An A-Z guide to the technical terms used in digital security
An iframe is an element in a HTML document that allows a page to be embedded as a component in another page (known as the parent page). Despite known usability issues, iframes continue to be a popular way to display related information on a single page.
In terms of security, an iframe is not itself a security risk; it may however inadvertently serve as a channel for malicious code if the page being referred is compromised, or if a malicious script running in the iframe is able to affect the parent page.
A form of real-time communication between two or more parties, based on typed text that is transmitted over a network, such as the Internet or a company intranet.
Instant Messaging (IM) clients allow connected users to send messages to each other. Many also allow files, audio and video to be transmitted.
Due to their extreme popularity, extensive reach and file transfer capabilities, IM clients and networks are popular targets for malware authors attempting to distribute their malicious wares to as wide an audience as possible.
Internet Relay Chat (IRC)
A form of real-time communication, based on typed text transmitted over a network, such as the Internet or a company intranet.
Though similar to Instant Messaging (IM), Internet Relay Chat (IRC) differs in that it is geared primarily towards group communications, organized into forums known as channels. Like IM however, IRC allows one-to-one conversations, as well as data transfers. Also like IM, IRC client software and networks are popular targets for malware authors attempting to distribute their products.
Internet Service Provider (ISP)
A company that provides clients with the necessary infrastructure and technology for its clients to connect to the Internet. The provided technology runs the gamut of simple dial-up programs, to broadband wireless or cable Internet services.
Some major Internet Service Providers (ISPs), particularly national telecommunications companies, may be responsible for maintaining the necessary physical infrastructure and licensing its usage to smaller ISPs. Many, but not all, ISPs also provide related services, such as website hosting, email hosting and so on.
A type of arithmetic error in which a calculation produces a numeric value too large for the available storage space in a device.
If data validation measures are not in place, the data overflow may be ignored or written to unexpected places, leading to significant calculation errors, and not infrequently, system crashes.
In systems that are business or even life critical – i.e. for air traffic control or hospital medical equipment – the potential repercussions of a crash from an integer overflow can be severe, and there have been a number of cases where such errors have lead to major disasters or tragedies.
This term refers to instances of threats reported infecting a user's system in the real world, as opposed to Proof of Concept (POC) codes from a known source or researcher, or those saved in a zoo collection.
Intrusion Detection / Intrusion Prevention System
An Intrusion Detection System (IDS) is a device (either a hardware appliance or software) that monitors a network for suspicious activity. An Intrusion Prevention System (IPS) is similar, except that it is capable of reacting to the suspicious activity by blocking it.
Nowadays, a number of products provide detection and intrusion as two complementary services, or merge the two functionalities into one system. An IDS/IPS can be either host-based, in that it resides and acts on only a single IP address, such as a single computer; or it can be network-based, where it resides on one host and still takes action on other hosts.
Though useful, an IDS/IPS must be carefully configured to ensure that it does not generate an unacceptably high level of false positives, while still being sufficiently sensitive to detect any dangerous activity.
An identifier assigned to all unique resources (computers, servers, etc) connected to a network, which acts as that resource's 'name tag' during machine-to-machine communications.
Much like a real name tag, a resource's assigned IP address isn't always permanent and can be changed depending on need. For example, an FTP server on a company network that must be constantly accessed can have its IP address configured to be static. On the other hand, a workstation may be assigned a dynamic IP address that changes with each session. Each configuration has its own security considerations.
Though IP addresses are crucial to the way machines communicate with each other, the user typically does not use it; instead, they will remember and use the resource's domain name (for example, 'www.f-secure.com'). The domain name is strictly a human convenience, as most users have difficulty remembering IP addresses off-hand. The computer system itself however will use the resource's IP address to find and connect to it.