Botnet – A group of computers controlled from a single source that run software programs and scripts. These can be used for both legitimate (Internet Relay Chat, shared processing for applications) and malicious (propagation of viruses, crashing servers or sending email spam) purposes.
Buffer – A holding place for data that is en route between other hardware devices or software processes. The buffer regulates the flow of data and allows each device or process to operate without being held up by the other.
Content – The substance of communication; what the communication conveys, as opposed to information about the communication, which is known as metadata.
Cryptographic backdoor – A hidden feature of a cryptographic system that enables someone with knowledge of the backdoor to manipulate the system in a way that others cannot, for example by obtaining information from the system that would otherwise be kept secret.
Deep Packet Inspection – A form of filtering and examination of data as it passes an inspection point. Deep packet inspection is used by Internet Service Providers to block the spread of computer viruses, identify illegal downloads, and prioritize data transmitted by latency-sensitive applications like voice and video in order to alleviate network congestion and improve service. On the other hand it can also be used to intercept communications, scan content for keywords or block access to specific websites and networks.
Domain name system (DNS) – The Internet’s equivalent of a phone book. DNS is used to translate a user-friendly domain name such as “cardiff.ac.uk” into an Internet Protocol (IP) address such as “18.104.22.168”. It is the numerical address that is used by computers to identify each other on the network.
Encryption – encoding digital content so that it is unrecognisable to people who do not have access to passwords or private keys that will decode the information. PGP/GPG requires two separate keys, one that is a private key and the other which is a public key. These are used to encrypt and decrypt messages. A public key is used to encrypt plaintext or to verify a digital signature. In contrast, a private key is used to decrypt ciphertext or to create a digital signature.
Facial recognition – A biometric technology used to detect and recognize human physical characteristics. The technique is used to identify individuals by comparing facial features from an image against those stored in a database.
Fibre-optic cable – A high-speed data transmission medium containing glass or plastic threads that carry light beams. Digital data is transmitted through the cable via rapid pulses of light. Because fibre-optic cables provide high bandwidth, they are used for a large part of the Internet backbone. Most transatlantic telecommunications cables between the U.S. and Europe are fibre optic. In recent years, fibre optic technology has been deployed for regional and local Internet connections. These connect major regions of the world to each other. Maps: http://www.submarinecablemap.com and http://www.internetexchangemap.com.
Forward Secrecy – ensures that every new connection uses unique and ephemeral key information, this ensures that if long-term keys (e.g. PGP/GPG) are compromised that the content of messages cannot be decrypted.
Front-end– The part of an application that users interact with directly, made up of control and display components such as search forms. The front end connects the user to ‘back end’ components such as databases and algorithms that enable the application to function.
Internet backbone – A network of high-bandwidth connections that link together nodes across the globe. These nodes route incoming data to smaller networks across local regions. Most backbone connections consist of fibre-optic cables bundled together to increase capacity.
Man-in-the-middle – An attack in which communication between two systems is intercepted by a third system. The attacker acts as a proxy, able to read, modify, insert and delete data in the intercepted communication channel.
Man-on-the-side – An attack similar to a man-in-the-middle attack, where instead of completely controlling a communication channel, the attacker only has regular access to the communication channel, enabling the attacker to read traffic and insert new messages, but not to modify or delete messages sent by other participants. A man-on-the-side attack relies on a timing advantage to ensure that the attacker’s response to the victim’s request arrives before the legitimate response.
Metadata – Information about communication, as opposed to the substance of the communication, which is known as content. In UK law, metadata is called “communications data”. Metadata describes who a person communicates with, where they are when they communicate, how long they communicate for, and how their communications are transmitted and received.
Mix Network – a routing protocol that uses a chain of proxy servers called ‘mixes’. It shuffles messages from multiple sources and sends them out in a random order to another mix node, thus breaking the link between the source of a request and its destination.
Onion routing – a technique for anonymous communication over a computer network where messages are encapsulated in layers of encryption (hence the onion analogy). Encrypted data is sent through a series of nodes called onion routers, each of which “peels” away a single layer, uncovering the data’s next destination. When the final layer is decrypted, the message arrives at its destination. The sender remains anonymous because each intermediary knows only the location of the immediately preceding and following nodes.
Packet injection – The process of interfering with an established network connection, by constructing packets (units of data) to appear as if they are part of the normal communication stream. It is commonly used in man-in-the-middle attacks.
Pattern-of-life analysis –The aggregation of data from a variety of sources to develop a profile of past and present human behaviour. It is also used to predict future behaviour based upon recent activity such as travel, purchases and communications.
Peer-to-Peer – systems are composed of a distributed architecture where separate computers work together to share processing tasks and store data. They provide more anonymity because there is no centralised source for data transmission that could more easily be monitored.
Pseudo-top-level domain – name for a computer network that does not participate in the official Domain Name System and may not even participate in the Internet, although may use a similar domain name hierarchy.
RST packet spoofing – Also known as a TCP reset attack, RST packet spoofing exploits a feature of the Transmission Control Protocol (TCP) that allows unwanted connections to be closed without confirmation. It can be used to disrupt a wide range of Internet-based applications.
Sentiment analysis – A data analysis technique to collect, analyse and categorize opinions, attitudes and emotions as represented through online communications. It also maps idea propagation across social networks.
Standard – A technical standard is a document that describes a technical system in such a way as to enable interoperable implementations to be produced. Standards are often formulated by working groups within standards organisations. The members of a working group may include representatives of commercial, governmental and academic bodies. Once a standard is agreed it is written into documents that establish uniform technical criteria, methods, processes and practices.
Switch – A device used to network multiple computers together. High-end switches can have more than 50 ports. They can limit traffic to and from each port ensuring that each device connected to the switch has a sufficient amount of bandwidth. They do not provide either firewall or logging capabilities.