Choose Index below for a list of all words and phrases defined in this glossary.
alternate data stream (ADS) - An alternate data stream (ADS) is a feature of Windows New Technology File System (NTFS) that contains metadata for locating a specific file by author or title. ADS is supported by all versions of Windows beginning with Windows NT through the current version, Windows 7.
When it comes to security, the danger of ADSes lies in the fact that the information they contain does not alter any noticeable characteristics of the particular file to which they are attached. For example, adding additional "title" data to a file's ADS will not increase the file's size or change its functionality. This makes ADSes, for most intents and purposes, hidden. And this makes them a valuable place for attackers, particularly rootkit builders, to hide their tools.
As of March, 2010, free, open source tools such as StreamArmour are available to detect potentially malicious ADSes on Windows systems.
Related glossary terms: RSA algorithm (Rivest-Shamir-Adleman), data key, greynet (or graynet), spam cocktail (or anti-spam cocktail), fingerscanning (fingerprint scanning),munging, insider threat, authentication server, defense in depth, nonrepudiation / non-repudiation
[Category=Data Management ]
Source: WhatIs.com, 04 July 2013 08:32:09, http://whatis.techtarget.com/glossary/Data-and-Data-Management
Data Quality Glossary. A free resource from GRC Data Intelligence. For comments, questions or feedback: dqglossary@grcdi.nl