Home / News / National Cyber ​​Security Awareness Week | Do you understand the professional “cyber talk” used in cyber cases?

National Cyber ​​Security Awareness Week | Do you understand the professional “cyber talk” used in cyber cases?

Everyone has been following the WeChat official account of the "Cybersecurity Bureau of the Ministry of Public Security" for such a long time. When you look at the cases we publish, do some of the professional terms in them sound "unclear" and would you like to know more about them?
Today, the editor will take you to focus on learning and becoming familiar with the common "internet slang" in these Internet cases.

IP address

Internet Protocol Address

It refers to the Internet Protocol address, which is a unified address format provided by the IP protocol. It assigns a logical address to every network and every host on the Internet, thereby shielding the difference in physical addresses.
IP addresses are usually expressed in the form of "dotted decimal" (a.b.c.d), for example: dotted decimal IP address (

domain name

Domain Name

Because IP addresses are inconvenient to remember and cannot display the name and nature of the address organization, domain names were designed.
In fact, a domain name is the name of a certain computer or computer group on the Internet, which is composed of a string of English letters and other symbols separated by dots. For example: Domain name: WWW.baido.com, IP address:


Domain Name System

There is a one-to-one correspondence between domain names and IP addresses, and the conversion between them is called domain name resolution.
Domain name resolution needs to be completed by a specialized domain name server (DNS). The entire process is performed automatically. In actual operation, the IP address corresponding to the domain name can be queried through the ping command.

domain name server

Domain Name Server, DNS

It is a server that performs domain name and IP address translation.
When someone uses a browser to access a domain name, the browser will send a domain name request to the user's Internet access provider. The access provider's DNS server will query the domain name database to see what the DNS server of this domain name is, and then go to the server. Capture DNS records, that is, obtain which IP address this domain name points to.
After obtaining this IP information, the access provider's server goes to the server corresponding to this IP address to crawl the web page content, and then transmits it to the browser that made the request.

Traffic hijacking

Traffic Hijacking

It refers to the illegal behavior of attackers using technical means to illegally intercept, modify or control users' online behavior, in order to divert network traffic or even induce users to install Trojan horse programs and obtain user data.
For example, I originally wanted to visit website A, but someone secretly manipulated it so that I actually opened website B. This is called traffic hijacking.
In daily work, it is found that illegal criminals use traffic hijacking methods to achieve advertising pop-ups, web page jumps, installation promotion, etc., and then promote illegal APPs, websites, advertisements, etc.
In practice, traffic hijacking mainly involves crimes such as illegal control of computer information systems, illegal acquisition of computer information system data, and illegal intrusion into computer information systems.

DNS hijacking

Domain name hijacking

It is one of the means of traffic hijacking. It means that the attacker uses certain technical means to tamper with the result of a certain domain name resolution, so that the IP pointing to the domain name becomes another IP, causing access to the corresponding website to be hijacked to another unavailable IP. or a fake URL.
The Guiding Case (Prosecution Case No. 33) issued by the Supreme People's Procuratorate in 2017 defined the act of illegally controlling or modifying other people's domain name resolution systems, causing the computer information system to fail to operate normally, as a crime of damaging computer information systems.

DoS attack

Denial of Service

It refers to a network attack method that takes advantage of vulnerabilities in various network communication protocols and uses reasonable service requests under the corresponding network communication protocols to occupy too many service resources, so that normal users cannot get service responses. One of the common attack methods used by hackers is to put it simply, the attacker tries to make the target machine stop providing services.

DDoS attack

Distributed Denial of Service

It refers to launching attacks on one or more targets by controlling resources such as "broilers", causing the target server to disconnect from the network or run out of resources, and eventually stop providing services.
In daily work, it is found that the black production chain of DDos attacks mainly includes the order issuer (who funds and issues the attack demand for a specific website or server), the attack perpetrator, the author of the attack program, the broiler dealer (the perpetrator who intrudes into the computer information system, or Middlemen who buy and sell access to compromised computer systems.
They use backdoor programs to cooperate with various security vulnerabilities to gain control of personal computers and servers, and implant Trojans to turn computers into "broilers" capable of DDoS attacks).
In practice, the handling of DDoS attacks mainly involves two crimes: the crime of damaging computer information systems and the crime of illegally controlling computer information systems.

broiler chicken

"Meat machine" "Puppet machine"

It refers to a server or computer that has been remotely controlled by hackers or other personnel.
"Broilers" are often used to carry out DDoS attacks. The "broiler chicken" can be a server of a company, enterprise, school or even a government military, or it can also be an Internet of Things device such as a camera or a set-top box.

Internet of things

IoT, Internet of things

That is, the "Internet where everything is connected" is an extended and expanded network based on the Internet. It combines various information sensing devices with the network to form a huge network, realizing the connection between people, machines and things at any time and anywhere. interconnection.
For example, the common smart home in our daily life is the most common application of the Internet of Things. The web cameras and smart lamps in the home are simple information sensing devices.

Warmth hint

Today's class is a bit difficult. Did you learn anything?

Be sure to remember: Never use network technology Commit illegal crimes, otherwise the Internet police aunt will follow the Internet cable and come to you...