Sunday, October 2, 2011

what is Masquerade Attacks

Masquerade Attacks : takes place when one entity pretends to be a different entity . A masquerade attack usually includes one of the other forms of active attack. 
 For example, authentication sequences can be captured and replayed after a valid authentication sequence has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those privileges.

what is replay attacks

Replay attacks : An attack in which a service already authorized and completed is forged by another duplicate request" in an attempt to repeat authorized commands.

what is Modification of messages

Modification of messages: simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect. 

For example, a message meaning "Allow John Smith to read confidential file accounts" is modified to mean "Allow Fred Brown to read confidential file accounts.“

what is Denial of Service Dos Attacks

Denial of Service: prevents or inhibits the normal use or management of communications facilities. This attack may have a specific target; for example, an entity may suppress all messages directed to a particular destination (e.g., the security audit service). 

Another form of service denial is the disruption of an entire network, either by disabling the network or by overloading it with messages so as to degrade performance.

Types of Active attacks

Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: masquerade, replay, modification of messages, and denial of service.

Masquerade Attacks : takes place when one entity pretends to be a different entity . A masquerade attack usually includes one of the other forms of active attack. For example, authentication sequences can be captured and replayed after a valid authentication sequence has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those privileges.

replay attacks : An attack in which a service already authorized and completed is forged by another duplicate request" in an attempt to repeat authorized commands.

Modification of messages: simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect. For example, a message meaning "Allow John Smith to read confidential file accounts" is modified to mean "Allow Fred Brown to read confidential file accounts.“

Denial of Service: prevents or inhibits the normal use or management of communications facilities. This attack may have a specific target; for example, an entity may suppress all messages directed to a particular destination (e.g., the security audit service). Another form of service denial is the disruption of an entire network, either by disabling the network or by overloading it with messages so as to degrade performance.

Explain TermThreat & Attack in Security perspective

Threat: A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. That is, a threat is a possible danger that might exploit a vulnerability.

Attack: An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system.


A useful means of classifying security attacks, used both in X.800 and RFC 2828, is in terms of passive attacks and active attacks. A passive attack attempts to learn or make use of information from the system but does not affect system resources. An active attack attempts to alter system resources or affect their operation

Saturday, October 1, 2011

Security Mechanism the specific means of implementing one or more security services

  • feature designed to detect, prevent, or recover from a security attack
  • no single mechanism that will support all services required
  • however one particular element underlies many of the security mechanisms in use:
  • cryptographic techniques hence our focus on this topic
Note these mechanisms span a wide range of technical components, but one aspect seen in many is the use of cryptographic techniques.

Security Mechanisms (X.800)

  • specific security mechanisms:encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization
  • pervasive security mechanisms:trusted functionality, security labels, event detection, security audit trails, security recovery