Docstoc

network threats

Document Sample
network threats Powered By Docstoc
					Network threats                   definition                                                    countermeasure
Denial of Service:                When hackers overflows a network server or web server         Counter measure for this attack is
                                  with frequent request of services to damage the               to reduce the privileges of the user that connected to a
                                  network, the denial of service cannot keep up with them,      server. This will help to reduce the DOS attack. (Scarfone
                                  server could not legitimate client regular requests.          K, 2007)
Man in the Middle Attack:         a man-in-the-middle attack is an active Internet attack       Counter measure for this attack is
                                  where the person attacking attempts to intercept, read        SSL should properly install and it should check before
                                  or alter information moving between two computers             communication with other authorized parties.
Network Sniffing:                 unencrypted data are hacked through network for example       Counter measure for this attack is parties should
                                  an attacker can hack passwords that are not properly          used encryption methods for securing there data.
                                  encrypted during communication
Port Scanning:                    An attacker performs port scans of Internet                   Counter measure for this attack is that firewall is used to
                                  protocol addresses to find vulnerable hosts                   secure the data from port
                                  to compromise.There may be some issues regarding              attacks.
                                  port scanning that could be used by an attacker as Port
                                  80(HTTP) is
                                  always open that is used for providing the web services to
                                  the user
SQL Injection Attack:             SQL injection attacks are the attacks where a hackers uses    Web applications should not use one connection for
                                  the special characters to return the data for                 all transactions to the database. Because if a
                                  example in SQL scripting the query end up with where
                                                                                                SQL Injection bug has been exploited, it can grant
                                  clause that may be modified by adding more information
                                  in                                                            most access to the attacker.
                                  it.
Flooding Attacks                  Flooding attack is basically distributing a great amount of   To stop from attacking the server, Intrusion detection
                                  non-sense requests to a certain service.                      system will
                                  Once the attacker throw a great amount of requests, by        filter the malicious requests, installing firewall.
                                  providing more recourses cloud system will attempt to
                                  work against the requests, ultimately system consume all
                                  recourses and not capable to supply service to normal
                                  requests
                                  from user.
XML Signature Element Wrapping:   Naïve use of XML Signature may result in signed               countermeasures require careful security policy
                                  documents remaining vulnerable to undetected                  specification and correct implementation by signed
                                  modification by an adversary. In the typical usage            message providers and consumers.
                                  of XML Signature to protect SOAP messages, an
                                  adversary may be capable of modifying valid
                                  messages in order to gain unauthorized access to
                                  protected resources
Browser Security:                As a client sent the request to the server by web browser   Vendor should use WS-security
                                 the web                                                     concept on web browsers
                                 browser have to make use of SSL to encrypt the
                                 credentials to authenticate the user.SSL support point to
                                 point
                                 communication means if there is third party, intermediary
                                 host can decrypt the data.
Cloud Malware Injection Attack   Cloud malware injection is the attack that attempts to      authenticity check for received messages
                                 inject a malicious service, application or even virtual
                                 machine into the cloud system depending on the cloud
                                 service models (SaaS, PaaS and IssA)
Flooding Attacks                 One of the common characteristics of the cloud system is    installing a firewall or intrusion detection system (IDS) is
                                 to provide dynamically                                      able to filter malicious requests
                                 scalable resources. Attacker attacks the cloud system       from attacking the server
                                 openly. Flooding attack is basically distributing a great
                                 amount of non-sense requests to a certain service
Incomplete Data Deletion         Adequate or timely data deletion may also be                Virtualized
                                 impossible (or undesirable from a customer                  private networks should use for securing the data and used
                                                                                             the query that will remove the complete data from the
                                 perspective), either because extra copies of data           main servers along with its replica’s.
                                 are stored but are not available, or because the
                                 disk to be destroyed also stores data from other
                                 clients.

				
DOCUMENT INFO
Shared By:
Stats:
views:19
posted:5/13/2012
language:English
pages:2
Description: latest network threats