Types of Security Attacks

Active Attacks

It is an attempts to alter system resources or affect their operation. It includes Modification of data, or creation of false data.

Four categories
 Masquerade
 Replay
 Modification of messages
 Denial of service

  1. Masquerade : It takes place when one entity pretends to be a different entity. For example, authentication sequences can be captured and replayed after a valid authentication sequence has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those privileges.
  2. Replay : Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
  3. Modification of Messages : Modification of messages simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect.
  4. Denial of Service : The denial of service prevents or inhibits the normal use or management of communications facilities. This attack may have a specific target; for example, an entity may suppress all messages directed to a particular destination (e.g., the security audit service). Another form of service denial is the disruption of an entire network, either by disabling the network or by overloading it with messages so as to degrade performance.

Passive Attacks

It attempts to learn or make use of information from the system but does not affect system resources. Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted.

Two types of passive attacks:

  • Release of Message Contents
  • Traffic Analysis
  1. Release of Message Contents : A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information. We would like to prevent an opponent from learning the contents of these transmissions.
  2. Traffic Analysis : The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place.