Types of Cyber Security Attacks- Active & Passive Attak

What is a Security attack? Security attacks jeopardize the system's security. These are the unauthorized or illegal actions that are taken against the government, corporate, or private IT assets in order to destroy, modify, or steal the sensitive data. They are further classified into active and passive attacks, in which the attacker gets unlawful access to the system's resources.

Presentations are communication tools that can be used as demonstrations. Your Title Here Presentations are communication tools that can be used as demonstrations. Your Title Here Presentations are communication tools that can be used as demonstrations. Your Title Here Active attacks : In active attacks, the attacker intercepts the connection and efforts to modify the message's content. It is dangerous for integrity and availability of the message. Active attacks involve Masquerade, Modification of message, Repudiation, Replay, and Denial of service. The system resources can be changed due to active attacks. So, the damage done with active attacks can be harmful to the system and its resources.In active attacks, the victim gets notified about the attack. The implication of an active attack is typically difficult and requires more effort. Active attacks can be prevented by using some techniques. Passive Attack: In passive attacks, the attacker observes the messages, then copy and save them and can use it for malicious purposes. The attacker does not try to change the information or content he/she gathered. Although passive attacks do not harm the system, they can be a danger for the confidentiality of the message.Unlike active attacks, in passive attacks, victims do not get informed about the attack. It is difficult to detect as there is no alteration in the message. Passive attacks can be prevented by using some encryption techniques.

Project Project Project Project Types of Active Attacks Masquerade – Masquerade is a type of cybersecurity attack in which an attacker pretends to be someone else in order to gain access to systems or data. This can involve impersonating a legitimate user or system to trick other users or systems into providing sensitive information or granting access to restricted areas. There are several types of masquerade attacks, including: Username and password masquerade IP address masquerade Website masquerade Email masquerade Modification of messages – It means that some portion of a message is altered or that message is delayed or reordered to produce an unauthorized effect. Modification is an attack on the integrity of the original data. It basically means that unauthorized parties not only gain access to data but also spoof the data by triggering denial-of-service attacks, such as altering transmitted data packets or flooding the network with fake data. Manufacturing is an attack on authentication. For example, a message meaning “Allow JOHN to read confidential file X” is modified as “Allow Smith to read confidential file X”.

Repudiation – Repudiation attacks are a type of cybersecurity attack in which an attacker attempts to deny or repudiate actions that they have taken, such as making a transaction or sending a message. These attacks can be a serious problem because they can make it difficult to track down the source of the attack or determine who is responsible for a particular action. There are several types of repudiation attacks, including: Message repudiation attacks Transaction repudiation attacks Data repudiation attacks Replay – It involves the passive capture of a message and its subsequent transmission to produce an authorized effect. In this attack, the basic aim of the attacker is to save a copy of the data originally present on that particular network and later on use this data for personal uses. Once the data is corrupted or leaked it is insecure and unsafe for the users. Denial of Service – Denial of Service (DoS) is a type of cybersecurity attack that is designed to make a system or network unavailable to its intended users by overwhelming it with traffic or requests. In a DoS attack, an attacker floods a target system or network with traffic or requests in order to consume its resources, such as bandwidth, CPU cycles, or memory, and prevent legitimate users from accessing it. There are several types of DoS attacks, including: Flood attacks Amplification attacks

Types of Passive Attacks: Sniffing Packet sniffing involves capturing network traffic and analyzing it for sensitive data. Sniffing can be used to capture login credentials, credit card details, or other personal information that is transmitted over a network. Shoulder Surfing Shoulder surfing is a type of passive attack that involves an attacker observing a user's keystrokes or screen while they enter sensitive information. This type of attack can occur in public places such as coffee shops or airports. Traffic Analysis Traffic analysis involves analyzing patterns of data flow between two parties. This type of attack can allow an attacker to infer sensitive information, such as identity of parties involved or type of data being transmitted. Eavesdropping Eavesdropping : It is a common type of passive attack, where an attacker listens in on communication between two parties. This type of attack can be conducted through various methods, such as packet sniffing, and can allow attacker to gain sensitive information such as passwords, credit card details, and other personal information. Port Scanning : Port scanning is another type of passive attack where an attacker scans a system to determine which ports are open and what services are running on those ports. This information can be used by attacker to identify vulnerabilities in system and plan an attack accordingly.

THANK YOU