Passive attacks
Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions :
a) Release of message contents – encryption is usually used to counter attack
b) Traffic
analysis – if contents is closed but the opponent could determine the location
and identity of communicating hosts and could observe the frequency and length
of messages being exchanged, he may guess the nature of the communication that
was taking place.
Passive
attacks are very difficult to detect because they do not involve any alteration
of data. However, it is feasible to prevent the success of these attacks,
usually by means of encryption.
Active attacks
They
involve some modification of the data stream or the creation of a false data
stream and can be subdivided into 4 categories :
a) A
Masquerade takes place when one entity pretends to be a different entity
b) Replay
involves the passive capture of a data unit and its subsequent retransmission
to produce an unauthorized effect
c) Modification
of messages simply means that some portion of a legitimate message is altered
d) The
Denial of service prevents or inhibits the normal use or management of
communication facilities
No comments:
Post a Comment