×

Eliminate blind spots in your SSL/TLS encrypted traffic.

Learn More


    Active and Passive Attacks

    Blog Post - Active and Passive Attacks
    6 Mar 2021

    Cyber Security Attack Types – Active and Passive Attacks

    Read time: 6 minutes, 06 seconds

    There are two types of attacks that are related to security namely passive and active attacks. In an active attack, an attacker tries to modify the content of the messages. In a passive attack, an attacker observes the messages and copies them.

    Passive Attacks

    The first type of attack is passive attack. A passive attack can monitor, observe or build use of the system’s data for sure functions. However, it doesn’t have any impact on the system resources, and also, the data can stay unchanged. The victim is difficult to note passive attacks as this sort of attack is conducted in secret. Passive attack aims to achieve data or scan open ports and vulnerabilities of the network.
    An eavesdropping attack is taken into account as a kind of passive attack. An eavesdropping attack is to steal data transmitted among two devices that area unit connected to the net. Traffic analysis is enclosed in eavesdropping. An eavesdropping attack happens once the attackers insert a software package within the network path to capture future study network traffic. The attackers have to be compelled to get into the network path between the end point and the UC system to capture the network traffic. If their area unit additional network methods and also the network methods area unit longer, it’ll be more comfortable for the offender to insert a software package within the network path.
    The release of messages is additionally another kind of passive attack. The attackers install a package to the device by using virus or malware to watch the device’s activities like a conversation of messages, emails, or any transferred files that contain personal information and knowledge. The attackers will use the data to compromise the device or network.
    Some other attacks that have emerged thanks to the exponential interconnection of insecure devices like IoT infrastructure include those that square measure protocol-specific, likewise as wireless device networks-based
    For example, in associate IoT-based, mostly sensible-home systems, the communication protocol used is also RPL (Routing protocol for low-power and lossy networks). This protocol is employed thanks to its compatibility with resource-constrained IoT devices that cannot use ancient protocols.

    Active Attacks

    An active attack could be a network exploit during which the attackers will modify or alter the content and impact the system resource. It’ll cause damages to the victims. The attackers can perform passive attacks to gather info before they begin playacting a vigorous attack. The attackers attempt to disrupt and forced the lock of the system. The victims can get informed concerning the active attack. This sort of attack can threaten their integrity and accessibility. A vigorous attack is tougher to perform compared to a passive attack.
    Denial-of-Service attacks (DoS) are one in each of the samples of active attack. A denial-of-Service attack happens once the attackers take action to close up a tool or network. This may cause the first user to be unable to access the actual device or network. The attackers can flood the target device or network with traffic till it’s not responding or flaming. The services that are affected are emails, websites, or on-line banking accounts. Dos attacks may be performed merely from any location.
    As mentioned on top of, DoS attack includes flooding or flaming the device and network. Buffer overflow attack is one in every of the common DoS attacks. This sort of flooding attack sends a lot and a lot of traffic to the network that exceeds the limit that a buffer will handle. Then, it’ll lead to a flaming of the system. What is more, ICMP flood, called ping flood, is additionally a kind of flooding attack. The assaulter can send spoofed packets and flood them with ICMP echo requests. The network is forced to reply to all or any claims. This may cause the device not to be accessible to traditional traffic.

    Moreover, SYN flood is additionally a kind of flooding attack. The attackers can keep generating SYN packets to all or any of the ports of the server. Faux informatics addresses are usually used. The server that is unaware of the attack can then reply to the SYN-ACK packets. The server can fail to access the shoppers and therefore crash. Applied math approaches may be prone to develop attack detection techniques for attacks like SYN flood. One such technique is projected by authors wherever they need projecting SYN flood attack detection theme supported Bayes calculator for unintended mobile networks.

    Trojan horse attacks are another example of network attack, the most ordinary sort of that is backdoor trojan. A backdoor trojan permits the attackers that don’t have the authority to realize access to the pc system, network, or code application. As an example, the attackers may hide some malware in an exceedingly explicit link. Once the users click the link, a backdoor is going to be downloaded within the device. Then, the attackers can have basic access to the device. Apart from that, a rootkit is additionally another example of a trojan attack. A rootkit is usually won’t to get hidden privileged access to a system. It’ll give root access to the attackers. The attackers can manage the system; however, the users won’t get informed of it. They will amend any settings of the pc, access any files or photos, and monitor the users’ activities. A number of the favored rootkit examples are Lane Davis and Steven Dake, NTRootKit, philosopher Zeus, Stuxnet, and Flame. Flame a malware that’s established within the year 2012 that is intended to attack Windows OS. It will perform some options like recording audio, screenshotting, and observance network traffic.

    Moreover, a replay attack is one in every one of the samples of active attack. The attackers can snoop on a specific user before they begin playacting a replay attack. Then, they’re going to send to the victim Associate in Nursing the same message from Associate in Nursing authorized user, and the message is appropriately encrypted. Replay attacks enable the assaulter to possess access to the information and knowledge keep within the compromised device. They can also gain money profit as they’re able to duplicate the group action of the victim. This as a result of the attackers can listen to the frames of this session, mistreatment constant info to perform the attack while not limiting the number of times. There’s another attack referred to as a cut-and-paste attack that is comparable to a replay attack. In a cut-and-paste attack, the assaulter can mix different ciphertext elements and send them to the victim. The assaulter can then get the data they require and use them to compromise the system.

    Conclusion

    Cybersecurity is a big part of our lives today. It is crucial to protect our devices from these malicious activities of attackers. Active and Passive attacks are the challenging issues in any organization. Any Advanced Persistent Threat (APT), always chooses passive attack first to gain information about the infrastructure and the network, which can then be used to fabricate a targeted active attack against the said infrastructure, which often can be hard to block or cause catastrophe to the organization.

    Want to learn from HSM Experts

    We train some of the biggest names in the industry through virtual & Live Classes

    Get a Free Quote on Encryption Advisory Services

    Free Downloads for Encryption consulting services