Security Attacks: An attack is an action that comprises the information or network security.
There are two types of security attacks:
- Passive Attack
- Active Attack
Passive Attack: Security Attack
Passive Attack: The attacker only monitors the traffic attacking the confidentiality of the data. It contains the release of message contents and traffic analysis (in case of encrypted data).
- Release of message contents
- The release of message contents is easily understood.
- A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information.
- We would like to prevent an opponent from learning the contents of these transmissions.
- Traffic analysis
- The second type of passive attack, traffic analysis.
- Suppose that we had a way of masking the contents of messages or other information.
- Even if they captured the message, could not extract the information from the message.
- The common technique for masking contents is encryption.
- If we had encryption protection in place, an opponent might still be able to observe the pattern of these messages.
- The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged.
- This information might be useful in guessing the nature of the communication that was taking
- Passive attacks are very difficult to detect because they do not involve any alteration of the data.
- Typically, the message traffic is sent and received in an apparently normal fashion and the sender nor receiver is aware that a third party has read the messages or observed the traffic pattern.
Active attack [ Security Attacks ]
Active attack: Attacker tries to alter transmitted data. It includes the masquerade, modification, replay, and denial of service(DOS).
- A masquerade takes place when one entity pretends to be a different entity (Figure a). A masquerade attack usually includes one of the other forms of active attack.
- Moreover, Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
Modification of messages
- Modification of messages simply means that some portion of a legitimate message altered, or that messages delayed or reordered, to produce an unauthorized effect (Figure c).
- For example, a message meaning “Allow John Smith to read confidential file accounts” is modified to mean “Allow Fred Brown to read confidential file accounts.”
Denial of service: Security Attack
- The denial of service prevents or inhibits the normal use or management of communications.
- Moreover, This security attack may have a specific target; for example, an entity may suppress all messages directed to a particular destination (e.g., the security audit service).
- Moreover, Another form of service denial is the disruption of an entire network, either by disabling the network or by overloading it with messages so as to degrade performance.
- A security service is a processing or communicating service that can prevent or detect the above-mentioned security attacks. Various security services are:
- Authentication: the recipient should be able to identify the sender, and verify that the sender, who claims to be the sender, actually did send the message.
- Data Confidentiality: An attacker should not able to read the transmitted data or extract data in case of encrypted data. In short, confidentiality the protection of transmitted data from passive
- Data Integrity: Make sure that the message received exactly the message the sender sent.
- Nonrepudiation: Moreover, The sender should not be able to deny sending the message. Similarly, The receiver should not be able to deny receiving the message.