • cookie poisoning

    On the Web, cookie poisoning is the modification of a cookie (personal information in a Web user's computer) by an attacker to gain unauthorized information about the user for purposes such as identity theft.

  • D

    dictionary attack

    A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password. A dictionary attack can also be used in an attempt to find the key necessary to decrypt an encrypted message or document.

  • distributed denial of service (DDoS) attack

    A distributed denial-of-service attack occurs when an attack originates from multiple computers or devices, usually from multiple different locations or networks.

  • G

    greynet (or graynet)

    Greynet is a term for the use of unauthorized applications on a corporate network. A greynet application is a network-based program that corporate network users download and install without permission from their company's IT department.

  • J

    JavaScript hijacking

    JavaScript hijacking is a technique that an attacker can use to read sensitive data from a vulnerable Web application, particularly one using Ajax (Asynchronous JavaScript and XML)... (Continued)

  • L

    LUHN formula (modulus 10)

    The LUHN formula, also called modulus 10, is a simple algorithm used to validate the number on a credit card.

  • M

    malvertisement (malicious advertisement or malvertising)

    A malvertisement (malicious advertisement) is an advertisement on the Internet that delivers a malicious payload. 

  • metamorphic and polymorphic malware

    Metamorphic and polymorphic malware are two categories of malicious programs that have the ability to change their code as they propagate.

  • N

    National Computer Security Center (NCSC)

    The National Computer Security Center (NCSC) is a U.S. government organization within the National Security Agency (NSA) that evaluates computing equipment for high security applications to ensure that facilities processing classified or other sensitive material are using trusted computer systems and components.

  • nonce (number used once or number once)

    A nonce, in information technology, is a number generated for a specific use, such as session authentication.

  • S

    Secure Sockets Layer (SSL)

    Secure Sockets Layer (SSL) is a computer networking protocol for securing connections between network application clients and servers over an insecure network, such as the internet.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close