Payload

The term "payload" in computing terms can mean several different things. 1) In computer networking, a payload is the part of a data packet containing the transmitted data. 2) In computer security, a payload is the part of a computer virus or other malware containing the code that carries out the virus's harmful activity.

1. Data Packet Payload

A payload is the part of a protocol data unit (PDU) that contains the transmitted data or message. When one device sends data over a network, it needs to combine that data with a header into a packet. A packet's header contains directions from its origin to its destination and instructions on how to reassemble the payload. Once the destination device receives the packet, it discards the header and then reads the data in the payload—much like receiving and opening a letter, discarding the envelope, then reading the message.

How much information a payload can contain varies between protocols. Any piece of data exceeding the payload limit gets split into multiple parts that get reassembled once received. For example, the maximum size of an IP data packet is 64 KB, of which only 20 to 60 bytes are the header, leaving the rest of it to the payload. An Ethernet frame, meanwhile, is only 1500 bytes of payload with 18 bytes of overhead. When an IP data packet travels over Ethernet, it is split—header and all—into smaller pieces that serve as the payloads in a series of Ethernet frames.

2. Malware Payload

A payload is the part of a computer worm or virus that executes the code that conducts malicious activity. Some viruses search for and steal information, monitor activity, delete files, or encrypt files to hold them hostage. The other parts of a virus are the vector, which is the method the virus uses to infect the computer, and the trigger, which is the condition that activates the payload.