Home BCA/BTech JEE RAS RSCIT Blogs
Switch Language हिन्दी
BCA / B.Tech 14 min read

Active and Passive Attacks

Active and Passive Attacks:


Cyber attacks are carried out with the objective of gaining unauthorized access to computer systems, networks, or data. These attacks can be of various types and can be divided into two categories based on their objectives and effects: Active Attacks and Passive Attacks. Both types of attacks play a significant role in the field of internet and network security, and various security measures are used to prevent them. Active and passive attacks are two important aspects of cybersecurity. While active attacks directly harm or disrupt a network or system, passive attacks attempt to secretly steal confidential information. To prevent both types of attacks, strong security measures such as encryption, firewalls, antivirus software, and secure network protocols should be used. Understanding and defending against active and passive attacks is crucial for cybersecurity.

Active Attacks:
Active attacks are those in which the attacker attempts to alter the data on a network or system. In this type of attack, the attacker not only intercepts the data but also tries to change, destroy, or disrupt it. Active attacks are more dangerous because they can disrupt the operation of a system and directly affect network security.

Types of Active Attacks:
  • Man-in-the-Middle Attack: In this attack, the attacker intercepts the communication process between two parties and can alter the data or use it according to their needs.
  • Denial of Service (DoS) Attack: The objective of a Denial of Service attack is to send so much traffic to a network or website that it becomes unavailable to users.
  • Session Hijacking: In a session hijacking attack, the attacker hijacks a user's active session and takes control of it.
  • Masquerade Attack: In this type of attack, the attacker steals the identity of a legitimate user and performs unauthorized actions in their name.
  • Virus and Malware Attack: Viruses and malware are major forms of active attacks, in which the attacker inserts malicious software (Malware) into a system or network, which can damage, destroy, or steal data.

Effects of Active Attacks:
  • Data Loss or Alteration: In an active attack, data can be stolen, altered, or completely destroyed.
  • Network Disruption: This type of attack can disrupt the network and make it unavailable to users.
  • System Damage: Viruses and malware can cause serious damage to the system, and technical assistance may be required to fix it.
  • Theft of Personal and Financial Information: In active attacks, there is a possibility of theft of personal information such as bank details, passwords, and other sensitive data.

Passive Attacks:
Passive attacks are those in which the attacker intercepts the data but does not attempt to change or destroy it. In this type of attack, the attacker secretly listens to or reads the user's communication and collects sensitive information. Passive attacks are difficult to detect because the attacker only reads the data and does not make any changes to the system's functioning.

Types of Passive Attacks:
  • Eavesdropping: Eavesdropping is the most common form of passive attack, in which the attacker listens to or reads the user's network traffic and can steal their confidential information such as passwords, credit card details, etc.
  • Traffic Analysis: In traffic analysis, the attacker analyzes the data packets being sent over the network. In this, even without reading the data, important information can be extracted from the pattern and volume of the data.
  • Passive Wiretapping: In this type of attack, the attacker intercepts the network's cable or wireless signal to obtain data information. Devices are used to capture the data.

Effects of Passive Attacks:
  • Breach of Privacy: In passive attacks, users' confidential information can be stolen, such as emails, passwords, and banking information.
  • Preparation for New Attacks: An attacker can use the information obtained from a passive attack to plan a future active attack.
  • Difficult to Detect: Since passive attacks do not disrupt the data, it can be difficult to detect and defend against them.

In this Chapter

Active and Passive Attacks
Network Security
Models of Network & Cryptography
MANET (Mobile Ad-Hoc Network)
Web Security
Email Security
Phishing
SET (Secure Electronic Transaction)
Cyber Ethics
Server Management
VPN (Virtual Private Network)
Malware
DDoS Attack
What is a Botnet?
What is a Backdoor Attack?
What is a Hash Function?
IP Security (IPSec)
IP Spoofing
Proxy Server
SSL (Secure Sockets Layer)
Viruses
Spyware
Flooding Attacks
Hacking
Buffer Overflow
Information Warfare
L2TP (Layer 2 Tunneling Protocol)
DES (Data Encryption Standard)
Brute-Force Attack
Transposition Techniques
Caesar Cipher
Avenues of Attack
What is SSH (Secure Shell)?
Identity Theft | What is Identity Theft?
PGP & Hashing
Virus Scanner | What is a Virus Scanner?
Virus Dropper | What is a Virus Dropper?
Fog Computing | What is Fog Computing?
MDS & HTTPS | What are MDS & HTTPS
DNS | What is the Domain Name System
Kerberos Protocol | What is the Kerberos Protocol
Diffie-Hellman Key Exchange
Teardrop Attack | What is a Teardrop Attack
Digital Signature | What is a Digital Signature
Kali Linux | What is Kali Linux
Symmetric & Asymmetric Encryption in Hindi
IPv4 & IPv6 | IPv4 vs IPv6