Active and passive attack
There are two types of attacks that are related to security namely passive and active attacks. In an
active attack, an attacker tries to modify the content of the messages. In a passive attack, an
attacker observes the messages and copies them.
Passive Attacks
The first type of attack is passive attack. A passive attack can monitor, observe or build use of the
system’s data for sure functions. However, it doesn’t have any impact on the system resources, and
also, the data can stay unchanged. The victim is difficult to note passive attacks as this sort of attack
is conducted in secret. Passive attack aims to achieve data or scan open ports and vulnerabilities of
the network.
Example: - Eavesdropping attack, Spying.
Active Attacks
An active attack is an attack in which the attackers will modify or alter the content and impact the
system resource. It’ll cause damages to the victims. The attackers can perform passive attacks to
gather info before active attack.
The attackers attempt to disrupt and forced the lock of the system.
Example: - Denial-of-Service attacks (DoS), Trojan horse attacks, replay attack etc.
Security services and mechanism:
Security services: A service that enhances the security of the data processing systems and the
information transfers of an organization. The services are intended to counter security attacks and
they make use of one or more security mechanisms to provide the service.
List of the basic security services are following:
Authentication
Access control
Data confidentiality
Data Integrity
Nonrepudiation
Authentication service: Authentication service checks or validate the valid user/device who provide
services or request services. Authentication process may be check user id and password, digital
certificate, tokens, session etc.
Access control service: Access control service provide the facility to access the data or information
according to the user validation. Data or information access may read, write or execute or
combinations of all.
Data confidentiality service: Data confidentiality service protects the data from disclosure to
unauthorized principles It includes: connection confidentiality, connectionless confidentiality,
selective field confidentiality, traffic flow confidentiality.
�Data Integrity service: Data Integrity service ensures that during their transmission the data is not
altered by unauthorized parties.
Nonrepudiation services: Nonrepudiation services that a principal cannot deny the receipt of a
message. This may take one or both of two forms.
1) with nonrepudiation with proof of origin recipient of data is provided with proof the origin
of data, so that the sender later denies that he or she sent the particular data.
2) with nonrepudiation with proof of delivery the sender of data is provided with proof of the
delivery of data, so the receiver cannot later deny having received the particular data.
SECURITY MECHANISMS
A mechanism that is designed to detect, prevent or recover from a security attack. These
mechanisms are following: -
Encipherment mechanisms
Digital Signatures
Access Control mechanisms
Traffic-padding mechanisms
Routing Control mechanisms
Notarization mechanisms
Encipherment
The use of mathematical algorithms to transform data into a form that is not readily intelligible. The
transformation and subsequent recovery of the data depend on an algorithm and zero or more
encryption keys.
Digital Signature
Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the
data unit to prove the source and integrity of the data unit and protect against forgery (e.g., by the
recipient).
Access Control
A variety of mechanisms that enforce access rights to resources.
Data Integrity
A variety of mechanisms used to assure the integrity of a data unit or stream of data units.
Authentication Exchange
A mechanism intended to ensure the identity of an entity by means of information exchange.
Traffic Padding
The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.
Routing Control
Enables selection of particular physically secure routes for certain data and allows routing changes,
especially when a breach of security is suspected.
Notarization
The use of a trusted third party to assure certain properties of a data exchange.
