SHARE
SPREAD
HELP

The Tradition of Sharing

Help your friends and juniors by posting answers to the questions that you know. Also post questions that are not available.

To start with, Sr2Jr’s first step is to reduce the expenses related to education. To achieve this goal Sr2Jr organized the textbook’s question and answers. Sr2Jr is community based and need your support to fill the question and answers. The question and answers posted will be available free of cost to all.

Sharing the knowledge gained, is a generous way to change our world for the better. -Sr2Jr

 

#
Authors:
William Stallings
Chapter:
Computer And Network Security Concepts
Exercise:
Review Questions
Question:3 | ISBN:9781292158587 | Edition: 7

Question

List and briefly define categories of passive and active security attacks.

TextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbook

Answer

 

Passive Attack:

          Disclose of Message contents

          Analyzing Data Traffic

Active Attack:

          Masquerade

          Replay

          Modification of message:

          The denial of service. 

 

1. Passive attack:  passive attack is nothing but someone secretly listening or monitoring the information communication between two parties.

                There are two categories in passive attacks:

            a. Disclose of Message contents

                 This is a kind of data that is not encrypted. Someone can easily understand your information. the data such as phone conversations, emails, messages which might contain sensitive information. Falling in the wrong hands, the wrong usage would impact individual reputation. 

             b. Analyzing data traffic

                 Here data is encrypted, the intruder wouldn’t be able to understand the message but he can still observe or analyze the pattern of data being transferred, or location of origin of the message, or host identity these variables can be useful to guess the nature of the information.  

 

2. Active Attack: The active attack involves modifying the original data and/or creating false data to manipulate the course of things.

                 There are four types of Active attacks:

            a) Masquerade

                   This is a kind of attack by stealing someone’s legitimate identity and using that information to attain their goals.

                   Ex: stealing someone’s bank credentials and using them to access his bank account would come under the Masquerade attack.

             b) Replay

                  In this attack, the fraud person intercepts the communication and maliciously delay or resend the information to misdirect the receiving device.

             c) Modification of message:

                  As the name itself suggests, This type of attack involves the portion of the information that is altered, delayed, or reproduced by the malicious person to bring forth adverse effects.

              d) The denial of service. 

                 This kind of attack involves denying the services or access of information to the authorize person by disrupting the normal working communication facilities or overloading the network to degrade its performance.

1 0

Discussions

Post the discussion to improve the above solution.