SECURITY ATTACKS
With the advance in the technology and the
need of the hour, each and every thing is networked. Networking helps us
to communicate easily and also communicate faster. Communication
through a network needs to keep in mind the security of the data being
transferred.
Security is one of the major issue in the
present networked scenario. In the past, hackers were the highly skilled
programmers who understood the details of the computer communications
and how to exploit the vulnerabilities. But, in today's world, even a
10th grade student can hack just by simply downloading the tools through
the Internet. These complicated attack tools and generally open
networks have generated an increased need for security.
TYPES OF SECURITY ATTACKS
Security attacks can be classified as passive attack and active attack. Passive attack attempts to learn or make use of the information from the system but does not affect the system resources. An active attack attempts to alter system resources or affect their operation.
Passive Attacks
These are basically of the nature of eavesdropping on, or monitoring of transmissions. Taking a real world example. The police personnel communicate on their walkie talkies, whatever they communicate on the wireless can be heard by the third person, but cannot be altered by them. This is a passive attack as the message being transferred is not altered.
Two types of passive attacks are:
Release of message contents
A telephone conversation, an electronic mail message, and a transferred file may contain sensitive and confidential information. We would like to prevent an opponent from learning the contents of these transmissions.
Traffic Analysis
Here, basically the network traffic is monitored instead of the actual data. The actual messages are not attacked. The traffic being monitored enables the attacker to analyse the type of data that is being transferred.
The passive messages are very difficult to detect because it does not involve alteration of data. Only the message traffic is analysed, not the messages. This cannot be detected by the sender as well as the receiver. It is possible to prevent the success of these attacks by the means of encryption.Thus, more emphasis is given on prevention rather than detection.
Active Attacks
As the name suggests, there is some activity. In these attacks, some modification of the data stream takes place or the creation of false stream. So basically in this type of attack, the message is tampered.
Active attacks can be subdivided into four categories:
Masquerade
This attack takes place when one entity pretends to be a different entity. It is somewhat similar to putting a mask on our faces and pretending to be someone else. This was a real life example. Now, lets look at a technical example. Suppose a user A pretends to be user B to access extra privileges along with its own privileges. This is masquerading.
Replay
It is the passive capturing of a data unit and its subsequent retransmission to gain unauthorized access.
Modification of messages
As the name suggests, this is the actual modification of the message. It can be of several types. It can be either the alteration of a portion of the message or the delayed transmission of the data, etc.
Denial of Services(DoS)
It prevents or inhibits the normal use or management of communication facilities. This attack may have a specific target. An example may be that an entity may suppress all messages directed to a particular destination. Another example for service denial can be the disruption of an entire network, either by disabling the network or by overloading it with messages so as to degrade the performance.
Active attacks involve alteration of the data. Therefore, it is possible to detect the active attacks. It is quite difficult to prevent active attacks absolutely, because of the wide variety of potential physical, software and network vulnerabilities. Instead, the goal is to detect active attacks and to recover from any disruption or delays caused by them.