Shulou(Shulou.com)06/03 Report--

In this issue, the editor will bring you about what the cyber attack is. The article is rich in content and analyzes and narrates it from a professional point of view. I hope you can get something after reading this article.

Network attack (Cyber Attacks, also known as cyber attack) refers to any type of attack against computer information systems, infrastructure, computer networks or personal computer devices. Network attack is to make use of the loopholes and security defects of the network information system to attack the system and resources.

For computers and computer networks, destroying, exposing, modifying, disabling software or services, stealing or accessing data from any computer without authorization, will be regarded as an attack in the computer and computer network.

Network attack is to make use of the loopholes and security defects of the network information system to attack the system and resources. The threats faced by network information systems come from many aspects and will change with time.

From a macro point of view, these threats can be divided into man-made threats and natural threats. Natural threats come from various natural disasters, harsh site environment, electromagnetic interference, natural aging of network equipment and so on. These threats are aimless, but they will damage the network communication system and endanger the security of communication.

The man-made threat is a man-made attack on the network information system, which can destroy, deceive and steal data information in an unauthorized way by looking for the weakness of the system.

Compared with the two, the well-designed threat of man-made attack is difficult to guard against, many kinds and large quantity. From the point of view of the destruction to the information, the attack type can be divided into passive attack and active attack.

Attack classification

1. Active attack

Active attacks can lead to tampering of some data streams and the generation of false data streams. This kind of attack can be divided into tampering, falsifying message data and terminal (denial of service).

(1) tampering with messages

Tampering with a message means that some parts of a legitimate message are changed or deleted, and the message is delayed or changed in order, usually used to produce an unauthorized effect. If you modify the data in the transmission message, change "allow A to perform operations" to "allow B to perform operations".

(2) forgery

Forgery means that an entity (person or system) sends out data information containing the identity information of other entities, pretending to be other entities, so as to deceive and obtain the rights and privileges of some legitimate users.

(3) denial of service

Denial of service is often referred to as DoS (Deny of Service), which will cause the normal use or management of communication equipment to be interrupted unconditionally. It usually destroys the whole network to achieve the purpose of reducing performance and terminal services. Such an attack may also have a specific target, such as blocking all packets to a particular destination, such as the security audit service.

2. Passive attack

In a passive attack, the attacker does not make any changes to the data information. Interception / eavesdropping means that the attacker obtains the information or related data without the consent and approval of the user. It usually includes eavesdropping, traffic analysis, cracking weakly encrypted data streams and other attacks.

(1) Traffic analysis

Traffic analysis attacks are suitable for some special occasions, such as sensitive information is confidential. Although the attacker cannot get the true content of the message from the intercepted message, the attacker can also observe the patterns of these datagrams, analyze and determine the location of both sides of the communication, the number of communications and the length of the message, and get the relevant sensitive information. this attack is called traffic analysis.

(2) eavesdropping

Eavesdropping is the most commonly used means. Data transmission on the most widely used local area network is based on broadcast, which makes it possible for a host to receive all the information transmitted on the subnet. When the computer's network card works in miscellaneous collection mode, it can transmit all the information transmitted on the network to the upper layer for further analysis. If encryption measures are not taken, all the contents of the communication can be fully mastered through protocol analysis, and the eavesdropping can also obtain information by means of infinite interception. The electromagnetic wave radiated by the network station or the electromagnetic wave radiated by the network connecting equipment is received by a highly sensitive receiving device, and the original data signal is recovered through the analysis of the electromagnetic signal so as to obtain the network information. Although sometimes the data information can not be fully recovered by electromagnetic signals, valuable information may be obtained.

Because passive attacks do not make any changes to the attacked information, leaving traces are good, or do not leave traces at all, so it is very difficult to detect, so the focus of combating such attacks is to prevent, including virtual private network VPN, the use of encryption technology to protect information and the use of switched network equipment. Passive attacks are not easy to detect, so they are often the prelude to active attacks.

Although passive attacks are difficult to detect, measures can be taken to prevent them effectively, but it is very difficult to prevent attacks effectively, and the cost is too high. the main technical means to combat active attacks are detection and timely recovery from the damage caused by attacks. At the same time, detection also has a certain deterrent effect, which can also prevent attacks to a certain extent. Specific measures include automatic audit, intrusion detection and integrity recovery.

The above is what the cyber attack is shared by the editor. If you happen to have similar doubts, you might as well refer to the above analysis to understand. If you want to know more about it, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.