Term:Trojan Horse

From FISMApedia
Jump to: navigation, search

CNSSI 4009

Trojan Horse - Program containing hidden code allowing the unauthorized collection, falsification, or destruction of information. (See malicious code.)

DSS Glossary

Trojan Horse - Computer program with an apparently or actually useful function that contains additional (hidden) functions that surreptitiously exploit the legitimate authorizations of the invoking process to the detriment of security (for example, making a "blind copy" of a sensitive file for the creator of the Trojan horse).

NIST IR 7298

Trojan Horse - A non-self-replicating program that seems to have a useful purpose, but in reality has a different, malicious purpose. SOURCE: SP 800-61

NIST SP 800-28v2

Trojan Horse - A useful or seemingly useful program that contains hidden code of a malicious nature that executes when the program is invoked.

NIST SP 800-46

Trojan Horse - (a.k.a. Trojan) A Trojan horse is a useful or seemingly useful program that contains hidden code of a malicious nature. When the program is invoked, so is the undesired function whose effects may not become immediately obvious. The name stems from an ancient exploit of invaders gaining entry to the city of Troy by concealing themselves in the body of a hollow wooden horse, presumed to be left behind by the invaders as a gift to the city.

NIST SP 800-47

Trojan Horse - A computer program containing an apparent or actual useful function that also contains additional functions that permit the unauthorized collection, falsification, or destruction of data.

NIST SP 800-61r1

Trojan Horse - A non-self-replicating program that seems to have a useful purpose, but in reality has a different, malicious purpose.

NIST SP 800-61

Trojan Horse - A nonself-replicating program that seems to have a useful purpose, but in reality has a different, malicious purpose.

NIST SP 800-82 Final Draft

Trojan Horse - A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program. [RFC 2828, Internet Security Glossary, May 2000, http://rfc.net/rfc2828.html.]

NIST SP 800-83

Trojan Horse - A non-replicating program that appears to be benign but actually has a hidden malicious purpose.