Week 3: Security & Attacks Mechanism - M199205zn/IAS-CS4 GitHub Wiki

Security Attacks and Mechanisms

Security attacks are deliberate actions aimed at breaching the security of systems, networks, or data. They exploit vulnerabilities to compromise confidentiality, integrity, or availability. To counter these, security mechanisms are implemented to detect, prevent, or recover from these attacks. Common mechanisms include encryption, firewalls, intrusion detection systems, and access controls.

Types of Security Attacks

  1. Passive Attacks
    Passive attacks involve intercepting or monitoring data transmissions to gather information without altering the data or affecting the system.
    Examples:

    • Eavesdropping: Listening to private communications to extract sensitive information. image

    • Traffic Analysis: Observing patterns in data flow to deduce valuable information. image

    • Snooping: Unauthorized monitoring of files or user activity. image

    Characteristics:

    • Harder to detect since they do not alter data.
    • The primary goal is to compromise confidentiality.

  2. Active Attacks
    Active attacks involve directly manipulating or altering data, systems, or communications to disrupt operations or gain unauthorized access.
    Examples:

    • Man-in-the-Middle (MITM): Intercepting and altering communication between two parties. image

    • Replay Attack: Reusing captured data, like session tokens, to gain unauthorized access.

image

  • Denial of Service (DoS): Flooding a system with requests to disrupt its functionality. image

  • Spoofing: Impersonating another entity to gain access or manipulate data. image

Characteristics:

  • Easier to detect since they actively alter data or systems.
  • The primary goal is to compromise integrity, authentication, or availability.

Security Services

Security services are mechanisms designed to protect information and ensure secure communication. Key services include:

  1. Confidentiality

    • Ensures that information is accessible only to authorized individuals.
    • Achieved through encryption techniques like AES or RSA.
    • Example: Encrypting sensitive emails to prevent unauthorized access.

  2. Integrity

    • Ensures that data remains accurate and unchanged during storage or transmission.
    • Achieved using checksums, hash functions (e.g., SHA-256), and message authentication codes (MAC).
    • Example: Verifying a file's checksum to ensure it hasn’t been tampered with.

  3. Authentication

    • Confirms the identity of users, devices, or systems.
    • Achieved using passwords, digital signatures, certificates, and multi-factor authentication.
    • Example: Logging in to a system using a password and a one-time code.

  4. Other Supporting Security Services (Optional Details)

    • Availability: Ensures systems and data are accessible when needed (e.g., through redundancy and backup systems).
    • Non-repudiation: Prevents entities from denying their actions (e.g., using digital signatures).