WE-it Tutorials: Understanding Passive and Active Attacks in System and Network Security, Thesis of Computer Systems Networking and Telecommunications

An overview of passive and active attacks in the context of system and network security. Passive attacks involve monitoring data without modification, while active attacks modify original messages. Learn about subcategories of passive attacks, active attack types, and security services to counteract these threats.

Typology: Thesis

2017/2018

Uploaded on 02/05/2018

pranali-patil
pranali-patil 🇮🇳

1 document

1 / 14

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
System and Network Security
1WE-it tutorials
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe

Partial preview of the text

Download WE-it Tutorials: Understanding Passive and Active Attacks in System and Network Security and more Thesis Computer Systems Networking and Telecommunications in PDF only on Docsity!

System and Network Security

 Integrity

 Secrecy

 Passive Attacks are those wherein the attacker indulges in

monitoring the data which is in transit.

 The attacker does not attempt to modify the data.

 That’s why they are hard to detect. Only prevention can be

done rather than detection or corrective steps.

Passive Attacks do not involve any modification to the contents of an original message.

Again divided into 2 sub categories:-

1.) Release of message contents

2.) Traffic Analysis.

 The active attacks are based on the modification of the

original message in some particular manner or on creation

of a false message.

 These attacks cannot be prevented easily.

 However efforts can be taken to detect them and recover

from them.

In Active Attacks the contents of the original message are modified in some way.

These attacks can be in the form of :-

1.) Masquerade.

2.) Replay.

3.) Modification.

4.) Denial of Service

 Security Services are something that enhances the security of the data processing systems and the information transfers of an organization

 A mechanism that is designed to detect,

prevent, or recover from a security attack

 Encipherment
 mathematical algorithms
 Digital Signature
 recipient of the data unit to prove
 Access Control
 Data Integrity
 Authentication Exchange
 Traffic Padding
 frustrate traffic analysis attempts by bogus data
 Routing Control
 Notarization
 trusted third party
 Trusted Functionality
 Security Label
 Event Detection
 Security Audit Trial

 examination of system records and activities

 Security Recovery