Professional Documents
Culture Documents
Module-1 Crypto
Module-1 Crypto
In an active attack, Modification in information While in a passive attack, Modification in the information
takes place. does not take place.
In an active attack, Victim gets informed about While in a passive attack, Victim does not get informed
the attack. about the attack.
In an active attack, System resources can be While in passive attack, System resources are not
changed. changing.
Active attack influences the services of the While in a passive attack, information and messages in the
system. system or network are acquired.
In an active attack, information collected While passive attacks are performed by collecting
through passive attacks is used during information such as passwords, and messages by
execution. themselves.
The purpose of an active attack is to harm the The purpose of a passive attack is to learn about the
ecosystem. ecosystem.
The duration of an active attack is short. The duration of a passive attack is long.
Real life Example of Active attack:- Let's say you intercept a note being passed between two
classmates. Instead of just reading it and passing it along, you change the message before passing it
to the intended recipient. Maybe you add some false information or a mean comment. In this case,
you're actively altering the communication, not just silently observing.
Real life Example of Passive attack:- Imagine you're sitting in a café, and two people at the next
table are talking loudly about their weekend plans. You overhear their conversation without them
knowing. You're not interrupting or altering their conversation; you're just quietly listening and
gathering information.
Examples:
IP Spoofing: The attacker modifies the source IP address of packets to make it appear
as if they're coming from a trusted source. This can be used to bypass access controls
or launch distributed denial-of-service (DDoS) attacks.
Email Spoofing: The attacker forges the sender's email address to make it look like
the email is coming from a trusted source. This is often used in phishing attacks to
trick recipients into revealing sensitive information or clicking on malicious links.
Website Spoofing: The attacker creates a fake website that looks identical to a
legitimate one. They may use a similar domain name or design to deceive users into
entering their login credentials or financial information.
3- Modification Attacks:- The data are modified or altered by the attacker there is no strong
encryption method provided and the attacker intercepts data as it's being transmitted or
stored and makes changes to it without the knowledge or consent of the sender or recipient.
6- Brute force Attack:- Brute force attacks are like trying every possible combination to
unlock a door. A brute force attack is a trial-and-error method used to obtain information,
such as passwords or encryption keys, by systematically trying all possible combinations until
the correct one is found.
Brute force attacks can target various types of systems and security mechanisms, including:
8- Insider Attack:- An insider attack is when someone from within an organization, like an
employee or a contractor, does something harmful or unauthorized. he insider might steal sensitive
information, sabotage systems or data, or cause other types of harm. For example, they might leak
confidential company data, install malware on company computers, or disrupt the organization's
operations.
Basis of
Sr.No. Comparison WORMS VIRUS
A Virus is a malicious
executable code attached
A Worm is a form of malware to another executable file
that replicates itself and can which can be harmless
spread to different computers or can modify or delete
1. Definition via Network. data.
Examples of viruses
Examples of worms include include Creeper, Blaster,
12. Examples Morris worm, storm worm, etc. Slammer, etc.
It does not need human action It needs human action to
13. Interface to replicate. replicate.
Principles of security:-
1 – Confidentiality:- The principle specifies that only the sender and receiver will be able to
access the information shared between them. It involves measures such as encryption, access
controls, and data classification to prevent unauthorized access or disclosure of confidential data.
For example, let us consider sender A wants to share some confidential information with receiver
B and the information gets intercepted by the attacker C. Now the confidential information is in
the hands of an intruder C.
2- Integrity: Integrity ensures that data remains accurate, complete, and unaltered during storage,
transmission, or processing. Measures such as data validation, checksums, and digital signatures
help maintain data integrity and detect unauthorized modifications. If the content of the message is
changed after the sender sends it but before reaching the intended receiver, then it is said that the
integrity of the message is lost.
3-Availability:- The principle of availability states that the resources will be available to authorize
party at all times. Information will not be useful if it is not available to be accessed. Systems should
have sufficient availability of information to satisfy the user request.
5- Non-repudiation: Non-repudiation ensures that individuals or entities cannot deny their actions
or transactions. In some cases the sender sends the message and later denies it. But the non-
repudiation does not allow the sender to refuse the receiver.
6-Access control: The principle of access control is determined by role management and rule
management. Role management determines who should access the data while rule management
determines up to what extent one can access the data. The information displayed is dependent on the
person who is accessing it.
Zombie:
1. Botnet Zombies: These are the compromised devices or computers that are controlled by
Central Command and Control(C&C) servers by infecting computers with malware. These
devices form a network called botnets. These botnets allow the criminal to coordinate for
various cybercrime such as Distributing spam or DDOS.
2. Fileless Zombies: The problem with traditional malware is that they leave traces on the
affected systems. Fileless Zombie operates in memory and it almost leaves no trail on the
hard drive. These zombies are mostly undetectable from the traditional antivirus software
making them hard to identify and mitigate.
3. IoT Zombies: Many IOT devices such as smart homes medical devices or industrial devices
can be compromised and converted into zombies. These infected devices are a way to
launch a big attack or can be the entry point into a big network
4. Ransomware Zombies: Some malware encrypts the victim’s file, blocks those files in the
victim’s computer itself, and demands money to decrypt those files. This type of attack is
said to be a ransomware attack. These attacks can become a zombie controlled by a
ransomware controller.
5. Social Engineering Zombies: These zombies are not devices or computers they refer to
individuals who manipulate others to give sensitive information by using social
engineering tactics. Attackers use techniques such as fake websites, phone calls, or phishing
emails to manipulate people into providing sensitive information or making them install
malware by themselves.
Types of Viruses:-
1. File Infector Viruses: These viruses attach themselves to executable files (such as .exe or .dll
files) and infect them. When the infected file is executed, the virus activates and may spread
to other files on the system.
2. Boot Sector Viruses: These viruses infect the boot sector of storage devices, such as hard
drives or USB drives. When the infected device is booted, the virus loads into memory and
can infect the system's files or spread to other devices.
3. Polymorphic Viruses: Polymorphic viruses have the ability to change their appearance (i.e.,
their code) each time they infect a new file or system. This makes them difficult to detect
using traditional antivirus software, as their signatures change with each infection.
4. Ransomware: Ransomware encrypts the victim's files and demands payment (usually in
cryptocurrency) in exchange for the decryption key. It can spread through infected email
attachments, malicious websites, or vulnerabilities in software.
5. Spyware: Spyware is designed to secretly monitor and collect information about a user's
activities, such as browsing habits, keystrokes, or personal data. It can be used for malicious
purposes, such as identity theft.
S.
No. PHISHING PHARMING