top of page
Search

Types of Attacks

  • Writer: Tanha Patel
    Tanha Patel
  • Jun 18, 2019
  • 2 min read

Updated: Jun 20, 2019


Active attack:

It is attempt to change or modify data and may be alter the functioning of system. They results in damage in systems, data, or may be result in loss of data. It is more dangerous than passive attack as it alters the information.


As it alters the messages it causes harm to the system. It is type of integrity and availability threat. The victims are aware about the threat. This is done by capturing physical connection with the system. Its detection is easy whereas prevention is easy for passive attacks.


  • Modification: It can be done using two ways, one by replay attack and another is alteration. Replay attack involves sending the messages multiple time to either to same recipient or to different recipients. Alteration involves changing the message. It is done finding security gaps, by stolen login ID’s and passwords.

  • Fabrication: It is act of adding fake messages in the conversation by masquerading as real user although he is not. It doesn’t alters any information but it add-ons the fake data.

  • Denial of services: The intruder takes all the authorities and move the authorized person out. It is done by overwhelming the targeted victim with more traffic.

  • Masquerade: The intruder act as the authorized person of particular system where actually he is not. The receiver doesn’t knows that who has sent the message whether the intruder or the original person.


Passive attack:

It is attempt to make use of data and information. The intruder analyse the information whereas doesn’t makes damages or changes the system. It is more difficult to identify because in this the intruder just use the information. As it is difficult to detect it doesn’t mean that it’s hard to resolve.


In fact, it’s easy to resolve by encryption methods. It is type of confidentiality threat. The victim are unaware about the threat. This kind of attacks doesn’t need any type of physical control they just have to observe the traffic. It is of two types, one in which the whole message is revealed and in another some encryption is used so with the help of traffic analysis information is collected.


  • Tapping: Monitoring communications like emails or telephone calls. The intruder simple taps the call and collects the necessary information without altering the message conveyed.

  • Scanning: Device connected to internet for vulnerabilities such as open ports or weak operating systems. They scans the loopholes and vulnerabilities of the system in order to find the way to enter the system.

  • Traffic analysis: If the is using encryption in data transfer then the third person is unable to extract the data. But due to traffic analysis it can be able to predict the type of information passed.

  • Eavesdropping: To listen to the private conversation secretly or stealthily. It is unauthorized real-time interception in some private talks.

It can be briefly differentiated as:

Differentiate between Active and Passive Attacks

Thanks for reading...


 
 
 

Comments

bottom of page