|
Conference PaperBog'liq MTA Majmua(2021), 1, 4-Karno kartadan foydalanib mantiqiy ifodalarni minimallash, Kalendar reja algoritm, Ishchi dastur(Dasturlash I) 24.11.2021, 1 -amaliyot, 4-Lab, Yurtimiz mustaqillikga erishishidan oldin milliy urf odat, 7-8-mavzuDT larni sertifikatlashtirish, Axborotlarni izlash va ajratib olish fanidan mustaqil ish Mavzu, Abdulla Oripov O\'zbekiston (qasida), 2 lab Yarashov Diyorbek, TATU NF Hemis axborot tizimi, Algo 1-299, prezentatsiya3.2.2.1 Replay Attack
A replay attack is a form of active attack in which a valid data
transmission is maliciously repeated or delayed. A attacker
captures the authorized data and resends them to his personal
use. For example User A wants to transfer some amount to
User C’s Bank account. Both User A & C have account with
Bank B. User A send a electronic message to Bank B,
requesting a fund transfer. User C could capture this message,
and send a second copy to Bank B but Bank B could not have
idea that this is an unauthorized message. Thus User C would
get benefit of fund transfer twice. A replay attack can be
prevented using strong digital signatures that include time
stamps and inclusion of unique information from the previous
transaction such as the value of a constantly incremented
sequence number.
3.2.2.2 Masquerading
Masquerading attack is a type of attack in which one system
assumes the identity of another. It’s a technique used by
attacker to pretend himself as an authorized person in order to
gain access of confidential information in illegal manner [13].
3.2.3
Modification
Modification causes losses of integrity principle. For example a
person did an online transaction of Rs. 100. But the attacker
hack this and modify it to Rs.1000. This is a case of integrity.
Under this attack technique is man of the middle attack
[2][7][14].
3.2.3.1 Man of the middle attack
It is abbreviated as MITM. It is an active internet attack that
attempts to intercept, read and alter the information hovering
between the user of a public network and any requested
website. The attacker uses the illegally gained information for
identity theft and other types of fraud [7].
4. CONCLUSION
Internet security threats will continue to be an issue as long as
information is shared across the world using Internet. This
paper offers a classification and few security solutions for
Internet security attack. The efforts to devise more security
techniques will continue in future to further improve the
efficiency of e-commerce and communications.
|
| |