Types of Cyber Security Attacks- Active & Passive Attak

Active and Passive attacks
NAME - SOUMA MAITI
ROLL NO - 27500120016
SUBJECT- CYBER LAW AND ETHICS
SUBJECT CODE- OEC-CS801B
YEAR- 4TH SEM- 8TH

What is a Security attack?
Security attacks jeopardize the system's security. These are the unauthorized or
illegal actions that are taken against the government, corporate, or private IT
assets in order to destroy, modify, or steal the sensitive data. They are further
classified into active and passive attacks, in which the attacker gets unlawful
access to the system's resources.

Presentations are communication tools that can be
used as demonstrations.
YourTitleHere
YourTitleHere
YourTitleHere
Active attacks:
In active attacks, the attacker intercepts the connection and efforts
to modify the message's content. It is dangerous for integrity and
availability of the message. Active attacks involve Masquerade,
Modification of message, Repudiation, Replay, and Denial of service.
The system resources can be changed due to active attacks. So, the
damage done with active attacks can be harmful to the system and
its resources.In active attacks, the victim gets notified about the
attack. The implication of an active attack is typically difficult and
requires more effort. Active attacks can be prevented by using some
techniques.
Passive Attack:
In passive attacks, the attacker observes the messages, then copy
and save them and can use it for malicious purposes. The attacker
does not try to change the information or content he/she gathered.
Although passive attacks do not harm the system, they can be a
danger for the confidentiality of the message.Unlike active attacks,
in passive attacks, victims do not get informed about the attack. It is
difficult to detect as there is no alteration in the message. Passive
attacks can be prevented by using some encryption techniques.

Project
Project
Project
Project
Types of Active Attacks
 Masquerade –
Masquerade is a type of cybersecurity attack in which an attacker pretends to be someone
else in order to gain access to systems or data. This can involve impersonating a legitimate
user or system to trick other users or systems into providing sensitive information or
granting access to restricted areas.
There are several types of masquerade attacks, including:
 Username and password masquerade
 IP address masquerade
 Website masquerade
 Email masquerade
 Modification of messages –
It means that some portion of a message is altered or that message is delayed or reordered
to produce an unauthorized effect. Modification is an attack on the integrity of the original
data. It basically means that unauthorized parties not only gain access to data but also
spoof the data by triggering denial-of-service attacks, such as altering transmitted data
packets or flooding the network with fake data. Manufacturing is an attack on
authentication. For example, a message meaning “Allow JOHN to read confidential file X” is
modified as “Allow Smith to read confidential file X”.

 Repudiation –
Repudiation attacks are a type of cybersecurity attack in which an attacker attempts to deny or repudiate
actions that they have taken, such as making a transaction or sending a message. These attacks can be a
serious problem because they can make it difficult to track down the source of the attack or determine
who is responsible for a particular action.
There are several types of repudiation attacks, including:
 Message repudiation attacks
 Transaction repudiation attacks
 Data repudiation attacks
 Replay –
It involves the passive capture of a message and its subsequent transmission to produce an authorized
effect. In this attack, the basic aim of the attacker is to save a copy of the data originally present on that
particular network and later on use this data for personal uses. Once the data is corrupted or leaked it is
insecure and unsafe for the users.
 Denial of Service –
Denial of Service (DoS) is a type of cybersecurity attack that is designed to make a system or network
unavailable to its intended users by overwhelming it with traffic or requests. In a DoS attack, an attacker
floods a target system or network with traffic or requests in order to consume its resources, such as
bandwidth, CPU cycles, or memory, and prevent legitimate users from accessing it.
There are several types of DoS attacks, including:
 Flood attacks
 Amplification attacks

Types of Passive Attacks:
Sniffing
Packet sniffing involves capturing network traffic and analyzing it for sensitive data. Sniffing can be used to
capture login credentials, credit card details, or other personal information that is transmitted over a network.
Shoulder Surfing
Shoulder surfing is a type of passive attack that involves an attacker observing a user's keystrokes or screen
while they enter sensitive information. This type of attack can occur in public places such as coffee shops or
airports.
Traffic Analysis
Traffic analysis involves analyzing patterns of data flow between two parties. This type of attack can allow an
attacker to infer sensitive information, such as identity of parties involved or type of data being transmitted.
Eavesdropping Eavesdropping:
It is a common type of passive attack, where an attacker listens in on communication between two parties. This
type of attack can be conducted through various methods, such as packet sniffing, and can allow attacker to
gain sensitive information such as passwords, credit card details, and other personal information.
Port Scanning:
Port scanning is another type of passive attack where an attacker scans a system to determine which ports are
open and what services are running on those ports. This information can be used by attacker to identify
vulnerabilities in system and plan an attack accordingly.

Types of Cyber Security Attacks- Active & Passive Attak

More Related Content

What's hot

Similar to Types of Cyber Security Attacks- Active & Passive Attak

More from Souma Maiti

Recently uploaded

In this document

Types of Cyber Security Attacks- Active & Passive Attak