DILLA UNIVERSITY

COLLAGE OF ENGINEERING AND TECHNOLOGY

SCHOOL OF COMPUTING AND INFORMATION

DEPARTEMANT OF COMPUTER SCIENCE

ASSIGNMENT OF COMPUTER SECURITY

NAME ID

1. BIKILA TESHOME………..…4337/20
2. ASRAT AKALU……………….
Serge Attack

In the field of computer security, a serge refers to a specific type of attack known
as a "man-in-the-middle" attack. This attack occurs when a malicious actor
intercepts and potentially alters communication between two parties without their
knowledge. The term "serge" is derived from the French word for "in the middle,"
which accurately describes the nature of this attack.

The attacker positions themselves between the sender and receiver of data,
allowing them to eavesdrop on the communication or even manipulate the
information being exchanged. Serge attacks can compromise the confidentiality,
integrity, and authenticity of the communication, making them particularly
dangerous.

MitM attacks can have severe consequences: compromising sensitive data,

leading to financial loss, identity theft, or enabling further intrusion into computer
systems or networks.

How a typical Serge (Man-in-the-Middle) attack works:

1. Interception: Attacker secretly inserts themselves into the communication flow,

often without the knowledge of the parties, such as on public Wi-Fi, compromised
routers, or via malicious software.

2. Decryption and Inspection: Intercepted data is accessed, decrypted, and

inspected for sensitive information like login credentials, financial details, or
private messages.
3. Alteration or Injection: Attacker may alter intercepted data, inserting malicious
code, changing message content, or injecting harmful links or malware.

4. Relaying: Attacker may relay modified communication to trick both parties into
believing they are communicating directly, or choose to eavesdrop without altering
the communication.

5. Attack Vectors: MitM attacks use methods like ARP spoofing, DNS spoofing,
Wi-Fi eavesdropping, SSL-stripping, and session hijacking to exploit
communication vulnerabilities.

6. Concealed Presence: Successful MitM attacks aim to stay hidden and

unnoticed, allowing the attacker to carry out activities without alerting affected
parties

How to Prevent Serge (MITM) Attack: -

 To protect against serge attacks, it is important to use encryption, secure

communication protocols, strong access controls, VPN usage and regularly
monitor network traffic for any signs of unauthorized interception.
 Implementing strong authentication mechanisms can also help prevent
unauthorized parties from inserting themselves into communication
pathways. Overall, understanding and being proactive in safeguarding
against serge attacks is crucial for maintaining the security of digital
communications.
Botnet Attack

A botnet attack is a computer threat where a network of compromised computers,

called "bots," are controlled by a malicious attacker. These bots can be infected
without the user's knowledge and used to carry out various malicious activities,
such as distributed denial-of-service (DDoS) attacks, spamming, stealing sensitive
information, or spreading malware. The attacker can remotely control the bots to
perform coordinated actions, making it difficult to trace back to the source.

How a botnet attack works:

1. Infection: The attacker distributes malware, often in the form of a virus, worm,
or Trojan, to infect a large number of computers or devices. These infected devices
are then remotely controlled by the attacker. The malware typically allows the
attacker to gain unauthorized access and control over the compromised devices.

2. Botnet Formation: Once infected, the compromised devices become part of a

botnet, creating a network of interconnected and remotely accessible devices under
the control of the attacker.

3. Command and Control (C&C): The attacker establishes a command-and-

control infrastructure to communicate with and control the compromised devices.
This communication can occur through various means, such as centralized servers,
peer-to-peer networks, or other communication channels.

4. Malicious Activities: Botnets can carry out malicious activities such as DDoS
attacks, spamming, theft of sensitive information, and crypto currency mining
using compromised devices.
5. Persistence and Updates: To maintain control over the botnet and evade
detection, the attacker may regularly update the malware and re-establish
communications with the compromised devices.

6. Mitigation: Detecting and mitigating botnet attacks can be challenging. It may

involve identifying and isolating compromised devices, removing the malware,
enhancing network security measures, and coordinating with internet service
providers or security experts to combat the botnet.

The impact of botnet attacks:- leading to service disruptions, data breaches,

financial losses, and reputational damage for the affected individuals,
organizations, or even entire networks.

Protecting against botnet attacks involves: - implementing robust security

measures such as regular software updates, employing firewalls, intrusion
detection/prevention systems, endpoint protection, and fostering a security-aware
culture to avoid falling victim to such attacks.

Understanding how botnet attacks operate is crucial for developing effective

strategies to prevent, detect, and respond to these threats.