Network Security - types of threats and attacks in network security:

1. Types of Threats in Network Security

A threat is any potential danger that could exploit a vulnerability in a network to cause harm. Threats can be intentional (like hackers) or unintentional (like system failures).

a. Passive Threats

  • Involve monitoring or eavesdropping on network traffic without altering data.

  • Goal: gather sensitive information.

  • Examples:

    • Eavesdropping on emails or chat messages.

    • Traffic analysis (observing patterns of communication).

b. Active Threats

  • Involve actual attacks that modify, disrupt, or destroy data or network resources.

  • Examples:

    • Unauthorized access to systems.

    • Data tampering.

    • Denial-of-Service (DoS) attacks.

c. Insider Threats

  • Threats originating from within the organization (employees, contractors, or partners).

  • Can be intentional (malicious) or accidental.

  • Examples:

    • Employees stealing sensitive data.

    • Accidental deletion of critical files.

d. External Threats

  • Threats coming from outside the organization, such as hackers or malware authors.

  • Examples:

    • Phishing attacks.

    • Cybercriminals targeting company databases.

2. Types of Attacks in Network Security

An attack is a deliberate attempt to exploit a vulnerability to compromise network security. Attacks are usually classified as passive or active.

A. Passive Attacks

  • Goal: gain information without affecting system resources.

  • Difficult to detect because the attacker does not alter data.

  • Examples:

    1. Eavesdropping – Listening to confidential communication.

    2. Traffic Analysis – Observing the flow of messages to infer patterns.

B. Active Attacks

  • Goal: disrupt, modify, or destroy data or services.

  • Easier to detect than passive attacks.

  • Examples:

1. Denial-of-Service (DoS) and Distributed DoS (DDoS)

  • Makes a network or service unavailable to users.

  • DDoS involves multiple systems attacking simultaneously.

  • Example: Flooding a website with traffic so legitimate users cannot access it.

2. Man-in-the-Middle (MITM) Attack

  • Attacker intercepts communication between two parties.

  • Can eavesdrop, modify, or inject data without detection.

  • Example: Intercepting messages between a bank and a customer.

3. Phishing and Social Engineering

  • Trick users into revealing sensitive information.

  • Methods include emails, fake websites, or phone calls.

  • Example: A fake email asking for your bank password.

4. Malware Attacks

  • Malicious software designed to damage, disrupt, or gain unauthorized access.

  • Types of malware:

    • Virus – Infects files and spreads.

    • Worm – Self-replicates across networks.

    • Trojan Horse – Appears legitimate but hides malicious code.

    • Ransomware – Encrypts files and demands payment.

    • Spyware/Adware – Monitors user activity or displays unwanted ads.

5. SQL Injection and Web Attacks

  • Exploits vulnerabilities in web applications.

  • Examples:

    • SQL Injection – Injecting malicious queries into a database.

    • Cross-Site Scripting (XSS) – Injecting malicious scripts into websites.

6. Password Attacks

  • Attempt to crack or guess passwords to gain unauthorized access.

  • Methods: Brute force, dictionary attacks, credential stuffing.

7. Session Hijacking

  • Attacker takes control of a user’s session to impersonate them.

  • Example: Hijacking a logged-in online banking session.