Term | Definition |
application hardening | A way of reducing risks stemming from reverse-engineering, tampering, and vulnerability discovery. |
application shielding | A way to help prevent, detect and/or respond to potential or actual application-level intrusions. |
assembly linking | Statically linking two or more assemblies to produce a single, merged assembly. |
authentication | Verifying that an application, device, or user is what or who it purports to be. Credentials may include passwords, private keys, or other evidence. |
authorization | Granting rights to a user, service or application. |
back door | A hidden way to access computer system functions while bypassing system security policy. Back doors may be established illicitly, or sometimes for authorized maintenance purposes. |
certificate | A digitally signed statement that contains identification information used to verify identity. |
cipher | Means of encoding a readable message into an unreadable scrambled message. Data in unencrypted form is called plaintext; data in encoded form is called ciphertext. |
control flow obfuscation | Rewriting control structures so that decompilers cannot recreate the original statements (for/while/if/etc.) and must resort to confusing goto calls. Control flow obfuscation may also throw in false loops and code paths that do not affect program flow, but create spaghetti code to human eyes. |
cryptography | Analysis of encoding techniques used to secure information from specific threats. Cryptography can ensure confidentiality and facilitate authentication and data integrity. |
decompiler | A program that converts an executable application into higher level source code. Decompilers may be used to reverse engineer applications. |
decryption | Converting encrypted data back to its original form, e.g. translating ciphertext to plaintext. |
digital signature | Computed data that connects a sender’s identity to information being sent. Cryptography is used to construct digital signatures in public key environments. |
encryption | The process of converting data (cleartext) to coded form (ciphertext) given a key. Those who have an appropriate key can decrypt encrypted data. |
fingerprinting | Personalizing digital content to detect piracy. Fingerprints may consist of small changes in the sequence of data, enabling subsequent “traitor tracing” back to the original source. |
firewall | A security system that separates a secured network from other network components. Firewalls can allow only authorized traffic, and prevent or detect network attack. |
ildasm | Microsoft’s Disassembler for .NET/MSIL programs. |
ILSpy | ILSpy is a popular open-source .NET assembly browser and decompiler |
impersonation | Gaining access to a system in the security profile of a specific identity. Impersonation may be illegitimate (spoofing, masquerading) or legitimate (e.g., authorized testing.) |
incremental obfuscation | Using an automatically generated map file to allow patches and updates to run an obfuscated assembly. |
least privilege | A security administration principle wherein each user is provided only the minimum set of rights needed to accomplish their authorized tasks. Issuing the most restrictive set of privileges may minimize damages from unauthorized use and error. |
malicious | Deliberately harmful intent. Malicious users may use malicious code to attack a system. |
nonrepudiation | A technique providing evidence that a user took an action. Nonrepudiation is used to counter false denial of involvement in a communication or transaction. |
obfuscation | Technology to shroud the context and contents of code. Obfuscated applications function properly, yet confuse human observers and decompilers. |
overload induction | PreEmptive’s patented obfuscation algorithm that maximizes the number of methods renamed to the same character by creating overload relationships. |
owasp | The Open Web Application Security Project |
password | A private character string used to authenticate a user. Password attacks are attempts to obtain a password, using password dictionaries to guess a password, sniffers to capture passwords from network traffic or other communications, and cracking programs. |
phishing | Using deceptive communications to entice victims to reveal passwords, account numbers, or other information. Phishing communications may include spam and web postings. |
physical vulnerability | risk created because access to system hardware is not properly controlled. Physical vulnerabilities may arise when computers are left running in unattended locations. |
private key | A key kept by an issuer which is paired with a public key, in public key encryption. Either key can encrypt data, the corresponding key is required to decrypt data. The issuer may the private key to digitally sign data. |
proxy server | A computer connected to multiple networks that serves one or more client machines. Proxy servers can connect risk a local area network to the Internet, and be part of a firewall protection system. |
public key | A key released to the public which is paired with a private key, in public key encryption. Either key can encrypt data, the corresponding key is required to decrypt data. |
runtime application self-protection (RASP) | A security technology that is infused into an application or application runtime environment that is capable of detecting, alerting and preventing real-time attacks. |
reverse engineering | the process of taking something apart (such as a Java or .NET application) to analyze details of its inner workings. |
safeguard | A protective measure that reduces system vulnerability. Safeguards or countermeasures may include software and hardware security features, access controls, and physical protections. |
sandbox | A security technique used to contain the actions that applications from untrusted sources might take. Sandboxed applications are limited to a defined set of privileges and functions. |
secure socket layer (SSL) | An Internet protocol that provides authentication, data integrity, and confidentiality using end-to-end encryption. |
string encryption | The use of an algorithm to obscure hard-coded strings. This prevents hackers from localizing their attacks by searching for strings such as “invalid registration” and encrypts critical resources like SQL statements. |
tamper | To modify a system, device, or data in an unauthorized manner. |
trojan horse | An application that appears useful but includes code that is damaging. Remote Access Trojan (RAT) and Trojan code are also used. |
virtual private network (VPN) | A private network that uses the infrastructure of public networks. The VPN encapsulates, encrypts, and authenticates data flows to restrict access and prevent data interception. |
virus | An application which modifies other applications to replicate its functions. Viruses often damage system operation |
vulnerability | A security flaw or weakness that could allow an attacker to compromise or exploit a system’s operation. |
watermarking | Hiding a unique string in an assembly that can be retrieved at a later time. |