4141 lecture 1 security attacks what is security the

This preview shows page 10 - 15 out of 281 pages.

We have textbook solutions for you!
The document you are viewing contains questions related to this textbook.
Elementary and Intermediate Algebra
The document you are viewing contains questions related to this textbook.
Chapter 11 / Exercise 111
Elementary and Intermediate Algebra
Tussy/Gustafson
Expert Verified
4.1.4.1 Lecture -1 Security attacks: What is Security ? The quality or state of being secure to be free from threat. Computer Security -generic name for the collection of tools designed to protect data and to thwart hackers Network Security -measures to protect data during their transmission Internet Security -measures to protect data during their transmission over a collection of interconnected networks
We have textbook solutions for you!
The document you are viewing contains questions related to this textbook.
Elementary and Intermediate Algebra
The document you are viewing contains questions related to this textbook.
Chapter 11 / Exercise 111
Elementary and Intermediate Algebra
Tussy/Gustafson
Expert Verified
11 Security Attack: any action that compromises the security of information owned by an organization Generic types of attacks Passive attacks Active attacks Passive Attacks: A passive attack attempts to learn or make use of information from the system but does not affect system resources. A passive attack, in computing security, is an attack characterized by the attacker listening in on communication. Two types of passive attacks are The release of message contents Traffic analysis. Release of message contents : A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information Traffic analysis : By monitoring frequency and length of messages, even encrypted, nature of communication may be guessed. The common technique for masking contents is encryption.
12 Passive attacks are very difficult to detect, because they do not involve any alteration of the data. Active attack: An active attack attempts to alter system resources or affect their operation. Active attacks involve some modification of the data stream or the creation of a false stream. Active attacks can be subdivided into four categories: 1. masquerade, 2. replay, 3. modification of messages, and 4. Denial of service. 1. A masquerade takes place when one entity pretends to be a different entity (Figure: a). A masquerade attack usually includes one of the other forms of active attack. For example, authentication sequences can be captured and replayed after a valid authentication sequence has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has that privilege. 2. Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
13 3. Modification of messages simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect(Figure:c). For example, a message meaning “Allow John Smith to read confidential file accounts” is modified to mean “Allow Fred Brown to read confidential file accounts. 4. The Denial of Service prevents or inhibits the normal use or management of communications facilities (Figure d). This attack may have a specific target; Another form of service denial is the disruption of an entire network Depending upon these different types of passive and Active attacks an attacker may try to know the information which is being passes over client and server.
14 Teaching Methodologies: M1: Lecture interspersed with discussions M12: ICT tools (PPT)

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture