Security Threats/Attacks

BY ::
Prof Yogesh Doulatramani VIT College

Security Attacks

Information source

Information destination

Normal Flow

Security Attacks

Information source

Information destination

Interruption Attack on availability

(ability to use desired information or resources) 3

Security Attacks

Information source

Information destination

Interception Attack on confidentiality

(concealment of information) 4

Security Attacks

Information source

Information destination

Fabrication Attack on authenticity

(identification and assurance of origin of information) 5

Security Attacks

Information source

Information destination

Modification Attack on integrity

(prevention of unauthorized changes) Network Security 6

Threats and Attacks

Threat - a potential for violation of security or a possible danger that might exploit a vulnerability Attack - an assault on system securityan intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system.
7

Security Threats/Attacks

Security Attacks
Interruption: This is an attack on availability
Disrupting traffic Physically breaking communication line

Interception: This is an attack on confidentiality

Overhearing, eavesdropping over a communication line

Security Attacks (continued)

Modification: This is an attack on integrity
Fabrication: This is an attack on authenticity
Corrupting transmitted data or tampering with it before it reaches its destination

Faking data as if it were created by a legitimate and authentic party

10

Examples of Threats
Snooping intercepting information (passive wiretapping) Modification or alteration of information by active wiretapping Masquerading or spoofing Repudiation of origin Delay or denial of service
11

Safeguards and Vulnerabilities

A Safeguard is a countermeasure to protect against a threat
A weakness in a safeguard is called a vulnerability

12

Passive and Active Attacks

Security attacks are usually classified as passive or active: Passive- attempts to learn or make use of information from the system, but does not affect system resources. Active- attempts to alter system resources or affect their operation.
13

Passive and active attacks

Passive attacks- goal to obtain information
No modification of content or fabrication Eavesdropping to learn contents or other information (transfer patterns, traffic flows etc.)
Release of message contents Traffic analysis

Active attacks- modification of content and/or

participation in communication to
Impersonate legitimate parties (Masquerade) Replay or retransmit Modify the content in transit Launch denial of service attacks
14

Summary of Passive and Active Threats

15

Passive Attacks

16

Passive Attacks

17

Active Attacks

18

Active Attacks

19

Passive Threats
Release of a message contents: Contents of a message are read. > A message may be carrying sensitive or confidential data. Traffic analysis: An intruder makes inferences by observing message patterns. > Can be done even if messages are encrypted. > Inferences: location and identity of hosts.

20

Active Threats
Masquerade: An entity pretends to be some other entity. Example: An entity captures an authentication sequence and replays it later to impersonate the original entity. Replay: Involves capture of a data unit and its retransmission to produce an unauthorized effect.
21

Active Threats
Modification of messages: A portion of a legitimate message has been altered to produce an undesirable effect. Denial of service: Inhibits normal use of computer and communications resources. > Flooding of computer network. >Swamping of CPU or a server.

22