SlideShare a Scribd company logo

Access control attacks by nor liyana binti azman

Download as PPTX, PDF
Hafiza Abas, profile picture
Hafiza Abas

This document discusses different types of access control attacks, including backdoors, spoofing attacks, man-in-the-middle attacks, replays, and TCP hijacking. Backdoors involve bypassing authentication to gain illegal access. Spoofing involves pretending to be someone else to access restricted resources. Man-in-the-middle attacks involve intercepting and relaying messages between victims to make them think they are communicating directly. Replays involve resending valid transmissions to exploit the system. TCP hijacking takes over user sessions by obtaining session IDs. Examples and video links are provided for each type of attack.

Education
1 of 9
Download to read offline
1
2
3
4
5
6
7
8
9
Nor Liyana Binti Azman 14th Mac 2014
Access Control Attacks Example  Backdoor  method of bypassing normal authentication, securing illegal remote access to computer, while attempting to remain undetected. sometimes programmer install a back door so that the program can be accessed for troubleshooting or other purposes Backdoor is security risk, because there is another cracker try to find any vulnerability to exploit. Example: Nimda gains through backdoor left by Code Red. http://www.youtube.com/watch?v=7ZwGvFu9WhY
 Spoofing Attacks attacker pretends to be someone else in order gain access to restricted resources or steal information. type of attack can take a variety of different forms; for instance, an attacker can impersonate the Internet Protocol (IP) address of a legitimate user in order to get into their accounts. http://www.youtube.com/watch?v=z8ySsaRMcI8 Access Control Attacks Example
Spoofing Attacks
 Man-In-The-Middle the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection. It is an attack on mutual authentication http://www.youtube.com/watch?v=N86xJpna9Js Access Control Attacks Example
Man-In-The-Middle
 Replay A form of network attack which a valid data transmission is maliciously repeated or delayed Example: messages from an authorized user who is logging into a network may be captured by an attacker and resent (replayed) the next day  Video: http://www.youtube.com/watch?v=kBCr-vYdgNo Access Control Attacks Example
 TCP hijacking  a method of taking over a Web user session by surreptitiously obtaining the session ID and masquerading as the authorized user. Session hijacking takes advantage of that practice by intruding in real time, during a session. Video: http://www.youtube.com/watch?v=s_XD8heYNrc Access Control Attacks Example
THANKS A LOT

More Related Content

PPS
An introduction to Digital Security - Rishabh Dangwal
Rishabh Dangwal
 
PDF
16 tips to thwart mobile security threats
John Gibson
 
PPTX
ip spoofing by Ipshita Nandy
IpshitaNandy
 
PDF
Mitm - Man in the Middle Attack & its Security
Deepanshu Kapoor
 
PDF
Digital security for journalists laurent eschenauer
Nelly Luna
 
PDF
Tutorial in DEBS 2008 - Event Processing Patterns
Opher Etzion
 
PPTX
Session hijacking
Vishal Punjabi
 
PPTX
Reactconf 2014 - Event Stream Processing
Andy Piper
 
An introduction to Digital Security - Rishabh Dangwal
Rishabh Dangwal
 
16 tips to thwart mobile security threats
John Gibson
 
ip spoofing by Ipshita Nandy
IpshitaNandy
 
Mitm - Man in the Middle Attack & its Security
Deepanshu Kapoor
 
Digital security for journalists laurent eschenauer
Nelly Luna
 
Tutorial in DEBS 2008 - Event Processing Patterns
Opher Etzion
 
Session hijacking
Vishal Punjabi
 
Reactconf 2014 - Event Stream Processing
Andy Piper
 

Viewers also liked (20)

PDF
Comparative Analysis of Personal Firewalls
Andrej Šimko
 
PPT
Debs 2011 tutorial on non functional properties of event processing
Opher Etzion
 
PDF
Installing Complex Event Processing On Linux
Osama Mustafa
 
PDF
Ceh v8 labs module 03 scanning networks
Asep Sopyan
 
PPSX
CyberLab CCEH Session - 3 Scanning Networks
CyberLab
 
PPT
Complex Event Processing with Esper and WSO2 ESB
Prabath Siriwardena
 
PPT
Chapter 12
cclay3
 
PDF
Nmap scripting engine
n|u - The Open Security Community
 
PPT
Debs2009 Event Processing Languages Tutorial
Opher Etzion
 
PPTX
Why Data Virtualization Is Good For Big Data Analytics?
Tyrone Systems
 
PPTX
Tutoriel esper
Laboratoire d'Informatique de Grenoble
 
PDF
Analizadores de Protocolos
Milton Muñoz
 
ODP
Scanning with nmap
commiebstrd
 
PPT
Module 3 Scanning
leminhvuong
 
RTF
Port Scanning Overview
Publicly traded global multi-billion services company
 
PPT
Optimizing Your SOA with Event Processing
Tim Bass
 
PDF
Building Real-time CEP Application with Open Source Projects
Ted Won
 
PDF
Semantic Complex Event Processing with Reaction RuleML 1.0 and Prova 3.0
Adrian Paschke
 
PPTX
NoSQL for Data Services, Data Virtualization & Big Data
Guido Schmutz
 
PPT
Hacking Cisco
guestd05b31
 
Comparative Analysis of Personal Firewalls
Andrej Šimko
 
Debs 2011 tutorial on non functional properties of event processing
Opher Etzion
 
Installing Complex Event Processing On Linux
Osama Mustafa
 
Ceh v8 labs module 03 scanning networks
Asep Sopyan
 
CyberLab CCEH Session - 3 Scanning Networks
CyberLab
 
Complex Event Processing with Esper and WSO2 ESB
Prabath Siriwardena
 
Chapter 12
cclay3
 
Nmap scripting engine
n|u - The Open Security Community
 
Debs2009 Event Processing Languages Tutorial
Opher Etzion
 
Why Data Virtualization Is Good For Big Data Analytics?
Tyrone Systems
 
Tutoriel esper
Laboratoire d'Informatique de Grenoble
 
Analizadores de Protocolos
Milton Muñoz
 
Scanning with nmap
commiebstrd
 
Module 3 Scanning
leminhvuong
 
Port Scanning Overview
Publicly traded global multi-billion services company
 
Optimizing Your SOA with Event Processing
Tim Bass
 
Building Real-time CEP Application with Open Source Projects
Ted Won
 
Semantic Complex Event Processing with Reaction RuleML 1.0 and Prova 3.0
Adrian Paschke
 
NoSQL for Data Services, Data Virtualization & Big Data
Guido Schmutz
 
Hacking Cisco
guestd05b31
 
Ad

Similar to Access control attacks by nor liyana binti azman (20)

PPTX
Internet thchnology
Rajdeep Sahoo
 
PDF
Cyber security
yagyabuttan1
 
PDF
Information Systems Audit - Auditing Information Systems
ssuser557ea5
 
PDF
1 ijaems sept-2015-3-different attacks in the network a review
INFOGAIN PUBLICATION
 
PPTX
Types of Attacks: Attacks can be classified based on their method, target, or...
NAtional Institute of TEchnology Rourkela , Galgotias University
 
PPTX
WPU ICC Template-2 ... Topic. 2.1.4 Methods Infiltration.pptx
Western Pacific University
 
PPTX
Health information security 3 vulnerability threat and risk
Dr. Lasantha Ranwala
 
PDF
Frontier Secure: Handout for small business leaders on "How to be Secure"
Frontier Small Business
 
PDF
Network security chapter 1,2
Education
 
DOCX
social engineering attacks.docx
MehwishAnsari11
 
PPTX
Cyber security
ankit yadav
 
PPT
laudon-traver_ec10_ppt_ch05.ppt
PriyalPatel158383
 
PPTX
Cybersecurity
A. Shamel
 
PPTX
Cyber Security - All Over World
Bhawani Singh Chouhan
 
PDF
Impacts of spoofing- why it’s a serious cybersecurity concern
deorwine infotech
 
PDF
Cloning Attack.pdf
Pellet Stove Inserts
 
PPTX
Man in the middle attack .pptx
PradeepKumar728006
 
PPTX
Computer security
sruthiKrishnaG
 
PPTX
Security & threats Presentation => (Presenter: Komal Mehfooz)
Komal Mehfooz
 
PPTX
Security threats ecom
Vijay Kumar Verma
 
Internet thchnology
Rajdeep Sahoo
 
Cyber security
yagyabuttan1
 
Information Systems Audit - Auditing Information Systems
ssuser557ea5
 
1 ijaems sept-2015-3-different attacks in the network a review
INFOGAIN PUBLICATION
 
Types of Attacks: Attacks can be classified based on their method, target, or...
NAtional Institute of TEchnology Rourkela , Galgotias University
 
WPU ICC Template-2 ... Topic. 2.1.4 Methods Infiltration.pptx
Western Pacific University
 
Health information security 3 vulnerability threat and risk
Dr. Lasantha Ranwala
 
Frontier Secure: Handout for small business leaders on "How to be Secure"
Frontier Small Business
 
Network security chapter 1,2
Education
 
social engineering attacks.docx
MehwishAnsari11
 
Cyber security
ankit yadav
 
laudon-traver_ec10_ppt_ch05.ppt
PriyalPatel158383
 
Cybersecurity
A. Shamel
 
Cyber Security - All Over World
Bhawani Singh Chouhan
 
Impacts of spoofing- why it’s a serious cybersecurity concern
deorwine infotech
 
Cloning Attack.pdf
Pellet Stove Inserts
 
Man in the middle attack .pptx
PradeepKumar728006
 
Computer security
sruthiKrishnaG
 
Security & threats Presentation => (Presenter: Komal Mehfooz)
Komal Mehfooz
 
Security threats ecom
Vijay Kumar Verma
 
Ad

More from Hafiza Abas (20)

PPTX
animated semut dengan menggunakan path animation.
Hafiza Abas
 
PPTX
Teknologi ePembelajaran
Hafiza Abas
 
PPTX
Access Controls Attacks
Hafiza Abas
 
PPTX
Task 6 access_control_attacks_hong_kim_sheng_2
Hafiza Abas
 
PPTX
Example of access control
Hafiza Abas
 
PPTX
SPSS LEVEL 2
Hafiza Abas
 
PPTX
Islamic studies for disabled: teaching Salat for Autism Using Apps
Hafiza Abas
 
PPTX
Quantitative search and_qualitative_research by mubarak
Hafiza Abas
 
PPTX
Chap 15 Method
Hafiza Abas
 
PPTX
Chap 6 Avoiding Ambiguity
Hafiza Abas
 
PPTX
Chapter 14 Review of the Literature
Hafiza Abas
 
PPTX
Chapter 5 Be Concise
Hafiza Abas
 
PPTX
Chapter 13 Introduction in research paper
Hafiza Abas
 
PPTX
Chapter 4 Structuring Paragraph and Sentences
Hafiza Abas
 
PPTX
Chapter 12: Abstract ( english for writing research papers)
Hafiza Abas
 
PPTX
Chapter 3 Breaking up long sentences (ENGLISH FOR WRITING RESEARCH PAPERS)
Hafiza Abas
 
PPT
English for writing research papers (chap 2 and 11)
Hafiza Abas
 
PDF
Assessment vs. evaluation
Hafiza Abas
 
PDF
Rubric
Hafiza Abas
 
PPT
Business Continuity Plan (Introduction)
Hafiza Abas
 
animated semut dengan menggunakan path animation.
Hafiza Abas
 
Teknologi ePembelajaran
Hafiza Abas
 
Access Controls Attacks
Hafiza Abas
 
Task 6 access_control_attacks_hong_kim_sheng_2
Hafiza Abas
 
Example of access control
Hafiza Abas
 
SPSS LEVEL 2
Hafiza Abas
 
Islamic studies for disabled: teaching Salat for Autism Using Apps
Hafiza Abas
 
Quantitative search and_qualitative_research by mubarak
Hafiza Abas
 
Chap 15 Method
Hafiza Abas
 
Chap 6 Avoiding Ambiguity
Hafiza Abas
 
Chapter 14 Review of the Literature
Hafiza Abas
 
Chapter 5 Be Concise
Hafiza Abas
 
Chapter 13 Introduction in research paper
Hafiza Abas
 
Chapter 4 Structuring Paragraph and Sentences
Hafiza Abas
 
Chapter 12: Abstract ( english for writing research papers)
Hafiza Abas
 
Chapter 3 Breaking up long sentences (ENGLISH FOR WRITING RESEARCH PAPERS)
Hafiza Abas
 
English for writing research papers (chap 2 and 11)
Hafiza Abas
 
Assessment vs. evaluation
Hafiza Abas
 
Rubric
Hafiza Abas
 
Business Continuity Plan (Introduction)
Hafiza Abas
 

Recently uploaded (20)

PPTX
CDH. pptx
AneetaSharma15
 
PPTX
TEF & EA Bsc Nursing 5th sem.....BBBpptx
AneetaSharma15
 
PPTX
Python-Application-in-Drug-Design by R D Jawarkar.pptx
Rahul Jawarkar
 
PDF
The-Invisible-Living-World-Beyond-Our-Naked-Eye chapter 2.pdf/8th science cur...
Sandeep Swamy
 
PPTX
Dakar Framework Education For All- 2000(Act)
santoshmohalik1
 
PDF
Health-The-Ultimate-Treasure (1).pdf/8th class science curiosity /samyans edu...
Sandeep Swamy
 
PDF
Virat Kohli- the Pride of Indian cricket
kushpar147
 
PDF
Review of Related Literature & Studies.pdf
Thelma Villaflores
 
PPTX
20250924 Navigating the Future: How to tell the difference between an emergen...
McGuinness Institute
 
PPTX
An introduction to Prepositions for beginners.pptx
drsiddhantnagine
 
DOCX
SAROCES Action-Plan FOR ARAL PROGRAM IN DEPED
Levenmartlacuna1
 
PPTX
CONCEPT OF CHILD CARE. pptx
AneetaSharma15
 
PPTX
Sonnet 130_ My Mistress’ Eyes Are Nothing Like the Sun By William Shakespear...
DhatriParmar
 
PDF
BÀI TẬP TEST BỔ TRỢ THEO TỪNG CHỦ ĐỀ CỦA TỪNG UNIT KÈM BÀI TẬP NGHE - TIẾNG A...
Nguyen Thanh Tu Collection
 
PPTX
Basics and rules of probability with real-life uses
ravatkaran694
 
PPTX
How to Manage Leads in Odoo 18 CRM - Odoo Slides
Celine George
 
PPTX
Software Engineering BSC DS UNIT 1 .pptx
Dr. Pallawi Bulakh
 
PPTX
CARE OF UNCONSCIOUS PATIENTS .pptx
AneetaSharma15
 
PDF
Module 2: Public Health History [Tutorial Slides]
JonathanHallett4
 
PPTX
Five Point Someone – Chetan Bhagat | Book Summary & Analysis by Bhupesh Kushwaha
Bhupesh Kushwaha
 
CDH. pptx
AneetaSharma15
 
TEF & EA Bsc Nursing 5th sem.....BBBpptx
AneetaSharma15
 
Python-Application-in-Drug-Design by R D Jawarkar.pptx
Rahul Jawarkar
 
The-Invisible-Living-World-Beyond-Our-Naked-Eye chapter 2.pdf/8th science cur...
Sandeep Swamy
 
Dakar Framework Education For All- 2000(Act)
santoshmohalik1
 
Health-The-Ultimate-Treasure (1).pdf/8th class science curiosity /samyans edu...
Sandeep Swamy
 
Virat Kohli- the Pride of Indian cricket
kushpar147
 
Review of Related Literature & Studies.pdf
Thelma Villaflores
 
20250924 Navigating the Future: How to tell the difference between an emergen...
McGuinness Institute
 
An introduction to Prepositions for beginners.pptx
drsiddhantnagine
 
SAROCES Action-Plan FOR ARAL PROGRAM IN DEPED
Levenmartlacuna1
 
CONCEPT OF CHILD CARE. pptx
AneetaSharma15
 
Sonnet 130_ My Mistress’ Eyes Are Nothing Like the Sun By William Shakespear...
DhatriParmar
 
BÀI TẬP TEST BỔ TRỢ THEO TỪNG CHỦ ĐỀ CỦA TỪNG UNIT KÈM BÀI TẬP NGHE - TIẾNG A...
Nguyen Thanh Tu Collection
 
Basics and rules of probability with real-life uses
ravatkaran694
 
How to Manage Leads in Odoo 18 CRM - Odoo Slides
Celine George
 
Software Engineering BSC DS UNIT 1 .pptx
Dr. Pallawi Bulakh
 
CARE OF UNCONSCIOUS PATIENTS .pptx
AneetaSharma15
 
Module 2: Public Health History [Tutorial Slides]
JonathanHallett4
 
Five Point Someone – Chetan Bhagat | Book Summary & Analysis by Bhupesh Kushwaha
Bhupesh Kushwaha
 

Access control attacks by nor liyana binti azman

  • 1. Nor Liyana Binti Azman 14th Mac 2014
  • 2. Access Control Attacks Example  Backdoor  method of bypassing normal authentication, securing illegal remote access to computer, while attempting to remain undetected. sometimes programmer install a back door so that the program can be accessed for troubleshooting or other purposes Backdoor is security risk, because there is another cracker try to find any vulnerability to exploit. Example: Nimda gains through backdoor left by Code Red. http://www.youtube.com/watch?v=7ZwGvFu9WhY
  • 3.  Spoofing Attacks attacker pretends to be someone else in order gain access to restricted resources or steal information. type of attack can take a variety of different forms; for instance, an attacker can impersonate the Internet Protocol (IP) address of a legitimate user in order to get into their accounts. http://www.youtube.com/watch?v=z8ySsaRMcI8 Access Control Attacks Example
  • 5.  Man-In-The-Middle the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection. It is an attack on mutual authentication http://www.youtube.com/watch?v=N86xJpna9Js Access Control Attacks Example
  • 7.  Replay A form of network attack which a valid data transmission is maliciously repeated or delayed Example: messages from an authorized user who is logging into a network may be captured by an attacker and resent (replayed) the next day  Video: http://www.youtube.com/watch?v=kBCr-vYdgNo Access Control Attacks Example
  • 8.  TCP hijacking  a method of taking over a Web user session by surreptitiously obtaining the session ID and masquerading as the authorized user. Session hijacking takes advantage of that practice by intruding in real time, during a session. Video: http://www.youtube.com/watch?v=s_XD8heYNrc Access Control Attacks Example