HOME

Top 10 List of Week 02

1. Intruders
   The intruders are basically three forms:
   

   Masquerader : an individual who is not authorized to use the computer and who penetrates a system’s access controls to exploit a legitimate user’s account.
   Misfeasor : a legitimate user who accesses data, programs, or resources for which such access is not authorized, or who is authorized for such access but misuses his or her privileges.
   Clandestine user : an individual who seizes supervisory control of the system and uses this control to evade auditing and access controls or to suppress audit collection.
   

2. A Threat
   A threat is the potential for a security violation, such as the discovery of a vulnerability, whereas an attack is an attempt to break security.
   

   Breach of integrity : unauthorized modification of data.
   Breach of availability : unauthorized destruction of data.
   Theft of service : unauthorized use of resources.
   Denial of service DOS) : preventing legitimate use of the system.
   

3. Attacks
   Attack is an deliberate unauthorized action on a system or asset. Attack can be classified as active and passive attack:
   

   Active attacks are the type of attacks in which, the attacker efforts to change or modify the content of messages. Active Attack is danger for Integrity as well as availability. Due to active attack system is always damaged and System resources can be changed. The most important thing is that, In active attack, Victim gets informed about the attack.
   Passive Attacks are the type of attacks in which, The attacker observes the content of messages or copy the content of messages. Passive Attack is danger for Confidentiality. Due to passive attack, there is no any harm to the system. The most important thing is that In passive attack, Victim does not get informed about the attack.
   

4. Malware
   Malware is a combination of 2 terms- Malicious and Software. So Malware basically means malicious software that can be an intrusive program code or a anything that is designed to perform malicious operations on system.
   

5. Replay Attack
   Replay Attack is a type of security attack to the data sent over a network. In this attack, the hacker or any person with unauthorized access, captures the traffic and sends communication to its original destination, acting as the original sender. The receiver feels that it is an authenticated message but it is actually the message sent by the attacker. The main feature of the Replay Attack is that the client would receive the message twice, hence the name, Replay Attack.
   

6. Man in the middle attack
   When there is an unwanted proxy in the network intercepting and modifying the requests/responses, this proxy is called a Man in the middle. The network then is said to be under a Man in the middle attack. a man-in-the-middle attack occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently.
   

7. Session Hijacking
   TCP session hijacking is a security attack on a user session over a protected network. The most common method of session hijacking is called IP spoofing, when an attacker uses source-routed IP packets to insert commands into an active communication between two nodes on a network and disguising itself as one of the authenticated users. This type of attack is possible because authentication typically is only done at the start of a TCP session.
   

8. Privilege Escalation
   Privilege escalation is a type of network attack used to obtain unauthorized access to systems within the security perimeter, or sensitive systems, of an organization. Privilege escalation is a common way for attackers to gain unauthorized access to systems within a security perimeter. There are two types of privilege escalation:
   

   Horizontal privilege escalation : an attacker expands their privileges by taking over another account and misusing the legitimate privileges granted to the other user. To learn more about horizontal privilege escalation see our guide on lateral movement.
   Vertical privilege escalation : an attacker attempts to gain more permissions or access with an existing account they have compromised.
   

9. Security Measures
   To protect the system, security measures can be taken at the following levels:
   

   Physical: The sites containing computer systems must be physically secured against armed and malicious intruders. The workstations must be carefully protected.
   Human : Only appropriate users must have the authorization to access the system. Phishing(collecting confidential information) and Dumpster Diving(collecting basic information so as to gain unauthorized access) must be avoided.
   Operating system : The system must protect itself from accidental or purposeful security breaches.
   Networking System : Almost all of the information is shared between different systems via a network. Intercepting these data could be just as harmful as breaking into a computer. Henceforth, Network should be properly secured against such attacks.
   

10. Phishing
    Phishing is a form of fraud. Cyber criminals use email, instant messaging, or other social media to try to gather information such as login credentials by masquerading as a reputable person. Phishing occurs when a malicious party sends a fraudulent email disguised as being from an authorized, trusted source. The message intent is to trick the recipient into installing malware on his or her device or into sharing personal or financial information.