Any person or software that violates the security policy of the network system is called an attacker. Such a person or program intentionally attempts to gain an unauthorized access to information resources. Such an unauthorized activity uses specially moulded codes or techniques.
Two types of attacks are:
- Passive Attack
- Active Attack
Passive attack is one in which an attacker only monitors the transmission and accesses the data in an unauthorized manner. For example, user A sends a confidential message to user B and user C captures it or accesses it without the knowledge of A and B.
In passive attacks, the attacker only watches the transmission and does not try to modify data packets or don’t do any thing that user may realize that someone's watching him. But in case of an Active attack, the scenario is totally different. In this method, an attacker modifies the data stream or creates his own flash message along with watching of transmission.
Further it is divided into two types.
- Release of Message Contents
- Traffic Analysis
This attack involves reading of data messages along the messages and read them in an unauthorized way. In this case, sometimes, the attacker creates his new message and sends it to the destination instead of the original.
In such an attack, the actual path of the data changes and the message is sent from user C while it appears to be coming from user A to user B. Sometimes unauthorized user may appear to be an authorized one to the other users as shown below:
In such case, attacker manipulates everything according to his wish. In former case, the message is modified by the attacker. So such an active attack is called modification of messages. In the latter one the message appears to be coming from an authorized user while it is not so; this attacker is called Masquerade. Two more types of active attacks capture the data unit and subsequently retransmit it to the destination to produce an unauthorized effect as shown below
In reply the attacker captures the data unit and subsequently retransmits it to the destination to produce an unauthorized. The denial of service prevents the normal management/user of communication facilities. In such an attack, all messages directed to a particular destination may be suppressed, entire network may be disrupted or performance of network may be degraded due to disabling of network.
Normally passive attacks are difficult to detect. While active attacks are difficult to prevent.
I hope you like this post. For further doubts and clarifications please pass your comments.