Cybersecurity Glossary

A hacker is an individual who possesses advanced knowledge and skills in computer systems, networks, programming, or security and uses this expertise to gain unauthorised access to systems, manipulate or exploit vulnerabilities, or conduct malicious activities. The term "hacker" can refer to both individuals engaged in malicious activities (black hat hackers) and those who use their skills for ethical purposes, such as finding and fixing security vulnerabilities (white hat hackers).

Hacking refers to the practice of gaining unauthorised access, manipulating systems, networks, or software, or exploiting vulnerabilities for various purposes. Hacking can involve activities such as bypassing security controls, extracting sensitive information, modifying data, or disrupting services. Hacking techniques can be used for both malicious and ethical purposes, and the legality and ethics of hacking activities depend on the intentions and permissions involved.

A hardware backdoor is a hidden or intentionally designed entry point or vulnerability in a hardware device, such as a computer, networking equipment, or Internet of Things (IoT) device. A hardware backdoor provides unauthorised access to the device, bypassing security measures. Hardware backdoors can be implanted during the manufacturing process or added later by attackers, and they pose significant risks to the confidentiality, integrity, and security of the affected devices and the systems they are connected to.

A hardware security module (HSM) is a dedicated physical or logical device that provides secure storage, cryptographic operations, and key management services. HSMs are designed to protect and manage encryption keys, perform secure cryptographic operations, and enforce security policies. They are commonly used in enterprise environments, financial institutions, or applications that require high levels of security and protection for sensitive data and cryptographic processes.

A hash function is a mathematical function that takes an input (data) and produces a fixed-size string of characters, called a hash value or hash code. The hash function converts the input data into a unique representation that is typically of a fixed length. Hash functions are widely used in various security applications, such as data integrity verification, password storage, digital signatures, and message authentication codes (MACs).

A hash value, also known as a hash code or checksum, is the output generated by a hash function after processing an input (data). Hash values are unique representations of the input data, typically of a fixed length. Even a small change in the input data will produce a significantly different hash value. Hash values are commonly used for data integrity verification, fingerprinting, password hashing, or as identifiers in data structures like hash tables.

A honeynet is a purposefully created network or system that imitates a real production environment, designed to attract and monitor unauthorised or malicious activities. Honeynets are used for security research, intrusion detection, and capturing information about the techniques, tools, and behaviours used by attackers. By analysing the activities in a honeynet, organisations can gain valuable insights into new attack techniques, vulnerabilities, or emerging threats.

A honeypot is a decoy system or network component designed to attract and deceive attackers. Honeypots simulate vulnerable or enticing resources, such as servers, services, or files, to lure attackers into interacting with them. The activities within a honeypot are closely monitored to gather information about attacker behaviour, tactics, and tools. Honeypots are valuable tools for studying and understanding attackers' techniques, improving incident response, and enhancing overall security defences.

A honeypot network is a collection of interconnected honeypots deployed within a network infrastructure to detect and monitor unauthorised activities, intrusions, or attacks. By deploying multiple honeypots at different network locations, organisations can gain a broader view of attackers' activities, patterns, and the scope of their attacks. Honeypot networks enhance threat intelligence, provide early warning signs of potential attacks, and assist in forensic analysis and incident response efforts.

A honeytoken, also known as a tripwire or canary token, is a piece of false or specially created information that is intentionally planted within a system or network to detect unauthorised access, data leakage, or insider threats. Honeytokens can be unique documents, fake user accounts, or files that, when accessed or used, trigger an alert or indicate malicious activity. Honeytokens serve as early indicators of compromise and provide insights into potential security breaches.

A host-based intrusion detection system (HIDS) is a security solution or software installed on individual host systems, such as servers, workstations, or endpoints, to monitor and detect suspicious or malicious activities occurring on the host. HIDS agents analyse system logs, file changes, network connections, and other host-related events to identify indicators of unauthorised access, malware infections, or abnormal behaviour. HIDS helps detect and respond to intrusions at the host level.

Host-based security refers to the security measures, configurations, and solutions implemented on individual host systems to protect them from various threats and vulnerabilities. It includes practices such as hardening the host operating system, applying security patches, configuring firewalls, implementing antivirus software, and enabling host-based intrusion detection or prevention systems. Host-based security focuses on protecting the integrity, confidentiality, and availability of the individual hosts and the data they store or process.

A configuration parameter set before the learning process begins, affecting the behavior and performance of an AI model.

Parameters that are not learned by the machine learning algorithm itself but are set by the user before training. Hyperparameters control the behavior and performance of the model, such as learning rate, regularization strength, or the number of hidden layers in a neural network. Hyperparameter tuning is the process of finding the optimal values for these parameters.