Scribd Logo
Upload

Welcome to Scribd!

  • Attacks Ch2

    Uploaded by

    wahid_moi
    22 views26 pages
    security 2

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    security 2

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    22 views26 pages

    Attacks Ch2

    Uploaded by

    wahid_moi
    security 2

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 26

    Chapter 2

    Types of Attacks

    Attacks in General
    Bad things can happen to an organization in a number of ways. Bad things can be split into 2 groups.
    Malicious or Accidental

    Either way they are called attacks. There are 4 primary categories of attacks.
    2

    Categories of Attacks
    There are four primary categories of attacks:
    Access Modification Denial of Service Repudiation

    Definition of Access Attacks


    An Access Attack is an attempt to gain information that the intruder is not authorized to see. This attack may occur on stationary data or data in transit. These types of attacks are attacks against the confidentiality of the information.
    4

    Access Attack: SNOOPING


    Snooping is looking through information files in the hope of finding something that is of value. If on paper, the intruder will open draws to do the snooping. If on a computer system, the intruder will open files to do the same type of snooping.

    Access Attack: Eavesdropping


    Eavesdropping is the act of listening to a conversation that is not their right to be part of. Wireless networks are especially prone to eavesdropping. Wireless networks bring with them many security issues.

    Access Attack: Interception


    Unlike eavesdropping, interception is an attack against the information. Intruders insert themselves in the path of information. Once the information is captured and examined, the attacker may decide to allow the information to continue or not.
    7

    How are Attacks Accomplished


    Access attacks take different forms depending on whether the information is stored on paper or electronically in a computer system. Paper records Filing cabinets, desks, drawers, printers, faxes, etc. Electronic Records Servers, PCs, CD-ROMS, backup tapes, disks, etc

    Types of Theft
    Access can be achieved by physically stealing the storage media. What is a Sniffer? A sniffer is a computer that is configured to capture all traffic on the network. A sniffer is used to capture user IDs, Passwords and other access controls.
    9

    Interception Challenge
    Information access using interception is very difficult. On the internet, this could be done by causing a name resolution change. This is achieved by causing a computer to resolve to an incorrect address. The traffic sent to the attackers system instead of the real destination. BANKING INSTITUTION ATTACKS
    10

    How is Interception Done?


    Interception can be accomplished by an attacker taking over a session already in progress. This type of attack is best performed against interactive traffic such as telnet. The attacker allows the legitimate user to begin the session with the server and then uses specialized software to take over the session.

    11

    Modification Attacks
    A modification attack is an attempt to modify information that an attacker is not authorized to modify. Such an attack can occur wherever the information resides, stationary or in transit. This type of attack is an attack against the integrity of the information.

    12

    Modification: Changes
    This type of attack involves changing existing information. Ie:
    Changing an employees salary Changing an employees bank records

    The information is not removed, moved, just simply modified.


    13

    Modification: Insertion
    An insertion attack is the addition of information to existing information. This is especially effective when used on historical information that is yet to be acted upon. For instance, an attacker may add lines to bank records clearing accrued debt.
    14

    Modification: Deletion
    A deletion attack is the removal of existing information. An attacker may remove records of a bank transaction that indicate a due date for debt payment. It is a common practice for attackers to delete information in transit. How can we tell it is happening? CRC CHECKING
    15

    Modification Attacks in General


    It is more difficult to mount a modification attack on information in transit. Attackers normally execute an interception attack against the traffic. Then change the information before passing it on to the destination.

    16

    Definition of Denial of Service


    Denial of Service (DoS) are attacks that deny use of resources to legitimate users. DoS attacks generally do not allow the attacker to access or modify information on the computer system. DoS attacks are simple but may be crippling to certain organizations.

    17

    Denial of Access to Information


    A DoS attack against information causes that information to be unavailable, which causes denial of access to information. This situation is especially important when the location of information has been changed.

    18

    Denial of Access to Applications


    These DoS attacks target applications that manipulate or display information. For instance an attacker may choose to target Microsoft Outlook & as a result all electronic correspondence is interupted.

    19

    Denial of Access to Systems


    A common attack is to bring down a computer system. This type of DoS results in the halting of all processes in an organization which relies on electronic transactions. What is an example of this type of Attack? SHUTDOWN
    20

    Denial of Access to Communications


    DoS attacks against communications are very common. Examples range from cutting a wire to jamming radio communications or flooding networks with excessive traffic. In these attacks, the target is the medium of communication and not the information.
    21

    Denial of Service in General


    DoS attacks are primarily attacks against computer systems and networks. This is not to say that no DoS attacks take place against information on paper: Intercepting a BANK van that carry trust documents.

    22

    Definition of Repudiation Attacks


    A repudiation attack is an attack against the accountability of information. Attackers attempt to give FALSE information or deny a real event or transaction from occurring.

    23

    Masquerading Attack
    This is an attempt to act like or impersonate someone else or some other system. This attack can occur in personal communications, in transactions or in system to system communications.

    24

    Denying an Event
    Denying an event is simply disavowing that the action was taken as it was logged. For instance, you receive a bill telling you that you made credit card purchase, when in fact you didnt.

    25

    How is Repudiation Attacks Done?


    an example of a Repudiation Attack? The from address of an email can be changed at will by the sender. NOTE: Denying an event in the electronic world is much easier than in the physical world. WHY? THERE ARE NO SIGNATURES
    26

    You might also like