EDUCBA

Home Software Development Software Development Tutorials Network Security Tutorial Types of Attack

Types of Attack

By Swati TawdeSwati Tawde

Types of Attack

Introduction to Types of Attack

A cyber-attack is an invasion of networks and operating systems. It uses malicious files to manipulate computer code, logic or data, leading to cybercrimes including theft of information and identity. While we live in a digital age, most people are using computers and the internet. Unauthorized computer operations are increasing and evolving as with any form of crime because of the dependency on digital services. Hence attacks are divided into different types to tackle them faster.

Types of Attack Based on General View

We can classify attacks into the following categories:

Start Your Free Software Development Course

Web development, programming languages, Software testing & others

  • Criminal Attacks: In criminal attacks, the aim of the attacker is to maximize the financial gain by attacking computer systems.
  • Publicity Attacks: In publicity attacks, the aim of the attacker is to gain publicity i.e. names appear box TV or newspaper, etc.
  • Legal Attacks: In a legal attack, attackers try to make judge doubtful about the security of the computer system. i.e. attacker attacks on the system and later on tries to convey to the judge that there is a problem within the computer system, it’s not his/her fault. Fraud, scams, identity theft, grand theft, destruction, intellectual property theft are some of the legal attacks.

Types of Attack Based on Technical View

We can classify attacks into two categories:

  • Theoretical Concepts
  • Practical Approach

1. Theoretical Concepts

Based on theoretical concepts, attacks are classified into passive attacks and active attack.

a. Passive Attack

In a passive attack, an attacker cannot modify the original message. Passive attacks are classified into subcategories namely release of message contents and traffic analysis. The release of content is easy to understand when the sender wants to send a message to the receiver, he/she does not want anyone to know about this. i.e. release of content, we can prevent the release of content by encoding the message. However, if many messages with some specific patterns are passing through, attacker can try to find the similarities between them and concludes. Such attempt of analyzing the encoded message to come up with likely pattern is the work of traffic analysis attack.

b. Active Attack

In an active attack, the attacker can modify the contents of the original message. Active attacks are further classified into subcategories namely masquerade, modification, and denial of service. In masquerade attack, an attacker tries to acts as a legitimate user i.e entity poses as another entity, and tries to steal the personal data from users and can use them to get illegal access to the computer system. Modification attacks can be replay or alterations wherein a replay attack, user captures some sequence of events and resend them.

Suppose user X wants to transfer the amount to user Y. X sends a fund transfer request to the bank, user Y capture this message and resend this to a bank. So the bank performs the transaction two times. In alterations attacks, the user made changes in the message and then send it. Assume the replay attack example, in case of alternation Y, makes changes in the amount and sends it to the bank. In denial of service attack, the authorized or legitimate user cannot access the services for which they are eligible. For example, an attacker or unauthorized user might send too many login requests to the server using a random user id and password, so as to flood the network and deny other legitimate users to use the network facilities.

2. Practical Approaches

Based on practical approaches, attacks are classified into two subcategories.

  • Application Level Attack
  • Network Level Attack

a. Application Level Attack

The application-level attack happens at the application level. The attacker tries to access, modify, or can prevent access to the information for a particular application. For example, try to obtain the credit card information of users over the internet, changing the message content to change the amount during transactions over the internet.

b. Network Level Attack

The network-level attack happens at the network level, the aim of these attacks is to reduce the network capabilities by a number of possible means. It generally attempts to slow down the computer network or completely bring to a halt i.e shut down. Note that network-level attack automatically leads to application-level attack, so that someone can get access to the network, also can modify the private information.

Attack Based on Computer

There are some programs that can attack the computer system.

1. Virus

A virus is a computer program that attaches itself to another legitimate program and causes damage to the computer system or to the network.

A virus is classified into the following categories:

  • Memory Resident Virus: It attaches itself to the main area of memory and then can infect the other executable program.
  • Parasitic Virus: This type of virus attach itself to executable files and keep replicating them. Whenever the infected file is executed, the virus looks for other executable files to attach itself and replication for a spread.
  • Boot sector Virus: This type of virus infects the master boot record of the disk and speed itself when the operating system boots computer.
  • Stealth Virus: This type of virus is known for its built-in intelligence, which prevents the anti-virus software program from detecting it.
  • Polymorphic Virus: This type of virus keep changing their signature to prevent itself from detecting it.
  • Metamorphic Virus: This type of virus keep changing their signature and rewrite itself every time to prevent detection.

2. Worm

Worm does not modify the program, instead it replicates itself again and again so that it grows so much that ultimately slows down the network or halt the system.

3. Trojan Horse

It is a hidden piece of code. It can sit into the login screen secretly. When the user enters id and password, the trojan horse can capture it without knowledge of the user and can send the information to the attacker. It allows an attacker to get confidential information about the network or computer.

Recommended Articles

This is a guide to Types of attacks. Here we discuss different types of attack based on a general view, technical view, and computer view. You may also have a look at the following articles to learn more –

  1. Types of DOS Attacks
  2. Types of Cyber Attack
  3. Types of Network Security Attacks
  4. Types of Network Attacks
All in One Excel VBA Bundle
500+ Hours of HD Videos
15 Learning Paths
120+ Courses
Verifiable Certificate of Completion
Lifetime Access
Financial Analyst Masters Training Program
1000+ Hours of HD Videos
43 Learning Paths
250+ Courses
Verifiable Certificate of Completion
Lifetime Access
All in One Data Science Bundle
1500+ Hour of HD Videos
80 Learning Paths
360+ Courses
Verifiable Certificate of Completion
Lifetime Access
All in One Software Development Bundle
3000+ Hours of HD Videos
149 Learning Paths
600+ Courses
Verifiable Certificate of Completion
Lifetime Access
quiz