Institute of Information Technology

Jahangirnagar University

Assignment #1
____________________________________

Course Title: Parallel and Distributed System

Course Code: ICT 4105

Submitted By:
Name: Tasfia Israt
Roll:2027

Submitted To:
Dr. Risala Tasin Khan
Professor
IIT, JU

Submission Date: 31-03-2024

1
How many attacks are possible in a distributed system?

Distributed System:
A collection of linked computers operating as a single unit is called a distributed system. These
gadgets—sometimes referred to as nodes—work together and exchange data to accomplish
objectives. Distributed systems have issues related to communication, synchronization, and
security in addition to benefits like improved fault tolerance, scalability, and performance.

There is a big attack surface on a distributed system, differ based on its components, weaknesses,
and structure. Distributed systems are susceptible to a variety of attacks.
Different Attack Types for Distributed Systems:

1. Distributed Denial of Service (DDoS) assaults:

In an attempt to prevent service availability, distributed denial of service (DDoS) assaults include
overloading a target system with traffic from several sources. A network of compromised
computers is used to stop authorized users from accessing the system or its services.

2. Man-in-the-Middle (MitM):
This may lead to unlawful access to information or the redirection of legitimate traffic.To
manipulate data, listen in on conversations, or assume the identity of someone else,
cybercriminals take advantage of weaknesses in the communication path.

3. DNS Spoofing:
DNS spoofing is the deception of people by using the Domain Name System (DNS) to trick them
into visiting certain websites or services.
Hacked DNS servers could be used by attackers. Users can be directed to rogue nodes by
injecting DNS records into a decentralized network. Information may be accessed by
unauthorized parties or lawful traffic may be diverted as a result."

4. Data Breach:
Data breach happens when unauthorized individuals’ access a stored map or database with
sensitive or private information. It might concern business data, intellectual property, or personal

2
information. They become risks that individuals and businesses might confront should there be
data loss.

5. Phishing:
Phishing attempted use various methods to lure the victim in divulging their personal details,
even confidential stuffs like bank account information, username, and password. The fraudsters’
parasite explore the use of fake mails, messages, or even unofficial sites that mimic well-known
businesses for their reasons.

6. Malware:
Under the terms of malware, a wide variety of hostile programs, including viruses, worms,
trojans, ransomware, etc., becomes feasible. The goal of a majority of these programs is either to
compromise computer security or tamper with data. The hackers may also obtain illegal access.

7. Eavesdropping:
Eavesdropping attacks aim to obtain information from phone or computer conversations without
the parties' awareness. Cybercriminals may be able to listen in on and intercept data
transmissions in order to get unauthorized access to sensitive information.

8. Session Hijacking:
The act of interrupting user's ongoing session and walking away with their right over it are all
referred to as session hijacking, session stealing, or session sid jacking.
Hackers may find a way to penetrate distributed systems using vulnerabilities that cause user
authentication errors to occur, which would help them to pretend they are legit users and to
obtain unauthorized access to services or applications.

9. Cross-Site Request Forgery (CSRF):

The adware technique where users are wrongly tricked into doing actions on a website that was
not intended are only examples of such methods.
CSRF attacks are possible via web applications running in a cloud environment. Attackers may
trick the client-server communication into unintentional execution of special code (which
includes system modifications).

3
 10. Blockchain-specific Attacks:
Hacking of blockchain aimed at paralyzing the distributed nature and the feature which is
chained among blockchain networks.
Attacks such as double spend could be putting on flaws of the dispersed ledger systems like
blockchain, as such unwanted mechanism could provide the circumstance for the same
cryptocurrency being spent more than once and subsequently put blockchain's integrity at risk.

11. Brute Force Attacks:

Brute force attack means every combination of password and key sequentially becomes a piece
of the riddle until the right one is achieved.
Coordinated attacks, whereby an attacker brings several nodes to cooperate in order to trying
several combinations and attempts to steal unauthorized access to user accounts or cryptographic
key are others problems pose by distributed systems.

12. Supply Chain Attacks:

This sort of hacking intentions are seen in the exploitation of weaknesses found in software or
hardware parts of supply line.From the weakest link in the system being compromised (e.g. an
infected supply chain) and the threat of malware or contaminated hardware being propagated,
consequences could be serious.

These illustrations highlight the wide variety of risks that can impact distributed systems,
highlighting the necessity of thorough security protocols and ongoing observation to guard
against changing cyberthreats.