An attack is any malicious or accidental disruption in the confidentially, integrity, or availability of information and network resources. Attacks can come from many places, electronic, physical, or human. Electronics attacks may come from the external network (Internet) or the internal network (Intranet); physical attacks can come in the form of hardware and equipment sabotage or theft, and human attacks most often come in the form of social engineering. Some of the attacks identify and evaluate in this paper are: spoofing, replays attacks, access attack suppress-relay, and source and repudiation attack.
Spoofing is when the attackers attempts to appear to be someone else, usually an authentic user. The phenomenon of Web spoofing or creating misleading Web sites that closely represent real sites in order to extract personal financial data from unwary Web visitors, is common form of online scam that contributes to identify based credit and financial fraud and threatens to undermine consumer confidence in Internet shopping and banking. The FBI to spoofing as the “the hottest, and most troubling, new scam on the Internet contributing to the rise in identity theft, credit card fraud, and other Internet fraud.” Approximately thirty such hoax attack sites are detected each day, even as many more go undetected.
Replay attacks is when the attacker attempts a capture packets on its way from one host to another, and then replay them to a targeted host in an attempt to mimic a legitimate user or system. The replay attack is easy because it is not difficult to capture the commands to be replayed. A user on a network can run a sniffer program and capture all packets that travel over the network. Replay attack looks for systems with weak a...
... middle of paper ...
...es and disadvantages of both symmetric and asymmetric cryptography are:
Symmetric advantages
• Use password verification to prove the receivers identity
• Encrypted data can be transferred on the link even if there is a chance that the information will be intercepted. There is no key transmitted with the information, the probability of data being decrypted is unlikely
• Secure
• Fast and easy to implement
Symmetric disadvantages
• Cannot provide digital signatures that cannot be repudiated
• sharing keys
• cause a lot of damage if compromised
• have difficulty with key transportation
Asymmetric advantages
• Scalable and does not require much administration
• Easy for user to use
• Can provide digital signatures that can be repudiated
Symmetric disadvantages
• slower due to longer key length
• complexity of the encryption algorithm used
In this section we investigate attacks and threats to our primary devices. These attacks and threats are built off of the vulnerabilities the previous section and help to determine which security controls would be most valuable against future attacks.
Imperva. (2012). Hacker Intelligence Initiative, Monthly Trend Report #12. Retrieved December 28, 2012 from https://www.imperva.com/docs/HII_Denial_of_Service_Attacks-Trends_Techniques_and_Technologies.pdf
Security is a wide concept, it is a separated subject with its own theories, "which focus on the process of attack and on preventing, detecting and recovering from attacks" (William 1996). Certainly, these processes should be well organized in coping with the complex system issues. A coherent approach should be taken, which builds on established security standards, procedu...
Network hackers are forever inventing ways to break into the computer systems of organizations. Their aim is to take adventure of the susceptibilities of the system. Hackers remain only limited by the created activity of their minds. Hackers have the time, capability, and experience to infra trace any system. The organization has the responsibility to prevent hackers from infra tracing their system. Organizations remain required to plan for the assaults of hackers. Organization can only be better prepared to defend against hackers, if the organization has taken the necessary action to hinder the hackers’ assaults. There remain various ways in which an organization can prepare to do battle with hackers. The first step to battling hackers is for the organization to have an excellent understanding of its abilities and capabilities. Security analysis systems remain invented to aid organizations in the process of un...
The attacks highlight the shortcomings in the system, trace them and correct the problem. Almost all major IT firms, defense systems and Cyber related organizations imply these methods in their security prevention mechanisms.
The Internet plays the biggest role in identity theft. On the Internet, a thief can hide from detection while stealing peoples’ identities from their homes, being able to steal peoples’ information one by one “then disappearing into another identity,” (Vacca 60). Internet fraud consists of two phases. The first being spoofing where a fake site is set up made to look like the real thing. Once that is completed the second phase, phishing, begins. This usually starts with an email that uses the
This paper describes some of the techniques attackers utilize to disrupt wireless networks through MAC address spoofing, demonstrated with captured traffic that was generated by the AirJack, FakeAP and Wellenreiter tools. Through the analysis of these traces, the author identifies techniques that can be employed to detect applications that are using spoofed MAC addresses. With this information, wireless equipment manufacturers could implement anomaly-based intrusion detection systems capable of identifying MAC address spoofing to alert administrators of attacks against their networks.
The ability of the attackers to rapidly gain control of vast number of Internet hosts poses an immense threat to the overall security of the Internet (Staniford, Paxson & Weaver, 2002). Once compromised, these hosts can not only be used for massive Distributed Denial of Service (DDoS) attacks, but also steal or corrupt great quantities of sensitive information by confusing and disrupting the network in more subtle ways (Honeynet, 2005).
As demonstrated by the examples above, these attacks can be extremely difficult to detect and mitigate. This highlights the need to ensure that all employees in an organization are aware of the threat these attacks present and are familiar with ways to stop them. Implementing the techniques mentioned above along with other proven methods will ensure that organizations are equipped to defend themselves against cyberespionage attacks.
Security is often seen as exclusive requirement in networking, providing security is an important issue. A lot of problems are there so a lot of security measures should be provided. Security is more important than ever before due to many reasons. When a network is implemented poorly, security threats and ...
There are numerous network security devices and tools available to aid in computer network defense, and these tools are often relied upon for protecting against increasingly sophisticated, stealthy, and damaging attacks. When acting alone, the current generation of security devices has an exceedingly difficult time providing an effective defense against such threats, and the situation is particularly grim for targeted or novel attacks.
IP spoofing : -A method of bypassing security measures on a network or a method of gaining access to a network by imitating a different IP address. Some security systems have a method of helping to identifying a user by his or her IP address or IP address range. If the attacker spoofs their IP address to match this criteria it may help bypass security measures. This technique is also used to deceive a web page, poll, or other Internet contest into thinking the user is someone else allowing him or her to get more hits or falsely increase a votes rank.
According to the network, Tech Target, Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information, such as Social Security or driver's license numbers, in order to impersonate someone else. Identity theft has become a widely discussed topic throughout society. Recent advances in technology have led to global identity theft. While certain authorities have been trying to decrease the possibility of this occurring, personal privacy is still being invaded by internet criminals every day.
Without proper protection, any part of any network can be susceptible to attacks or unauthorized activity. Routers, switches, and hosts can all be violated by professional hackers, company competitors. In fact, according to several studies, more than half of all network attacks are waged internally. To determine the best ways to protect against attacks, we should understand the many types of attacks that can be instigated and the damage that these attacks can cause to data. The most common types of attacks include Denial of Service (DoS), password, an...