Faculty: Computer Science and Information Technology
Information Security
Lecture 6
Types of attacks
Dr.Mazen Mohammed Rashad
�Types of attacks
generally , it is the ability to illegally access a specific target, through gaps
in the target's protection system.
The attack on electronic information systems and information networks
aims to destroy (sabotage) information, steal it, prevent access to it, or
install malicious software .
The attack is divided into two main parts, namely the active attack and
Passive Attack
�• Passive Attack
In a passive attack, messages are intercepted in order to identify and
use their contents internally without changing their contents or
analyzing the traffic. It is difficult to detect this type of attack and
precautionary measures must be taken to protect against it. This attack
is also known as a eavesdropping attack Message Interception Attack ,
where the attacker monitors the communication between sender and
receiver to obtain information secret and it The so-called
eavesdropping . Eavesdropping
��• Active Attack
Active Attack A hacker may deftly manipulate the message and alter its
content. An active attack aims to alter a system's capabilities and affect its
operations by modifying data flows to:
• Impersonate the identity of one of the contact parties.
• Resend previous messages.
• Modify the contents of the pending message.
• Blocking or blocking the service.
�It is difficult to prevent fully active attacks due to potential vulnerabilities
in hardware, software, and networks. This is the opposite of passive
attacks, which are difficult to detect but can be completely prevented.
The methods of combating active attacks aim to detect attacks and
recover from their effects. The active attack is divided into four main
sections :
�• Interruption Attack
Figure 1.5, this type depends on cutting the communication channel to stop The
message or data from reaching the receiver, which is also called Denial of Service.
��• Message content modification attack
Modification Attack , Figure 1.6, here the attacker intervenes between
The sender and the receiver (considered an intermediary between the
sender and the receiver) and when the message reaches the attacker, he
changes the content of the message and from Then re-sent to the future
, and may not The receiver knows that the message has been modified
by the attacker.
��• Forgery or fabrication attack
Fabrication Attack , Figure 1.7, here the attacker sends a message to one of
the communication parties stating that a trusted party is asking him for
information or words confidentiality, for example .
�Figure 1.7: Forgery attack
�• Retransmission attack Replay attack
here the attacker receives A copy of the message sent from A to B
and then retransmitted later to influence the operations of party B or
may extract information from it to help it attack the system in the
future, Figure 2.7.
