TYPES OF SECURITY ATTACKS AND DEFINITION
Reconnaissance Attack
Enables the attacker to discover vulnerabilities or weaknesses on the network. It precedes (come first) an actual access or DOS attack.
This attack occurs when an adversary (enemy) tries to learn information about your network - Unauthorized information gathering on network system and services.
Access Attack
Access attacks require intrusion capabilities. These can consist of anything as simple as gaining an account holder’s credentials, to plugging foreign hardware directly into the network infrastructure.
Denial of Service attack (Dos)
Denial of Service (DoS) means that the information exchange has been prevented due to some form of interference and also to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash.
Distributed Denial of Service attack (DDoS)
A Distributed Denial of service Attack (DDoS) occurs when multiple systems organized a synchronized DoS attack to a single target. The essential difference is that instead of being attacked from one location, the target is attacked from many locations at once.
Malicious code attack
Malicious code is an application security threat that cannot be efficiently controlled by conventional antivirus software alone. Malicious code describes a broad category of system security terms that includes attack scripts, viruses, worms, Trojan horses, backdoors and malicious active content.
EXAMPLE OF EACH ATTACKS
Reconnaissance attack
Packet sniffers
Packet sniffers
•A packet sniffer = is a piece of hardware or software used to monitor
network traffic.Sniffers work by examining streams of data packets that flow between computers on a network as well as between networked computers and the larger Internet.
Port scans
▪ Port scans – scan open port
Port scanning is a method of determining which ports on a network are open and could be receiving or sending data. It is also a process for sending packets to specific ports on a host and analyzing responses to identify vulnerabilities.
Access attack
Password attack
Password attack - password attacks can be implemented
using a packet sniffer to yield user accounts and
passwords that are transmitted as clear text. Or it refers to
repeated attempts to identify a user account, password, or
both (brute-force attacks)
Denial Of Service
SYN flood : The concept is sends a request to connect to a server, but never completes the handshake.
Distributed Denial Of Service
Smurf Attack : With a smurf attack, multiple broadcast ping requests are sent to a single target from a spoofed IP address.
Malicious Code Attack
Worms : Worm attacks are designed to self-replicate across multiple computers or enterprise networks, often stealing or even destroying files and critical data
Figure on each attacks
Reconnaissance attack
Denial Of Service
Access attack
Distributed Denial Of Service
Malicious Code Attack