written 5.8 years ago by | • modified 5.8 years ago |
Subject: Mobile Computing
Difficulty: Medium
Marks: 4 Marks
written 5.8 years ago by | • modified 5.8 years ago |
Subject: Mobile Computing
Difficulty: Medium
Marks: 4 Marks
written 5.8 years ago by |
Attacks: A security system is a system to defend our assets from attacks. In the physical world, these attacks are carried out at the weak points in the defense system. When the vulnerability is exploited by some interest or selfish motive, it is an attack on the system.
Attacks on dynamic asset can be of the following types:
1. Interception: An unauthorized party gaining access to an asset will be part of this attack. This is an attack on Confidentiality like unauthorized copying of files or tapping a conversation between parties.
2. Modification: An unauthorized party gaining control of an asset and tampering with it is part of this attack. This is an attack on integrity like changing the content of a message being transmitted through the network.
3. Fabrication: An unauthorized party inserts counterfeited objects into the system.
4. Interruption: An asset is destroyed or made unusable. This is an attack on availability Attacks on static assets can be of the following types. Virus and worms: There are a type of program that replicates and propagates from one system to another.
5. Denial of Service: These are attacks on the system to prevent legitimate users from using the using.
6. Intrusion: these are people or software, which enter into computer systems and perform function without the knowledge of the owner of the asset.
7. Replay Attack: In a replay attack the opponent passively captures the data without trying to analyze the content. At a later time, the same is used in the same sequence to impersonate an event and gain unauthorized access to resource.
8.Buffer Overflow attack: In buffer overflow attack, the vulnerability of an executable program is exploitable.
9.Trapdoor attacks: These are exploitations of some undocumented features of a system.