Network threat detection Definitions

Browse Definitions
Search Definitions
  • I

    intrusion prevention

    Intrusion prevention is a preemptive approach to network security used to identify potential threats and respond to them swiftly.

  • inverse mapping

    Inverse mapping is a procedure used to create associations between real or virtual objects that involves some type of reversal of another process or concept.

  • IP Spoofing

    IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate another computer system, or to hide the identity of the sender, or both.

  • M

    micro VM (micro virtual machine)

    A micro VM (micro virtual machine) is a virtual machine program that serves to isolate an untrusted computing operation from a computer's host operating system.

  • N

    network behavior analysis (NBA)

    Network behavior analysis (NBA) is a method of enhancing the security of a proprietary network by monitoring traffic and noting unusual actions or departures from normal operation... (Continued)

  • network behavior anomaly detection (NBAD)

    Network behavior anomaly detection (NBAD) is the continuous monitoring of a proprietary network for unusual events or extraordinary trends.

  • network forensics

    Network forensics is the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents.

  • nonce (number used once or number once)

    A nonce, in information technology, is a number generated for a specific use, such as session authentication.

  • P

    probe

    In telecommunications generally, a probe is an action taken or an object used for the purpose of learning something about the state of the network.

  • promiscuous mode

    In a network, promiscuous mode allows a network device to intercept and read each network packet that arrives in its entirety. This mode of operation is sometimes given to a network snoop server that captures and saves all packets for analysis (for example, for monitoring network usage)... (Continued)

  • S

    security information and event management (SIEM)

    Security information and event management (SIEM) is an approach to security management that seeks to provide a holistic view of organization’s information technology (IT) security. 

  • security information management (SIM)

    Security information management (SIM) is the practice of collecting, monitoring and analyzing security-related data from computer logs. A security information management system (SIMS) automates that practice. Security information management is sometimes called security event management (SEM).

  • snoop server

    A snoop server is a server that uses a packet sniffer program to capture network traffic for analysis.

  • SnortSnarf

    SnortSnarf is a program that was designed for use with Snort, a security program used mainly with Linux networks. SnortSnarf converts the data from Snort into Web pages. It was written in Perl by Jim Hoagland of Silicon Defense. Snort is an open source network intrusion detection system (NIDS) that monitors network traffic in real time, scrutinizing each packet closely to detect dangerous payloads or suspicious anomalies.

  • U

    ultrasound

    Ultrasound is acoustic (sound) energy in the form of waves having a frequency above the human hearing range.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close