What are the types of cyber attacks?

The types of network attacks are: 1. Active attacks, which will lead to the tampering of certain data flows and the generation of false data flows; such attacks can be divided into tampering, forging message data and terminal (denial of service). 2. Passive attacks usually include eavesdropping, traffic analysis, cracking weakly encrypted data streams and other attack methods.

#The operating environment of this tutorial: Windows 10 system, Dell G3 computer.

Cyber ​​Attacks (also known as cyber attacks) refer to any type of offensive action against computer information systems, infrastructure, computer networks or personal computer equipment. For computers and computer networks, destroying, exposing, modifying, disabling software or services, stealing or accessing data on any computer without authorization will be considered an attack on computers and computer networks. .

Types of network attacks

1. Active attacks

Active attacks will lead to the tampering of certain data flows and the generation of false data flows. Such attacks can be divided into tampering, forgery of message data and termination (denial of service).

(1) Tampering with messages

Tampering with messages means that some parts of a legitimate message are changed or deleted, the message is delayed or the order is changed, usually to produce an unauthorized effect. If you modify the data in the transmission message, change "Allow A to perform operations" to "Allow B to perform operations."

(2) Forgery

Forgery refers to an entity (person or system) sending out data information containing the identity information of other entities, pretending to be other entities, and thereby obtaining some legal information through deception. Rights and Privileges of Users.

(3) Denial of Service

Denial of service, often referred to as DoS (Deny of Service), will cause the normal use or management of communication equipment to be unconditionally interrupted. It usually damages the entire network to reduce performance and terminal services. This attack may also have a specific goal, such as all packets to a specific destination (such as a security audit service) being blocked.

2. Passive attack

In a passive attack, the attacker does not make any modifications to the data information. Interception/eavesdropping means that the attacker obtains information or related information without the user’s consent and approval. data. Usually include eavesdropping, traffic analysis, cracking weakly encrypted data streams and other attack methods.

(1) Traffic analysis

The traffic analysis attack method is suitable for some special occasions. For example, sensitive information is confidential. Although the attacker cannot obtain the true content of the message from the intercepted message , but the attacker can also observe the patterns of these datagrams, analyze and determine the locations of the communicating parties, the number of communications and the length of the messages, and learn relevant sensitive information. This attack method is called traffic analysis.

(2) Eavesdropping

Eavesdropping is the most commonly used method. The most widely used data transmission on LAN is based on broadcast mode, which makes it possible for a host to receive all the information transmitted on this subnet. When the computer's network card works in miscellaneous mode, it can transmit all the information transmitted on the network to the upper layer for further analysis. If no encryption measures are taken, the entire content of the communication can be fully grasped through protocol analysis. Eavesdropping can also obtain information through unlimited interception. The electromagnetic waves radiated by the network site or the electromagnetic waves radiated by the network connection equipment are received through a highly sensitive receiving device. Signal analysis restores the original data signal to obtain network information. Although sometimes the data information cannot be fully recovered through electromagnetic signals, extremely valuable intelligence may be obtained.

Since passive attacks do not make any modifications to the attacked information and leave very good traces or no traces at all, they are very difficult to detect. Therefore, the focus of fighting such attacks lies in prevention and specific measures. Including virtual private networks, using encryption technology to protect information and using switched network equipment. Passive attacks are difficult to detect and are often the precursor to active attacks.

Although passive attacks are difficult to detect, measures can be taken to effectively prevent them. However, it is very difficult and expensive to effectively prevent attacks. The main technical means to combat active attacks is detection, and the damage caused by attacks. Recover promptly from destruction. Detection also has a certain deterrent effect and can also prevent attacks to a certain extent. Specific measures include automatic auditing, intrusion detection and integrity recovery.

The main attack methods are:

• Password intrusion

• Trojan horse

• WWW Spoofing

• Email

• Node Attack

• Network Listening

• Hacking software

• Security vulnerability

• Port scanning

For more related articles, please visit PHP中文网! !

The above is the detailed content of What are the types of cyber attacks?. For more information, please follow other related articles on the PHP Chinese website!