There are different types of security attacks that can not be solved over the decade.These kind of security attacks attack any website or any social media for stealing the data and information fro the server even security servers also attacked by the attackers.
The major types of security attacks
There are two types of security attacks that can affect very bad.they are:
- Passive attacks
- Active attacks
Passive attacks
The goal of passive attacks is To obtain the information that is i.e being transmitted.
Types of Passive attacks
- Release of message context.
- Traffic analysis.
Release of message context:
A telephonic conversation, an E-mail message or a transferred file may contain confidential data. A passive attack may monitor the contents of these transmission.
Passive attacks are very difficult to detect because they do not involve any alteration of the data. When the messages are exchanged neither the sender nor the receiver is aware that a third party has read the messages. This can be prevented by encryption of data.
For Example: MIM(man in middle)
Traffic analysis:
Traffic analysis is the way of masking the contents of message.Encryption is the one of the common method of masking.
In this attack the eavesdropper analyzes the traffic, determine the location, identify communicating hosts, observes the frequency and length of message being exchanged. Using all these information they predict the nature of communication . All incoming and out going traffic of network is analysed but not altered.
Active Attacks:
In an active attack, the attacker tries to bypass or break into secured systems. This can be done through stealth, viruses, worms, or Trojan horses. Active attacks include attempts to circumvent or break protection features, to introduce malicious code, and to steal or modify information. These attacks are mounted against a network backbone, exploit information in transit, electronically penetrate an enclave, or attack an authorized remote user during an attempt to connect to an enclave. Active attacks result in the disclosure or dissemination of data files, DoS, or modification of data.
Types of Active Attacks:
- Masquerade
- Replay
- Modification of Messages
- Denial of service (DOS)
Masquerade attacks
As the name suggests, relate to an entity (usually a computer or a person) taking on a false identity in order to acquire or modify information, and in effect achieve an unwarranted privilege status. Masquerade attacks can also incorporate other categories.
Message replay
Involves the re-use of captured data at a later time than originally intended in order to repeat some action of benefit to the attacker: for example, the capture and replay of an instruction to transfer funds from a bank account into one under the control of an attacker. This could be foiled by confirmation of the freshness of a message.
Message modification
Could involve modifying a packet header address for the purpose of directing it to an unintended destination or modifying the user data.
Denial-of-service attacks
Prevent the normal use or management of communication services, and may take the form of either a targeted attack on a particular service or a broad, incapacitating attack. For example, a network may be flooded with messages that cause a degradation of service or possibly a complete collapse if a server shuts down under abnormal loading. Another example is rapid and repeated requests to a web server, which bar legitimate access to others. Denial-of-service attacks are frequently reported for internet-connected services.
Because complete prevention of active attacks is unrealistic, a strategy of detection followed by recovery is more appropriate.
IF you Like This Article Please Share It and Help Us to Write More Articles Like This !!!!!
0 comments:
Post a Comment