SlideShare a Scribd company logo

Access control attacks by nor liyana binti azman

Download as PPTX, PDF
Hafiza Abas
Hafiza Abas

Access control attacks

Education
1 of 9
Nor Liyana Binti Azman 14th Mac 2014
Access Control Attacks Example  Backdoor  method of bypassing normal authentication, securing illegal remote access to computer, while attempting to remain undetected. sometimes programmer install a back door so that the program can be accessed for troubleshooting or other purposes Backdoor is security risk, because there is another cracker try to find any vulnerability to exploit. Example: Nimda gains through backdoor left by Code Red. http://www.youtube.com/watch?v=7ZwGvFu9WhY
 Spoofing Attacks attacker pretends to be someone else in order gain access to restricted resources or steal information. type of attack can take a variety of different forms; for instance, an attacker can impersonate the Internet Protocol (IP) address of a legitimate user in order to get into their accounts. http://www.youtube.com/watch?v=z8ySsaRMcI8 Access Control Attacks Example
Spoofing Attacks
 Man-In-The-Middle the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection. It is an attack on mutual authentication http://www.youtube.com/watch?v=N86xJpna9Js Access Control Attacks Example
Man-In-The-Middle
 Replay A form of network attack which a valid data transmission is maliciously repeated or delayed Example: messages from an authorized user who is logging into a network may be captured by an attacker and resent (replayed) the next day  Video: http://www.youtube.com/watch?v=kBCr-vYdgNo Access Control Attacks Example
 TCP hijacking  a method of taking over a Web user session by surreptitiously obtaining the session ID and masquerading as the authorized user. Session hijacking takes advantage of that practice by intruding in real time, during a session. Video: http://www.youtube.com/watch?v=s_XD8heYNrc Access Control Attacks Example
THANKS A LOT

Recommended

An introduction to Digital Security - Rishabh Dangwal
An introduction to Digital Security - Rishabh DangwalAn introduction to Digital Security - Rishabh Dangwal
An introduction to Digital Security - Rishabh Dangwal
Rishabh Dangwal
 
16 tips to thwart mobile security threats
16 tips to thwart mobile security threats16 tips to thwart mobile security threats
16 tips to thwart mobile security threats
John Gibson
 
ip spoofing by Ipshita Nandy
ip spoofing by Ipshita Nandy ip spoofing by Ipshita Nandy
ip spoofing by Ipshita Nandy
IpshitaNandy
 
Mitm - Man in the Middle Attack & its Security
Mitm - Man in the Middle Attack & its SecurityMitm - Man in the Middle Attack & its Security
Mitm - Man in the Middle Attack & its Security
Deepanshu Kapoor
 
Digital security for journalists laurent eschenauer
Digital security for journalists laurent eschenauerDigital security for journalists laurent eschenauer
Digital security for journalists laurent eschenauer
Nelly Luna
 
Tutorial in DEBS 2008 - Event Processing Patterns
Tutorial in DEBS 2008 - Event Processing PatternsTutorial in DEBS 2008 - Event Processing Patterns
Tutorial in DEBS 2008 - Event Processing Patterns
Opher Etzion
 
Session hijacking
Session hijackingSession hijacking
Session hijacking
Vishal Punjabi
 
Reactconf 2014 - Event Stream Processing
Reactconf 2014 - Event Stream ProcessingReactconf 2014 - Event Stream Processing
Reactconf 2014 - Event Stream Processing
Andy Piper
 

Recommended

An introduction to Digital Security - Rishabh Dangwal
An introduction to Digital Security - Rishabh DangwalAn introduction to Digital Security - Rishabh Dangwal
An introduction to Digital Security - Rishabh Dangwal
Rishabh Dangwal
 
16 tips to thwart mobile security threats
16 tips to thwart mobile security threats16 tips to thwart mobile security threats
16 tips to thwart mobile security threats
John Gibson
 
ip spoofing by Ipshita Nandy
ip spoofing by Ipshita Nandy ip spoofing by Ipshita Nandy
ip spoofing by Ipshita Nandy
IpshitaNandy
 
Mitm - Man in the Middle Attack & its Security
Mitm - Man in the Middle Attack & its SecurityMitm - Man in the Middle Attack & its Security
Mitm - Man in the Middle Attack & its Security
Deepanshu Kapoor
 
Digital security for journalists laurent eschenauer
Digital security for journalists laurent eschenauerDigital security for journalists laurent eschenauer
Digital security for journalists laurent eschenauer
Nelly Luna
 
Tutorial in DEBS 2008 - Event Processing Patterns
Tutorial in DEBS 2008 - Event Processing PatternsTutorial in DEBS 2008 - Event Processing Patterns
Tutorial in DEBS 2008 - Event Processing Patterns
Opher Etzion
 
Session hijacking
Session hijackingSession hijacking
Session hijacking
Vishal Punjabi
 
Reactconf 2014 - Event Stream Processing
Reactconf 2014 - Event Stream ProcessingReactconf 2014 - Event Stream Processing
Reactconf 2014 - Event Stream Processing
Andy Piper
 
Comparative Analysis of Personal Firewalls
Comparative Analysis of Personal FirewallsComparative Analysis of Personal Firewalls
Comparative Analysis of Personal Firewalls
Andrej Šimko
 
Debs 2011 tutorial on non functional properties of event processing
Debs 2011 tutorial on non functional properties of event processingDebs 2011 tutorial on non functional properties of event processing
Debs 2011 tutorial on non functional properties of event processing
Opher Etzion
 
Installing Complex Event Processing On Linux
Installing Complex Event Processing On LinuxInstalling Complex Event Processing On Linux
Installing Complex Event Processing On Linux
Osama Mustafa
 
Ceh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networksCeh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networks
Asep Sopyan
 
CyberLab CCEH Session - 3 Scanning Networks
CyberLab CCEH Session - 3 Scanning NetworksCyberLab CCEH Session - 3 Scanning Networks
CyberLab CCEH Session - 3 Scanning Networks
CyberLab
 
Complex Event Processing with Esper and WSO2 ESB
Complex Event Processing with Esper and WSO2 ESBComplex Event Processing with Esper and WSO2 ESB
Complex Event Processing with Esper and WSO2 ESB
Prabath Siriwardena
 
Chapter 12
Chapter 12Chapter 12
Chapter 12
cclay3
 
Nmap scripting engine
Nmap scripting engineNmap scripting engine
Nmap scripting engine
n|u - The Open Security Community
 
Debs2009 Event Processing Languages Tutorial
Debs2009 Event Processing Languages TutorialDebs2009 Event Processing Languages Tutorial
Debs2009 Event Processing Languages Tutorial
Opher Etzion
 
Why Data Virtualization Is Good For Big Data Analytics?
Why Data Virtualization Is Good For Big Data Analytics?Why Data Virtualization Is Good For Big Data Analytics?
Why Data Virtualization Is Good For Big Data Analytics?
Tyrone Systems
 
Tutoriel esper
Tutoriel esperTutoriel esper
Tutoriel esper
Laboratoire d'Informatique de Grenoble
 
Analizadores de Protocolos
Analizadores de ProtocolosAnalizadores de Protocolos
Analizadores de Protocolos
Milton Muñoz
 
Scanning with nmap
Scanning with nmapScanning with nmap
Scanning with nmap
commiebstrd
 
Module 3 Scanning
Module 3 ScanningModule 3 Scanning
Module 3 Scanning
leminhvuong
 
Port Scanning Overview
Port Scanning OverviewPort Scanning Overview
Port Scanning Overview
Publicly traded global multi-billion services company
 
Optimizing Your SOA with Event Processing
Optimizing Your SOA with Event ProcessingOptimizing Your SOA with Event Processing
Optimizing Your SOA with Event Processing
Tim Bass
 
Building Real-time CEP Application with Open Source Projects
Building Real-time CEP Application with Open Source Projects Building Real-time CEP Application with Open Source Projects
Building Real-time CEP Application with Open Source Projects
Ted Won
 
Semantic Complex Event Processing with Reaction RuleML 1.0 and Prova 3.0
Semantic Complex Event Processing with Reaction RuleML 1.0 and Prova 3.0Semantic Complex Event Processing with Reaction RuleML 1.0 and Prova 3.0
Semantic Complex Event Processing with Reaction RuleML 1.0 and Prova 3.0
Adrian Paschke
 
NoSQL for Data Services, Data Virtualization & Big Data
NoSQL for Data Services, Data Virtualization & Big DataNoSQL for Data Services, Data Virtualization & Big Data
NoSQL for Data Services, Data Virtualization & Big Data
Guido Schmutz
 
Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Cisco
guestd05b31
 
Internet thchnology
Internet thchnologyInternet thchnology
Internet thchnology
Rajdeep Sahoo
 
Cyber security
Cyber securityCyber security
Cyber security
yagyabuttan1
 

More Related Content

Viewers also liked

Chapter 12
Chapter 12Chapter 12
Chapter 12
cclay3
 
Module 3 Scanning
Module 3 ScanningModule 3 Scanning
Module 3 Scanning
leminhvuong
 
NoSQL for Data Services, Data Virtualization & Big Data
NoSQL for Data Services, Data Virtualization & Big DataNoSQL for Data Services, Data Virtualization & Big Data
NoSQL for Data Services, Data Virtualization & Big Data
Guido Schmutz
 

Viewers also liked (20)

Comparative Analysis of Personal Firewalls
Comparative Analysis of Personal FirewallsComparative Analysis of Personal Firewalls
Comparative Analysis of Personal Firewalls
 
Debs 2011 tutorial on non functional properties of event processing
Debs 2011 tutorial on non functional properties of event processingDebs 2011 tutorial on non functional properties of event processing
Debs 2011 tutorial on non functional properties of event processing
 
Installing Complex Event Processing On Linux
Installing Complex Event Processing On LinuxInstalling Complex Event Processing On Linux
Installing Complex Event Processing On Linux
 
Ceh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networksCeh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networks
 
CyberLab CCEH Session - 3 Scanning Networks
CyberLab CCEH Session - 3 Scanning NetworksCyberLab CCEH Session - 3 Scanning Networks
CyberLab CCEH Session - 3 Scanning Networks
 
Complex Event Processing with Esper and WSO2 ESB
Complex Event Processing with Esper and WSO2 ESBComplex Event Processing with Esper and WSO2 ESB
Complex Event Processing with Esper and WSO2 ESB
 
Chapter 12
Chapter 12Chapter 12
Chapter 12
 
Nmap scripting engine
Nmap scripting engineNmap scripting engine
Nmap scripting engine
 
Debs2009 Event Processing Languages Tutorial
Debs2009 Event Processing Languages TutorialDebs2009 Event Processing Languages Tutorial
Debs2009 Event Processing Languages Tutorial
 
Why Data Virtualization Is Good For Big Data Analytics?
Why Data Virtualization Is Good For Big Data Analytics?Why Data Virtualization Is Good For Big Data Analytics?
Why Data Virtualization Is Good For Big Data Analytics?
 
Tutoriel esper
Tutoriel esperTutoriel esper
Tutoriel esper
 
Analizadores de Protocolos
Analizadores de ProtocolosAnalizadores de Protocolos
Analizadores de Protocolos
 
Scanning with nmap
Scanning with nmapScanning with nmap
Scanning with nmap
 
Module 3 Scanning
Module 3 ScanningModule 3 Scanning
Module 3 Scanning
 
Port Scanning Overview
Port Scanning OverviewPort Scanning Overview
Port Scanning Overview
 
Optimizing Your SOA with Event Processing
Optimizing Your SOA with Event ProcessingOptimizing Your SOA with Event Processing
Optimizing Your SOA with Event Processing
 
Building Real-time CEP Application with Open Source Projects
Building Real-time CEP Application with Open Source Projects Building Real-time CEP Application with Open Source Projects
Building Real-time CEP Application with Open Source Projects
 
Semantic Complex Event Processing with Reaction RuleML 1.0 and Prova 3.0
Semantic Complex Event Processing with Reaction RuleML 1.0 and Prova 3.0Semantic Complex Event Processing with Reaction RuleML 1.0 and Prova 3.0
Semantic Complex Event Processing with Reaction RuleML 1.0 and Prova 3.0
 
NoSQL for Data Services, Data Virtualization & Big Data
NoSQL for Data Services, Data Virtualization & Big DataNoSQL for Data Services, Data Virtualization & Big Data
NoSQL for Data Services, Data Virtualization & Big Data
 
Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Cisco
 

Similar to Access control attacks by nor liyana binti azman

1 ijaems sept-2015-3-different attacks in the network a review
1 ijaems sept-2015-3-different attacks in the network a review1 ijaems sept-2015-3-different attacks in the network a review
1 ijaems sept-2015-3-different attacks in the network a review
INFOGAIN PUBLICATION
 

Similar to Access control attacks by nor liyana binti azman (20)

Internet thchnology
Internet thchnologyInternet thchnology
Internet thchnology
 
Cyber security
Cyber securityCyber security
Cyber security
 
1 ijaems sept-2015-3-different attacks in the network a review
1 ijaems sept-2015-3-different attacks in the network a review1 ijaems sept-2015-3-different attacks in the network a review
1 ijaems sept-2015-3-different attacks in the network a review
 
WPU ICC Template-2 ... Topic. 2.1.4 Methods Infiltration.pptx
WPU ICC Template-2 ... Topic. 2.1.4 Methods Infiltration.pptxWPU ICC Template-2 ... Topic. 2.1.4 Methods Infiltration.pptx
WPU ICC Template-2 ... Topic. 2.1.4 Methods Infiltration.pptx
 
Health information security 3 vulnerability threat and risk
Health information security 3 vulnerability threat and riskHealth information security 3 vulnerability threat and risk
Health information security 3 vulnerability threat and risk
 
Frontier Secure: Handout for small business leaders on "How to be Secure"
Frontier Secure: Handout for small business leaders on "How to be Secure" Frontier Secure: Handout for small business leaders on "How to be Secure"
Frontier Secure: Handout for small business leaders on "How to be Secure"
 
Network security chapter 1,2
Network security chapter 1,2Network security chapter 1,2
Network security chapter 1,2
 
social engineering attacks.docx
social engineering attacks.docxsocial engineering attacks.docx
social engineering attacks.docx
 
Cyber security
Cyber security Cyber security
Cyber security
 
laudon-traver_ec10_ppt_ch05.ppt
laudon-traver_ec10_ppt_ch05.pptlaudon-traver_ec10_ppt_ch05.ppt
laudon-traver_ec10_ppt_ch05.ppt
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Cyber Security - All Over World
Cyber Security - All Over WorldCyber Security - All Over World
Cyber Security - All Over World
 
Impacts of spoofing- why it’s a serious cybersecurity concern
Impacts of spoofing- why it’s a serious cybersecurity concernImpacts of spoofing- why it’s a serious cybersecurity concern
Impacts of spoofing- why it’s a serious cybersecurity concern
 
Cloning Attack.pdf
Cloning Attack.pdfCloning Attack.pdf
Cloning Attack.pdf
 
Man in the middle attack .pptx
Man in the middle attack .pptxMan in the middle attack .pptx
Man in the middle attack .pptx
 
Computer security
Computer securityComputer security
Computer security
 
Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz)
 
Security threats ecom
Security threats ecomSecurity threats ecom
Security threats ecom
 
ESC Information Booklet EN
ESC Information Booklet ENESC Information Booklet EN
ESC Information Booklet EN
 
Different Types Of Cyber Security Threats
Different Types Of Cyber Security ThreatsDifferent Types Of Cyber Security Threats
Different Types Of Cyber Security Threats
 

More from Hafiza Abas

animated semut dengan menggunakan path animation.
animated semut dengan menggunakan path animation.animated semut dengan menggunakan path animation.
animated semut dengan menggunakan path animation.
Hafiza Abas
 
Assessment vs. evaluation
Assessment vs. evaluationAssessment vs. evaluation
Assessment vs. evaluation
Hafiza Abas
 
Business Continuity Plan (Introduction)
Business Continuity Plan (Introduction)Business Continuity Plan (Introduction)
Business Continuity Plan (Introduction)
Hafiza Abas
 

More from Hafiza Abas (20)

animated semut dengan menggunakan path animation.
animated semut dengan menggunakan path animation.animated semut dengan menggunakan path animation.
animated semut dengan menggunakan path animation.
 
Teknologi ePembelajaran
Teknologi ePembelajaran Teknologi ePembelajaran
Teknologi ePembelajaran
 
Access Controls Attacks
Access Controls AttacksAccess Controls Attacks
Access Controls Attacks
 
Task 6 access_control_attacks_hong_kim_sheng_2
Task 6 access_control_attacks_hong_kim_sheng_2Task 6 access_control_attacks_hong_kim_sheng_2
Task 6 access_control_attacks_hong_kim_sheng_2
 
Example of access control
Example of access controlExample of access control
Example of access control
 
SPSS LEVEL 2
SPSS LEVEL 2SPSS LEVEL 2
SPSS LEVEL 2
 
Islamic studies for disabled: teaching Salat for Autism Using Apps
Islamic studies for disabled: teaching Salat for Autism Using AppsIslamic studies for disabled: teaching Salat for Autism Using Apps
Islamic studies for disabled: teaching Salat for Autism Using Apps
 
Quantitative search and_qualitative_research by mubarak
Quantitative search and_qualitative_research by mubarakQuantitative search and_qualitative_research by mubarak
Quantitative search and_qualitative_research by mubarak
 
Chap 15 Method
Chap 15 MethodChap 15 Method
Chap 15 Method
 
Chap 6 Avoiding Ambiguity
Chap 6 Avoiding Ambiguity Chap 6 Avoiding Ambiguity
Chap 6 Avoiding Ambiguity
 
Chapter 14 Review of the Literature
Chapter 14 Review of the Literature Chapter 14 Review of the Literature
Chapter 14 Review of the Literature
 
Chapter 5 Be Concise
Chapter 5 Be ConciseChapter 5 Be Concise
Chapter 5 Be Concise
 
Chapter 13 Introduction in research paper
Chapter 13 Introduction in research paperChapter 13 Introduction in research paper
Chapter 13 Introduction in research paper
 
Chapter 4 Structuring Paragraph and Sentences
Chapter 4 Structuring Paragraph and SentencesChapter 4 Structuring Paragraph and Sentences
Chapter 4 Structuring Paragraph and Sentences
 
Chapter 12: Abstract ( english for writing research papers)
Chapter 12: Abstract ( english for writing research papers)Chapter 12: Abstract ( english for writing research papers)
Chapter 12: Abstract ( english for writing research papers)
 
Chapter 3 Breaking up long sentences (ENGLISH FOR WRITING RESEARCH PAPERS)
Chapter 3 Breaking up long sentences (ENGLISH FOR WRITING RESEARCH PAPERS)Chapter 3 Breaking up long sentences (ENGLISH FOR WRITING RESEARCH PAPERS)
Chapter 3 Breaking up long sentences (ENGLISH FOR WRITING RESEARCH PAPERS)
 
English for writing research papers (chap 2 and 11)
English for writing research papers (chap 2 and 11)English for writing research papers (chap 2 and 11)
English for writing research papers (chap 2 and 11)
 
Assessment vs. evaluation
Assessment vs. evaluationAssessment vs. evaluation
Assessment vs. evaluation
 
Rubric
RubricRubric
Rubric
 
Business Continuity Plan (Introduction)
Business Continuity Plan (Introduction)Business Continuity Plan (Introduction)
Business Continuity Plan (Introduction)
 

Recently uploaded

The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 

Recently uploaded (20)

Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptx
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
Basic Intentional Injuries Health Education
Basic Intentional Injuries Health EducationBasic Intentional Injuries Health Education
Basic Intentional Injuries Health Education
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
 
21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxOn_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 

Access control attacks by nor liyana binti azman

  • 1. Nor Liyana Binti Azman 14th Mac 2014
  • 2. Access Control Attacks Example  Backdoor  method of bypassing normal authentication, securing illegal remote access to computer, while attempting to remain undetected. sometimes programmer install a back door so that the program can be accessed for troubleshooting or other purposes Backdoor is security risk, because there is another cracker try to find any vulnerability to exploit. Example: Nimda gains through backdoor left by Code Red. http://www.youtube.com/watch?v=7ZwGvFu9WhY
  • 3.  Spoofing Attacks attacker pretends to be someone else in order gain access to restricted resources or steal information. type of attack can take a variety of different forms; for instance, an attacker can impersonate the Internet Protocol (IP) address of a legitimate user in order to get into their accounts. http://www.youtube.com/watch?v=z8ySsaRMcI8 Access Control Attacks Example
  • 5.  Man-In-The-Middle the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection. It is an attack on mutual authentication http://www.youtube.com/watch?v=N86xJpna9Js Access Control Attacks Example
  • 7.  Replay A form of network attack which a valid data transmission is maliciously repeated or delayed Example: messages from an authorized user who is logging into a network may be captured by an attacker and resent (replayed) the next day  Video: http://www.youtube.com/watch?v=kBCr-vYdgNo Access Control Attacks Example
  • 8.  TCP hijacking  a method of taking over a Web user session by surreptitiously obtaining the session ID and masquerading as the authorized user. Session hijacking takes advantage of that practice by intruding in real time, during a session. Video: http://www.youtube.com/watch?v=s_XD8heYNrc Access Control Attacks Example