SlideShare une entreprise Scribd logo

Types of Attack in Information and Network Security

Télécharger en tant que PPTX, PDF
P
padmeshagrekar

In shared PPT we have discussed about different types of cyber security attacks how it works and how we can prevent it .

Internet
1  sur  20
REVATI JALNEKAR (24) AMEYAA VAIDYA (57) PADMESH AGREKAR (04) AKSHAY KAMBLE (28) ROSHAN PAWAR (43) GUIDED BY: PROF. PANKAJ KUNEKAR
CONTENT • INTRODUCTION • DOS ATTACK • IP SPOOFING ATTACK • REPLAY ATTACK • DNS POISONING • PHISHING ATTACK 2
INTRODUCTION • Types of attack: • Passive Attacks : A passive attack is a network attack in which a system is monitored and sometimes scanned for open ports and vulnerabilities. • Types of Passive Attacks: – Interception Attack – Traffic Analysis Attack • Active Attacks : An active attack is a network exploit in which a hacker attempts to make changes to data on the target or data en-route to the target. • Types of Active Attacks: – Masquerade Attack – Interruption Attack – Session Replay Attack – ModificationAttack – denial of Service (DOS)Attack 3
DOS(denial of service) • It is an attack on the computer or network that restricts, reduces, or prevents the system from restoring accessibility to its legitimate users. • It is a kind of attack in which an attacker or intruder tries to deprive system users or authorized users of accessing their computers, networks, or sites. • Here the attacker focuses on the bandwidth of the victim to perform this attack. 4
WORKING • Denial-of-service attacks tend to target web servers of high-profile organizations, such as banking, e-commerce and media companies, as well as government entities. • Perpetrators go after organizations’ assets in one of two ways: either by overwhelming their networks with large volumes of traffic or by sending nefarious data like bugs that will trigger a crash. • No matter the method, the intended outcome is the same: to take the network or machine down. Additional networks or assets not actually targeted by the DoS attackers may also be impacted if the DoS victim is, say, an internet or cloud service provider for others. 5
PREVENTION • Monitor and analyze network traffic: Network traffic can be supervised via a firewall or intrusion detection system. Administrators can set up rules that create alerts for unusual traffic. • Strengthen their security posture: This includes fortifying all internet-facing devices to prevent compromise, installing and maintaining antivirus software, establishing firewalls configured to protect against DoS attacks. • Monitor traffic: Organizations can enroll in a service that detects or redirects the abnormal traffic flows typically associated with a DoS attack, while allowing normal traffic to proceed on the network. • Establish a DoS attack response plan: The key is to create and also practice a disaster recovery plan for DoS attack that covers communication, mitigation and recovery. 6
IP SPOOFING • Internet Protocol (IP) spoofing is a type of malicious attack where the threat actor hides the true source of IP packets to make it difficult to know where they came from. • The attacker creates packets, changing the source IP address to impersonate a different computer system, disguise the sender's identity or both. • IP spoofing is a technique often used by attackers to launch distributed denial of service (DDoS) attacks and man-in-the- middle attacks against targeted devices or the surrounding infrastructures. 7
WORKING • Internet traffic is sent in units referred to as packets. Packets contain IP headers that have routing information about the packet. This information includes the source IP address and the destination IP address. Think of the packet as a package in the mail and the source IP address as the return address on that package. • In IP address spoofing, the attacker changes the source address in the outgoing packet header. That way, the destination computer sees the packet as coming from a trusted source -- such as a computer on an enterprise network -- and accepts it. 8
PREVENTION • Authentication based on the key exchange. • ACL (Access control list) • Use filtering. • Use strong verification and authentication methods • Use antivirus and other security software • Use IP-level encryption protocols 9
REPLAY ATTACK • A replay attack is a form of network attack in which valid data transmission is maliciously or fraudulently repeated or delayed. • A replay attack occurs when a cybercriminal eavesdrops on a secure network communication, intercepts it, and then fraudulently delays or resends it to misdirect the receiver into doing what the hacker wants. • The added danger of replay attacks is that a hacker doesn't even need advanced skills to decrypt a message after capturing it from the network. 10
WORKING • Suppose A wants to prove her identity to B. B requests her password as proof of identity, which A dutifully provides (possibly after some transformation like hashing, the password); meanwhile, E is eavesdropping on the conversation and keeps the password (or the hash). After the interchange is over, E (acting as A) connects to B; when asked for proof of identity, E sends A password (or hash) read from the last session which B accepts, thus granting E access 11
PREVENTION • Timestamp method – Prevention from such attackers is possible, if timestamp is used along with the data. Supposedly, the timestamp on a data is more than a certain limit, it can be discarded, and sender can be asked to send the data again. • Session key method –Another way of prevention, is by using session key. This key can be used only once (by sender and receiver) per transaction, and cannot be reused. 12
DNS POISONING • Domain name system (DNS) cache poisoning, also known as DNS spoofing, is a method of computer hacking in which traffic is maliciously diverted to a victim's computer via corrupted cached data/files. • DNS requests are "cached", or stored, into a database which can be queried in almost real-time to point names like 'hotmail.com' or 'google.com' to their appropriate IP addresses. • DNS basically runs the Internet. 13
WORKING • Every device and server has a unique internet protocol (IP) address, which is a series of numbers used as identifiers in communications. Every website has a domain name that sits on top of that to make it easy for internet users to visit the websites they want. • The DNS then maps the domain name that users enter to the appropriate IP address to properly route their traffic, all of which gets handled through DNS servers. • DNS poisoning takes advantage of weaknesses in this process to redirect traffic to an illegitimate IP address. • Specifically, hackers gain access to a DNS server so that they can adjust its directory to point the domain name users enter to a different, incorrect IP address. 14
PREVENTION • Set up and maintain your own DNS servers. It's really not that hard. even for a small network. BIND or Windows DNS can be configured (securely and properly) in less than 30minutes. • Don't answer DNS requests over the WAN on port 53 (or any other port for that matter) • If you MUST answer on port 53, use RNDC keys. Revolve them often. • Set your TTL's to a low value. Something that doesn't sacrifice your network performance. • Disable 'hosts' file resolution on your clients and servers!!! 15
PHISHING ATTACK • Phishing attacks are the practice of sending fraudulent communications that appear to come from a reputable source. • It is usually done through email. The goal is to steal sensitive data like credit card and login information, or to install malware on the victim’s machine. • Phishing is a common type of cyber attack that everyone should learn about in order to protect themselves. 16
WORKING • Phishing starts with a fraudulent email or other communication that is designed to lure a victim. • The message is made to look as though it comes from a trusted sender. • If it fools the victim, he or she is coaxed into providing confidential information, often on a scam website. Sometimes malware is also downloaded onto the target’s computer. 17
PREVENTION • 1. Know what a phishing scam looks like • 2. Don’t click on any unknown link • 3. Get free anti-phishing add-ons • 4. Don’t give your information to an unsecured site • 5. Rotate passwords regularly • 6. Install firewalls • 7. Don’t give out important information unless you must 18
REFERENCES • https://www.lepide.com/blog/the-15-most-common-types-of-cyber-attacks/ • https://searchsecurity.techtarget.com/definition/denial-of-service • https://www.imperva.com/learn/application-security/dns-spoofing/ • https://www.kaspersky.com/resource-center/threats/ip-spoofing • https://www.kaspersky.com/resource-center/definitions/replay-attack • https://www.google.com/search?q=ip+spoofing+attack+images&sxsrf=AOaemvL18bvt3IOm de5PT-L5 • https://www.google.com/search?q=phising+attack+images&tbm=isch&ved= • https://www.google.com/search?q=dns+poisoning+attack+images&tbm=isch&ved= 19
20

Recommandé

Spamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attackSpamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attackSyed Ali Mujtaba Jaffary
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingHarishBabuKaveri
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hackingCmano Kar
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threadssrivijaymanickam
 
Web Security
Web SecurityWeb Security
Web SecurityBharath Manoharan
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
Network and web security
Network and web securityNetwork and web security
Network and web securityNitesh Saitwal
 
Malware
MalwareMalware
MalwareMichael Carthy
 

Recommandé

Spamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attackSpamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attackSyed Ali Mujtaba Jaffary
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingHarishBabuKaveri
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hackingCmano Kar
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threadssrivijaymanickam
 
Web Security
Web SecurityWeb Security
Web SecurityBharath Manoharan
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
Network and web security
Network and web securityNetwork and web security
Network and web securityNitesh Saitwal
 
Malware
MalwareMalware
MalwareMichael Carthy
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Vasile
 
Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksSam Bowne
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9koolkampus
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hackingVishal Kumar
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)EC-Council
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical HackingViral Parmar
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7AfiqEfendy Zaen
 
Network Security
Network SecurityNetwork Security
Network SecurityManoj Singh
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingViraj Kansara
 
Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)SHUBHA CHATURVEDI
 
Ransomware protection
Ransomware protectionRansomware protection
Ransomware protectionRohit Srivastwa
 
this is test for today
this is test for todaythis is test for today
this is test for todayDreamMalar
 
Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Umesh Mahawar
 
Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacksSugirtha Jasmine M
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasureskaranwayne
 
Basic Internet Security
Basic Internet SecurityBasic Internet Security
Basic Internet Securitymfaheemakhtar
 
Security concepts
Security conceptsSecurity concepts
Security conceptsartisriva
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKSShaurya Gogia
 
Network security
Network securityNetwork security
Network securityVenkat Karanam
 
Network And Application Layer Attacks
Network And Application Layer AttacksNetwork And Application Layer Attacks
Network And Application Layer AttacksArun Modi
 
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...PLNOG15-DNS is the root of all evil in the network. How to become a superhero...
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...PROIDEA
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Pathshibaehed
 

Contenu connexe

Tendances

Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Vasile
 
Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksSam Bowne
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9koolkampus
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hackingVishal Kumar
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)EC-Council
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical HackingViral Parmar
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7AfiqEfendy Zaen
 
Network Security
Network SecurityNetwork Security
Network SecurityManoj Singh
 
Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)SHUBHA CHATURVEDI
 
this is test for today
this is test for todaythis is test for today
this is test for todayDreamMalar
 
Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Umesh Mahawar
 
Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacksSugirtha Jasmine M
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasureskaranwayne
 
Basic Internet Security
Basic Internet SecurityBasic Internet Security
Basic Internet Securitymfaheemakhtar
 

Tendances (16)

Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
 
Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer Attacks
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hacking
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical Hacking
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7
 
Network Security
Network SecurityNetwork Security
Network Security
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)
 
Ransomware protection
Ransomware protectionRansomware protection
Ransomware protection
 
this is test for today
this is test for todaythis is test for today
this is test for today
 
Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)
 
Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacks
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasures
 
Basic Internet Security
Basic Internet SecurityBasic Internet Security
Basic Internet Security
 

Similaire à Types of Attack in Information and Network Security

Security concepts
Security conceptsSecurity concepts
Security conceptsartisriva
 
Network And Application Layer Attacks
Network And Application Layer AttacksNetwork And Application Layer Attacks
Network And Application Layer AttacksArun Modi
 
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...PLNOG15-DNS is the root of all evil in the network. How to become a superhero...
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...PROIDEA
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Pathshibaehed
 
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!PriyadharshiniHemaku
 
Network sniffers & injection tools
Network sniffers & injection toolsNetwork sniffers & injection tools
Network sniffers & injection toolsvishalgohel12195
 
TYPES OF CYBER ATTACKS.pptx
TYPES OF CYBER ATTACKS.pptxTYPES OF CYBER ATTACKS.pptx
TYPES OF CYBER ATTACKS.pptxRohanMistry15
 
Intruders in cns. Various intrusion detection and prevention technique.pptx
Intruders in cns. Various intrusion detection and prevention technique.pptxIntruders in cns. Various intrusion detection and prevention technique.pptx
Intruders in cns. Various intrusion detection and prevention technique.pptxSriK49
 
Computer Network Case Study - bajju.pptx
Computer Network Case Study - bajju.pptxComputer Network Case Study - bajju.pptx
Computer Network Case Study - bajju.pptxShivamBajaj36
 
Wireless Intrusion Techniques
Wireless Intrusion TechniquesWireless Intrusion Techniques
Wireless Intrusion TechniquesCadis1
 
denialofservice.pdfdos attacck basic details with interactive design
denialofservice.pdfdos attacck basic details with interactive designdenialofservice.pdfdos attacck basic details with interactive design
denialofservice.pdfdos attacck basic details with interactive designperfetbyedshareen
 

Similaire à Types of Attack in Information and Network Security (20)

Security concepts
Security conceptsSecurity concepts
Security concepts
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKS
 
Network security
Network securityNetwork security
Network security
 
Network And Application Layer Attacks
Network And Application Layer AttacksNetwork And Application Layer Attacks
Network And Application Layer Attacks
 
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...PLNOG15-DNS is the root of all evil in the network. How to become a superhero...
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths
 
Network sec 1
Network sec 1Network sec 1
Network sec 1
 
IT Infrastrucutre Security
IT Infrastrucutre SecurityIT Infrastrucutre Security
IT Infrastrucutre Security
 
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
 
Network sniffers & injection tools
Network sniffers & injection toolsNetwork sniffers & injection tools
Network sniffers & injection tools
 
TYPES OF CYBER ATTACKS.pptx
TYPES OF CYBER ATTACKS.pptxTYPES OF CYBER ATTACKS.pptx
TYPES OF CYBER ATTACKS.pptx
 
Cyber attack
Cyber attackCyber attack
Cyber attack
 
Intruders in cns. Various intrusion detection and prevention technique.pptx
Intruders in cns. Various intrusion detection and prevention technique.pptxIntruders in cns. Various intrusion detection and prevention technique.pptx
Intruders in cns. Various intrusion detection and prevention technique.pptx
 
Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Cisco
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Computer Network Case Study - bajju.pptx
Computer Network Case Study - bajju.pptxComputer Network Case Study - bajju.pptx
Computer Network Case Study - bajju.pptx
 
Wireless Intrusion Techniques
Wireless Intrusion TechniquesWireless Intrusion Techniques
Wireless Intrusion Techniques
 
Lecture 2
Lecture 2Lecture 2
Lecture 2
 
denialofservice.pdfdos attacck basic details with interactive design
denialofservice.pdfdos attacck basic details with interactive designdenialofservice.pdfdos attacck basic details with interactive design
denialofservice.pdfdos attacck basic details with interactive design
 

Dernier

GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebJames Anderson
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirtrahman018755
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)Damian Radcliffe
 
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneRussian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneCall girls in Ahmedabad High profile
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...aditipandeya
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...SofiyaSharma5
 
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service PuneVIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service PuneCall girls in Ahmedabad High profile
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Personfurqan222004
 

Dernier (20)

GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
 
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneRussian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service PuneVIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Person
 

Types of Attack in Information and Network Security

  • 1. REVATI JALNEKAR (24) AMEYAA VAIDYA (57) PADMESH AGREKAR (04) AKSHAY KAMBLE (28) ROSHAN PAWAR (43) GUIDED BY: PROF. PANKAJ KUNEKAR
  • 2. CONTENT • INTRODUCTION • DOS ATTACK • IP SPOOFING ATTACK • REPLAY ATTACK • DNS POISONING • PHISHING ATTACK 2
  • 3. INTRODUCTION • Types of attack: • Passive Attacks : A passive attack is a network attack in which a system is monitored and sometimes scanned for open ports and vulnerabilities. • Types of Passive Attacks: – Interception Attack – Traffic Analysis Attack • Active Attacks : An active attack is a network exploit in which a hacker attempts to make changes to data on the target or data en-route to the target. • Types of Active Attacks: – Masquerade Attack – Interruption Attack – Session Replay Attack – ModificationAttack – denial of Service (DOS)Attack 3
  • 4. DOS(denial of service) • It is an attack on the computer or network that restricts, reduces, or prevents the system from restoring accessibility to its legitimate users. • It is a kind of attack in which an attacker or intruder tries to deprive system users or authorized users of accessing their computers, networks, or sites. • Here the attacker focuses on the bandwidth of the victim to perform this attack. 4
  • 5. WORKING • Denial-of-service attacks tend to target web servers of high-profile organizations, such as banking, e-commerce and media companies, as well as government entities. • Perpetrators go after organizations’ assets in one of two ways: either by overwhelming their networks with large volumes of traffic or by sending nefarious data like bugs that will trigger a crash. • No matter the method, the intended outcome is the same: to take the network or machine down. Additional networks or assets not actually targeted by the DoS attackers may also be impacted if the DoS victim is, say, an internet or cloud service provider for others. 5
  • 6. PREVENTION • Monitor and analyze network traffic: Network traffic can be supervised via a firewall or intrusion detection system. Administrators can set up rules that create alerts for unusual traffic. • Strengthen their security posture: This includes fortifying all internet-facing devices to prevent compromise, installing and maintaining antivirus software, establishing firewalls configured to protect against DoS attacks. • Monitor traffic: Organizations can enroll in a service that detects or redirects the abnormal traffic flows typically associated with a DoS attack, while allowing normal traffic to proceed on the network. • Establish a DoS attack response plan: The key is to create and also practice a disaster recovery plan for DoS attack that covers communication, mitigation and recovery. 6
  • 7. IP SPOOFING • Internet Protocol (IP) spoofing is a type of malicious attack where the threat actor hides the true source of IP packets to make it difficult to know where they came from. • The attacker creates packets, changing the source IP address to impersonate a different computer system, disguise the sender's identity or both. • IP spoofing is a technique often used by attackers to launch distributed denial of service (DDoS) attacks and man-in-the- middle attacks against targeted devices or the surrounding infrastructures. 7
  • 8. WORKING • Internet traffic is sent in units referred to as packets. Packets contain IP headers that have routing information about the packet. This information includes the source IP address and the destination IP address. Think of the packet as a package in the mail and the source IP address as the return address on that package. • In IP address spoofing, the attacker changes the source address in the outgoing packet header. That way, the destination computer sees the packet as coming from a trusted source -- such as a computer on an enterprise network -- and accepts it. 8
  • 9. PREVENTION • Authentication based on the key exchange. • ACL (Access control list) • Use filtering. • Use strong verification and authentication methods • Use antivirus and other security software • Use IP-level encryption protocols 9
  • 10. REPLAY ATTACK • A replay attack is a form of network attack in which valid data transmission is maliciously or fraudulently repeated or delayed. • A replay attack occurs when a cybercriminal eavesdrops on a secure network communication, intercepts it, and then fraudulently delays or resends it to misdirect the receiver into doing what the hacker wants. • The added danger of replay attacks is that a hacker doesn't even need advanced skills to decrypt a message after capturing it from the network. 10
  • 11. WORKING • Suppose A wants to prove her identity to B. B requests her password as proof of identity, which A dutifully provides (possibly after some transformation like hashing, the password); meanwhile, E is eavesdropping on the conversation and keeps the password (or the hash). After the interchange is over, E (acting as A) connects to B; when asked for proof of identity, E sends A password (or hash) read from the last session which B accepts, thus granting E access 11
  • 12. PREVENTION • Timestamp method – Prevention from such attackers is possible, if timestamp is used along with the data. Supposedly, the timestamp on a data is more than a certain limit, it can be discarded, and sender can be asked to send the data again. • Session key method –Another way of prevention, is by using session key. This key can be used only once (by sender and receiver) per transaction, and cannot be reused. 12
  • 13. DNS POISONING • Domain name system (DNS) cache poisoning, also known as DNS spoofing, is a method of computer hacking in which traffic is maliciously diverted to a victim's computer via corrupted cached data/files. • DNS requests are "cached", or stored, into a database which can be queried in almost real-time to point names like 'hotmail.com' or 'google.com' to their appropriate IP addresses. • DNS basically runs the Internet. 13
  • 14. WORKING • Every device and server has a unique internet protocol (IP) address, which is a series of numbers used as identifiers in communications. Every website has a domain name that sits on top of that to make it easy for internet users to visit the websites they want. • The DNS then maps the domain name that users enter to the appropriate IP address to properly route their traffic, all of which gets handled through DNS servers. • DNS poisoning takes advantage of weaknesses in this process to redirect traffic to an illegitimate IP address. • Specifically, hackers gain access to a DNS server so that they can adjust its directory to point the domain name users enter to a different, incorrect IP address. 14
  • 15. PREVENTION • Set up and maintain your own DNS servers. It's really not that hard. even for a small network. BIND or Windows DNS can be configured (securely and properly) in less than 30minutes. • Don't answer DNS requests over the WAN on port 53 (or any other port for that matter) • If you MUST answer on port 53, use RNDC keys. Revolve them often. • Set your TTL's to a low value. Something that doesn't sacrifice your network performance. • Disable 'hosts' file resolution on your clients and servers!!! 15
  • 16. PHISHING ATTACK • Phishing attacks are the practice of sending fraudulent communications that appear to come from a reputable source. • It is usually done through email. The goal is to steal sensitive data like credit card and login information, or to install malware on the victim’s machine. • Phishing is a common type of cyber attack that everyone should learn about in order to protect themselves. 16
  • 17. WORKING • Phishing starts with a fraudulent email or other communication that is designed to lure a victim. • The message is made to look as though it comes from a trusted sender. • If it fools the victim, he or she is coaxed into providing confidential information, often on a scam website. Sometimes malware is also downloaded onto the target’s computer. 17
  • 18. PREVENTION • 1. Know what a phishing scam looks like • 2. Don’t click on any unknown link • 3. Get free anti-phishing add-ons • 4. Don’t give your information to an unsecured site • 5. Rotate passwords regularly • 6. Install firewalls • 7. Don’t give out important information unless you must 18
  • 19. REFERENCES • https://www.lepide.com/blog/the-15-most-common-types-of-cyber-attacks/ • https://searchsecurity.techtarget.com/definition/denial-of-service • https://www.imperva.com/learn/application-security/dns-spoofing/ • https://www.kaspersky.com/resource-center/threats/ip-spoofing • https://www.kaspersky.com/resource-center/definitions/replay-attack • https://www.google.com/search?q=ip+spoofing+attack+images&sxsrf=AOaemvL18bvt3IOm de5PT-L5 • https://www.google.com/search?q=phising+attack+images&tbm=isch&ved= • https://www.google.com/search?q=dns+poisoning+attack+images&tbm=isch&ved= 19
  • 20. 20