NETWORK SECURITY THREATS
Network security threats fall into two categories.
1. Passive threats
a) Release of message contents
b) Traffic analysis
2. Active threats
a) Masquerade
b) Replay
c) Modification of message contents
d) Denial of service
· Passive threats, sometimes referred to as eavesdropping dropping involve attempts by an attacker to obtain information relating to communication.
a) Release of message contents
· A telephone conversation, an email message and a transferred file may contain sensitive or confidential information.
· We would like to prevent the opponent from leaning the content of these transmissions.
b) Traffic analysis
· It is a kind of attack done on encrypted messages.
· The opponent might be able to observe the pattern of such encrypted message.
· The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged.
· Active threats involve some information of the data stream or the creation of a false stream.
a) Masquerade
o It takes place when one entity pretends to be a different entity.
o A masquerade attack usually includes one of the other forms of active attack.
o For example, authentication sequence can be captured and replayed after a valid authentication sequence has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those privileges.
b) Replay
· It involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
c) Modification of message
· It means that some position of a message is altered, or that messages are delayed or recorded, to produce an unauthorized effect.
d) Denial of service ( DOS )
· A denial of service attack takes place when the availability to a resource is intentionally blocked or degraded by an attacker.
· In this way the normal use or management of communication facilities is inhibited.
· This attack may have a specific target. For example an entity may suppress all messages directed to a particular destination.
· Another form of service denial is the disruption of an entire network, either by disabling the network or by overloading it with messages so as to degrade performance.
No comments:
Post a Comment