Payload (computing)

From Wikipedia, the free encyclopedia
Jump to: navigation, search

In a computing and telecommunications, a payload is the part of transmitted data that is the actual intended message. Payload does not include information sent with it such as headers or other metadata, sometimes referred to as overhead data, sent solely to facilitate payload delivery.[1][2]

In computer security, payload refers to the part of malware which performs a malicious action.[3] In the analysis of malicious software such as worms, viruses and Trojans, it refers to the software's harmful results. Examples of payloads from malware include code for deleting data, displaying messages with insulting text or sending spurious email messages to a large number of people.

Description[edit]

The term payload is used to distinguish between the interesting information in a chunk of data or similar, and the overhead to support it. It is borrowed from transportation, where it refers to the part of the load that pays: for example, a tanker truck may carry 20 tons of oil, but the fully loaded vehicle weighs much more than that – there's the vehicle itself, the driver, fuel, the tank, etc. It costs money to move all these, but the customer only cares about (and pays for) the oil, hence, pay-load.

Another notable use of the term is in malware. Malicious software usually has two objectives: spreading itself, and performing some kind of modification on the target system (delete files, compromise system security, call home, etc.). The spreading part is the overhead, while the code that does the actual evil-doing is the payload.

Example[edit]

In computer programming, the most common usage of the term is in the context of message protocols, to differentiate the protocol overhead from the actual data. Take, for example, a JSON web service response that might look like this (formatted for readability):

{  
   "data":{  
      "message":"Hello, world!"
   }
}

In this example, the string "Hello, world!" is the payload, the part that the recipient is interested in; the rest, while vital information, is protocol overhead.

References[edit]

  1. ^ "Payload definition". Pcmag.com. 1994-12-01. Retrieved 2012-02-07. 
  2. ^ "Payload definition". Techterms.com. Retrieved 2012-02-07. 
  3. ^ "Payload definition". Securityfocus.com. Retrieved 2012-02-07.