try preemptive solutions now! 

Home Resources
 

Obfuscator and Code Security Glossary

assembly linking - statically linking two or more assemblies to produce a single, merged assembly.  Learn more about the benefits of assembly linking here.

authentication - verifying that an application, device, or user is what or who it purports to be. Credentials may include passwords, private keys, or other evidence.

authorization - granting rights to a user, service or application.

back door - a hidden way to access computer system functions while bypassing system security policy. Back doors may be established illicitly, or sometimes for authorized maintenance purposes.

certificate - a digitally signed statement that contains identification information used to verify identity.

cipher - means of encoding a readable message into an unreadable scrambled message. Data in unencrypted form is called plaintext; data in encoded form is called ciphertext.

control flow obfuscation - rewriting control structures so that decompilers cannot recreate the original statements (for/while/if/etc.) and must resort to confusing goto calls.  Control flow obfuscation may also throw in false loops and code paths that do not affect program flow, but create spaghetti code to human eyes.

cryptography - analysis of encoding techniques used to secure information from specific threats. Cryptography can ensure confidentiality and facilitate authentication and data integrity.

decompiler - a program that converts an executable application into higher level source code. Decompilers may be used to reverse engineer applications.  See our decompiler page here.

decryption - converting encrypted data back to its original form, e.g. translating ciphertext to plaintext.

digital signature - computed data that connects a sender's identity to information being sent. Cryptography is used to construct digital signatures in public key environments.

encryption - the process of converting data (cleartext) to coded form (ciphertext) given a key. Those who have an appropriate key can decrypt encrypted data.

fingerprinting - personalizing digital content to detect piracy. Fingerprints may consist of small changes in the sequence of data, enabling subsequent "traitor tracing" back to the original source.

firewall - a security system that separates a secured network from other network components. Firewalls can allow only authorized traffic, and prevent or detect network attack.

ildasm - Microsoft's decompiler for .NET/MSIL programs.  See our decompiler page here.

impersonation - gaining access to a system in the security profile of a specific identity. Impersonation may be illegitimate (spoofing, masquerading) or legitimate (e.g., authorized testing.)

incremental obfuscation - using an automatically generated map file to allow patches and updates to run an obfuscated assembly.

least privilege - a security administration principle wherein each user is provided only the minimum set of rights needed to accomplish their authorized tasks. Issuing the most restrictive set of privileges may minimize damages from unauthorized use and error.

mailicious - deliberately harmful intent. Malicious users may use malicious code to attack a system.

nonrepudiation - a technique providing evidence that a user took an action. Nonrepudiation is used to counter false denial of involvement in a communication or transaction.

obfuscation - technology to shroud the context and contents of code.  Obfuscated applications function properly, yet confuse human observers and decompilers.

overload inductionTM - PreEmptive's patented obfuscation algorithm that maximizes the number of methods renamed to the same character by creating overload relationships.  Read more here.

password - a private character string used to authenticate a user. Password attacks are attempts to obtain a password, using password dictionaries to guess a password, sniffers to capture passwords from network traffic or other communications, and cracking programs.

phishing - using deceptive communications to entice victims to reveal passwords, account numbers, or other information. Phishing communications may include spam and web postings.

physical vulnerability - risk created because access to system hardware is not properly controlled. Physical vulnerabilities may arise when computers are left running in unattended locations.

private key - a key kept by an issuer which is paired with a public key, in public key encryption. Either key can encrypt data, the corresponding key is required to decrypt data. The issuer may the private key to digitally sign data.

proxy server - a computer connected to multiple networks that serves one or more client machines. Proxy servers can connect risk a local area network to the Internet, and be part of a firewall protection system.

public key - a key released to the public which is paired with a private key, in public key encryption. Either key can encrypt data, the corresponding key is required to decrypt data.

Reflector - .NET Reflector is a popular decompiler.  See our decompiler page here to learn more.

reverse engineering - the process of taking something apart (such as a Java or .NET application) to analyze details of its inner workings.  See examples of reverse-engineers at work on our demos page.

safeguard - a protective measure that reduces system vulnerability. Safeguards or countermeasures may include software and hardware security features, access controls, and physical protections.

sandbox - a security technique used to contain the actions that applications from untrusted sources might take. Sandboxed applications are limited to a defined set of privileges and functions.

secure socket layer (SSL) - an Internet protocol that provides authentication, data integrity, and confidentiality using end-to-end encryption.

smart card - a microprocessor enabled card that enables secure storage of passwords, private keys and certificates. Widely used in Europe for identification and banking.

steganography - the encoding of data to conceal the existence of a message.  For example, steganographic watermarks may identify the owner of a digital image yet not impair its viewing.  Learn more about software steganography here.

string encryption - the use of an algorithm to obscure hard-coded strings.  This prevents hackers from localizing their attacks by searching for strings such as "invalid registration" and encrypts critical resources like SQL statements.

tamper - to modify a system, device, or data in an unauthorized manner.

Trojan horse - an application that appears useful but includes code that is damaging. Remote Access Trojan (RAT) and Trojan code are also used.

virtual private network (VPN) - a private network that uses the infrastructure of public networks. The VPN encapsulates, encrypts, and authenticates data flows to restrict access and prevent data interception.

virus - an application which modifies other applications to replicate its functions. Viruses often damage system operation

vulnerability - a security flaw or weakness that could allow an attacker to compromise or exploit a system's operation.

watermarking - hiding a unique string in an assembly that can be retrieved at a later time.  Learn more about watermarking here.

 
 
 

Sign me up for the newsletter

Have PreEmptive Contact Me