Principles of Cyber Security
P
P
r
r
i
i
n
n
c
c
i
i
p
p
l
l
e
e
s
s
o
o
f
f
C
C
y
y
b
b
e
e
r
r
S
S
e
e
c
c
u
u
r
r
i
i
t
t
y
y
L
e
c
t
u
r
e
1
2
:
T
r
a
d
i
t
i
o
n
a
l
C
i
p
h
e
r
s
_
V
I
D
r
.
M
u
a
m
e
r
M
o
h
a
m
m
e
d
O
b
j
e
c
t
i
v
e
s
1
2
.
1
D
e
s
c
r
i
b
e
t
h
e
d
i
f
f
e
r
e
n
t
t
y
p
e
s
o
f
n
e
t
w
o
r
k
i
n
g
-
b
a
s
e
d
a
t
t
a
c
k
s
.
A
t
t
a
c
k
s
o
n
N
e
t
w
o
r
k
s
•
Threat actors place a high priority on targeting networks in their
attacks
•
Exploiting a single network vulnerability can expose hundreds or
thousands of devices
•
Attacks that target a network or a process that relies on a network
include:
•
Interception attacks
•
Layer 2 attacks
•
DNS attacks
•
Distributed denial of service attacks
•
Malicious codding and scripting attacks
A
t
t
a
c
k
s
o
n
N
e
t
w
o
r
k
s
•
Man-in-the-Middle (MITM)
•
In an MITM, a threat actor is positioned in a communication between
two parties
•
The goal of an MITM attack is to eavesdrop on the conversation or
impersonate one of the parties
•
A typical MITM attack has two phases:
•
The first phase is intercepting the traffic
•
The second phase is to decrypt the transmissions
A
t
t
a
c
k
s
o
n
N
e
t
w
o
r
k
s
•
Man-in-the-Middle (MITM).
A
t
t
a
c
k
s
o
n
N
e
t
w
o
r
k
s
•
Man-in-the-Middle (MITM)
•
Session Replay
•
A
replay
attack makes a copy of a legitimate transmission before sending it to
the recipient
•
Attacker uses the copy at a later time
•
Example: capturing logon credentials
•
Threat actors use several techniques for stealing an active session ID:
•
Network attacks (hijacks and altered communication between two users)
•
Endpoint attacks (cross-site scripting, Trojans, and malicious JavaScript coding)
T
T
h
h
a
a
n
n
k
k
y
y
o
o
u
u
Threat actors prioritize targeting networks to exploit vulnerabilities, leading to various attacks such as interception, DNS attacks, and MITM attacks. MITM attacks involve eavesdropping on communications or impersonating parties, with techniques like session replay to steal credentials. Implementing robust network security measures is crucial in safeguarding against these threats.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
E N D
Presentation Transcript
Principles of Cyber Security Lecture Lecture 12 12: : Traditional Traditional Ciphers_VI Ciphers_VI Dr. Dr. Muamer Muamer Mohammed Mohammed 1
Objectives 12.1 Describe the different types of networking-based attacks.
Attacks on Networks Threat actors place a high priority on targeting networks in their attacks Exploiting a single network vulnerability can expose hundreds or thousands of devices Attacks that target a network or a process that relies on a network include: Interception attacks Layer 2 attacks DNS attacks Distributed denial of service attacks Malicious codding and scripting attacks 3
Attacks on Networks Man-in-the-Middle (MITM) In an MITM, a threat actor is positioned in a communication between two parties The goal of an MITM attack is to eavesdrop on the conversation or impersonate one of the parties A typical MITM attack has two phases: The first phase is intercepting the traffic The second phase is to decrypt the transmissions 4
Attacks on Networks Man-in-the-Middle (MITM). 5
Attacks on Networks Man-in-the-Middle (MITM) Session Replay A replay attack makes a copy of a legitimate transmission before sending it to the recipient Attacker uses the copy at a later time Example: capturing logon credentials Threat actors use several techniques for stealing an active session ID: Network attacks (hijacks and altered communication between two users) Endpoint attacks (cross-site scripting, Trojans, and malicious JavaScript coding) 6
