Site Glossary

Browse the glossary using this index

Special | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z | ALL

Page: (Previous) 1 ... 5 6 7 8 9 10 11 12 13 14 ... 52 (Next)
ALL

C

Complaint

A report alleging criminal conduct. Digital complaints may be supported by screenshots, URLs, emails, chat logs, payment receipts, or device artifacts; investigators should seek original data sources where possible because screenshots alone can be incomplete or manipulated.

Conditional (If / Else)

A control structure that executes different code paths depending on a boolean condition. Conditionals are essential for decision-making, error handling, and branching logic.

Confidentiality

The security property that ensures information is accessible only to authorized parties. Encryption is the primary cryptographic mechanism used to protect confidentiality, but confidentiality also depends on key management and secure implementation.

Consensus Mechanism

The protocol by which nodes agree on the valid state of the ledger (e.g., Proof of Work, Proof of Stake).

Consent to Search

Voluntary permission granted by an authorized person to conduct a search without a warrant (subject to jurisdictional requirements). In digital investigations, consent should clearly cover the scope (device, accounts, apps, cloud backups) and can be limited or revoked at any time.

Container

A lightweight, portable package containing application code and dependencies. Containers enable consistent deployment across environments.

Corroboration

Independent evidence that supports a fact or claim. Digital corroboration often involves matching witness statements with logs, device artifacts, provider records, metadata, and third-party sources to strengthen reliability and reduce alternate explanations.

Court Order

A judge-signed directive requiring or authorizing a specific action. In digital cases, court orders can be used for certain categories of stored data, pen register/trap-and-trace authority (where applicable), preservation, or compelled disclosure depending on statute and jurisdiction.

Covert Channel

A covert channel is a type of communication method which allows for the transfer of data by exploiting resources that are commonly available on a computer system. Covert channels are types of communication that are invisible to the eyes of the system administrators or other authorized users. Covert channels are within a computer or network system, but are not legitimate or sanctioned forms of communication. They may be used to transfer data in a clandestine fashion.

Examples of covert channels include:

Embedding data in the headers of packets - The covert data is embedded in the headers of normal packets and sent over a protocol related to the normal activities of the computer system in question.
Data piggybacked on applications - Malicious applications are piggybacked with legitimate applications used on the computer system, sending confidential data.
Time-based channel - The timing of certain actions or transmissions is used to encode data.
Covert storage channel - Data is stored within a computer system on disk or in memory and is hidden from the system's administrators.
Data diddling - This involves manipulating data to contain malicious code or messages.
Steganography - This is a process of hiding messages within other types of media such as images and audio files.

Covert channels are commonly used for malicious purposes, such as the transmission of sensitive data or the execution of malicious code on a computer system. They can also be used for legitimate purposes, however, such as creating an encrypted communication channel.

Crime as a Service

Crime as a service (CaaS) is a term used to describe the practice of selling illegal or malicious products or services online. These products and services can include things such as malware, stolen personal information, and tools for committing cybercrimes.

One example of CaaS is the sale of malware-as-a-service (Maas). Maas refers to the sale of malware or tools for creating malware, often with the added convenience of technical support and updates. This allows individuals or organizations to purchase and use malware without having the technical knowledge or resources to create it themselves.

Another example of CaaS is the sale of stolen personal information, such as credit card numbers or login credentials. This information can be used for identity theft or other fraudulent activities.

CaaS can also include the sale of tools or services for committing cybercrimes, such as distributed denial of service (DDoS) attacks or phishing campaigns. These tools can be used to disrupt or compromise websites or steal sensitive information from individuals or organizations.

Overall, CaaS is a growing concern for law enforcement agencies, as it allows individuals or organizations to access and use illegal or malicious products and services without having to have the necessary knowledge or resources. It is important for individuals and organizations to be aware of the potential risks of CaaS and take steps to protect themselves from these types of threats.

Keywords:
- Crime-as-a-Service (CaaS)
- Malware-as-a-Service (MaaS)
- Ransomware-as-a-Service (RaaS)