according to statistics the number of hacking incidents reported in 2003,2004 are high . the intruder knowledge has become very skillful.
Lets discuss about the security attacks:
Security attacks are of 2 types 1)passive attack 2)active attack. .
the security threat could be a hacker or a virus/worm that gets executed automatically
The Passive Attack:
the passive attack is nothing but the hacker just interprets the data sent through the network. but there will be no modification of data. detecting these kinds of attack is tricky.
if peer A is sending data to peer B, if the hacker just observes the data being passed between these 2 peers, then the attack is said to be passive attack.
observing traffic pattern,is 2nd type of passive attack. the intruder observes the traffic flow in network.
Suppose that we had a way of masking the contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message.
The common technique for masking contents is encryption. If we had encryption protection in place, an opponent might still be able to observe the pattern of these messages. The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place.
Passive attacks are very difficult to detect because they do not involve any alteration of the data. Typically, the message traffic is sent and received in an apparently normal fashion and neither the sender nor receiver is aware that a third party has read the messages or observed the traffic pattern. However, it is feasible to prevent the success of these attacks, usually by means of encryption.
Thus, the emphasis in dealing with passive attacks is on prevention rather than detection.
the 2nd type of security attacks is Active Attack:
the active attack involves modification of data or creation of false data sent thru network by hacker . there are 4 types in this
a)masquerade 2)replay of messages 3)modification of messages 4) denial of service.
lets discuss about these attacks.
masquerade: in this, the hacker pretends to be a different entity.one entity tries to behave as different entity. suppose peer A sends confidential data to peer B, then the hacker pretends to be a peer B and gets the confidential data from peer A .
For example, authentication sequences can be captured and replayed after a valid authentication sequence
has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those privileges.
replay of messages: in this attack, the hacker gets the passive information from sender and observes them, later replays the messages to receiver.
modificiation of message: In this the intruder modifies the message that has been sent thru network from host A to host B. when host A sends message "Give Admin rights to steves" to host B, the intruder can capture this and modifies as "Give Admin rights to parker" and sends to receiver host B.
denial of service: the denial of service prevents or inhibits the normal use or management of communication facilites. example may include , the inrtuder attacks the network hosts by degrading its performance by sending overwhelming requests.
masquerade: in this, the hacker pretends to be a different entity.one entity tries to behave as different entity. suppose peer A sends confidential data to peer B, then the hacker pretends to be a peer B and gets the confidential data from peer A .
For example, authentication sequences can be captured and replayed after a valid authentication sequence
has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those privileges.
replay of messages: in this attack, the hacker gets the passive information from sender and observes them, later replays the messages to receiver.
modificiation of message: In this the intruder modifies the message that has been sent thru network from host A to host B. when host A sends message "Give Admin rights to steves" to host B, the intruder can capture this and modifies as "Give Admin rights to parker" and sends to receiver host B.
denial of service: the denial of service prevents or inhibits the normal use or management of communication facilites. example may include , the inrtuder attacks the network hosts by degrading its performance by sending overwhelming requests.
