Professional Documents
Culture Documents
ITAP3431 NS Assign1 Solved
ITAP3431 NS Assign1 Solved
1. Explain the type of active attacks that takes place on the network.
Attempts to update the system without permission are considered an active attack. For
example, the transmission or storage of data may be altered, or new data streams can be
generated.
Message replay:An attacker may utilise the information he has taken to repeat an
operation that will benefit him, such as capturing and replaying a command to transfer
cash from one bank account into another that is under the control of the attacker. This
might be circumvented by verifying that a message is still current.
Message modification: There are several ways to edit a message, such altering a
packet header address to send it to a different location or altering the user data.
Confidentiality:
Protection against unauthorised access is a key component of confidentiality. The CIA
trio stresses the importance of protecting information. There must be safeguards in place
to guarantee that only those who have a legitimate need to know may access the data. As
an example, if a computer file is accessible only to those who are permitted to view it,
then the file is secure. In the CIA security triangle, confidentiality is linked to information
security since data protection requires tight control over who has access to what.
Integrity:
It is the purpose of the CIA's triangle of integrity to ensure that information is accurate
and consistent until permitted alterations are made. Errors in the system or illegal access
might cause information to be altered. CIA integrity is maintained when the information
is unaltered throughout storage, transmission, and use that does not alter the information.
Integrity is linked to data security since correct and consistent data is a byproduct of
adequate security. Monitoring and control of permitted access, use, and transfer of
information is essential to the CIA triad's information security procedures
Availability:
The CIA triad's purpose of availability is to ensure that information is accessible when
and where it is required. Information must be accessible to authorised users at all times in
the CIA triad, which is the most important consideration. It is possible to sustain
availability if all of the information system's components are functioning as they should.
It is conceivable that problems with the information system might render information
inaccessible. Effective security measures safeguard system components while also
ensuring that data is readily accessible, all three components of the CIA trinity are
intertwined.
Passive and active attacks are the two forms of security-related attacks. As part of an
active attack, an attacker attempts to alter the message's contents. Attackers copy texts
they see in order to carry out passive attacks.
Active Attacks:
Attackers might use a network exploit to change or alter material while also affecting a
system resource throughout the course of an active assault. Victims will suffer financial
losses as a result of this. The attackers might use passive attacks to collect information
before launching a full-fledged assault on the victim's location. The attackers attempted
to disrupt the system and caused the system to lock down. Victims may be notified about
the ongoing assault if they want to do so. This kind of assault has the potential to
compromise their integrity and accessibility. When opposed to a passive attack, a strong
attack is more difficult to execute.
Denial-of-Service (DoS) assaults are one in every active attack sample. A denial-of-
Service attack occurs when an attacker shuts down a tool or network. This may prevent
the initial user from accessing the device or network. The attackers may spam the target
device or network until it stops responding or burning. Emails, websites, and online
banking are all impacted. Dos assaults may be launched from anywhere.
A DoS attack involves flooding or burning the device or network. A buffer overflow
attack is a typical DoS attack. This kind of attack floods the network with traffic that
exceeds the capacity of a buffer. The system will then be flambed. ICMP flood, often
known as ping flood, is another kind of flooding assault. Spoofed packets containing
ICMP echo requests may be sent. The network must respond to all accusations. This may
make the device inaccessible to regular traffic.
SYN flood is also a kind of flooding attack. The attackers may send SYN packets to any
or all of the server's ports. Fake informatics addresses are common. The unaffected server
may then respond to the SYN-ACK messages. The server might crash if it cannot access
the shoppers. Applied math methods may build attack detection strategies for SYN flood
threats.
Passive Attacks:
A passive attack may monitor, observe, or make use of the system's data for specific
purposes via monitoring, observing, or building upon it. However, it has no effect on the
system's resources, and the data may continue to be used as before. Passive assaults are
difficult to detect since they are carried out in secrecy, making it difficult for the victim to
identify them. The goal of a passive assault is to get data or to search the network for
open ports and vulnerabilities.
An eavesdropping assault is a passive attack. An eavesdropping attack steals data sent
between two linked devices. Eavesdropping includes traffic analysis. The attackers inject
a software package onto the network route to collect future network traffic. To collect
network traffic, attackers must get access to the network channel between the endpoint
and the UC system. It will be easier for the offender to implant a software package if
there are more network paths and the network paths are longer.
Messages are also a kind of passive assault. The attackers use a virus or malware to
install a package on the device to monitor its activity such as texts, emails, or files that
contain personal information. The hackers will utilise the data to infiltrate the system.
Other attacks resulting from the exponential interconnectedness of insecure devices like
IoT infrastructure include protocol-specific and wireless device network-based assaults.