Types of Cyber Attacks: DoS, Spoofing, Social Engineering, and Encrypted Data, Slides of Cryptography and System Security

An in-depth analysis of various cyber attacks, including denial-of-service (dos) attacks (syn flood, smurf, and ip fragmentation attacks), spoofing attacks (ip address, arp, web, and dns spoofing), social engineering attacks (dumpster diving and online attacks), and attacks against encrypted data (weak keys, mathematical attacks, birthday attack, password guessing, brute force, and dictionary attacks). The document also covers countermeasures for each type of attack.

Typology: Slides

2011/2012

Uploaded on 07/17/2012

pameela
pameela 🇮🇳

4.8

(5)

94 documents

1 / 66

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Attacks and Malicious Code
Chapter 3
docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42

Partial preview of the text

Download Types of Cyber Attacks: DoS, Spoofing, Social Engineering, and Encrypted Data and more Slides Cryptography and System Security in PDF only on Docsity!

Attacks and Malicious Code

Chapter 3

Learning Objectives

 Explain denial-of-service (DoS) attacks  Explain and discuss ping-of-death attacks  Identify major components used in a DDoSattack and how they are installed  Understand major types of spoofing attacks  Discuss man-in-the-middle attacks, replayattacks, and TCP session hijacking continued…

Denial-of-Service Attacks

 Any malicious act that causes a system tobe unusable by its real user(s)  Take numerous forms  Are very common  Can be very costly  Major types  SYN flood  Smurf attack

SYN Flood

 Exploits the TCP three-way handshake  Inhibits server’s ability to accept new TCPconnections

IP Fragmentation Attacks:

Ping of Death

 Uses IP packet fragmentation techniques tocrash remote systems

Distributed Denial-of-Service Attacks

 Use hundreds of hosts on the Internet to attackthe victim by flooding its link to the Internet ordepriving it of resources  Used by hackers to target government andbusiness Internet sites  Automated tools; can be executed by scriptkiddies  Result in temporary loss of access to a given siteand associated loss in revenue and prestige

DDoS Countermeasures

 Security patches from software vendors  Antivirus software  Firewalls  Ingress (inbound) and egress (outbound)filtering

Ingress and Egress Filtering

Preventing the Network from

Inadvertently Attacking Others

 Block at the firewall any packet that uses aprotocol or port that is not used for Internetcommunications on the network  Block packets with a source addressoriginating inside your network fromentering your network

Ingress Filtering of Packets

with RFC 1918 Addresses