In this video, you will learn to describe how an action taken by a human with intent to violate security, constitutes an attack. Under the attacks on architecture. So let's begin with some definition of terms, right? Is that we will define an attack as an action by a human with an intent to violate security. So it doesn't matter by the way, whether the attack succeeds rather whether the vulnerability is successfully transformed into an exploit. So the attack is the exploit, whether it succeeds or not is somewhat epidemic, the attack has occurred. Now there is intermediaries obviously between the human and the enterprise system. So there's protocols, proxies, but somewhere somebody started the chain of events that results in an attack. HoloLens, takes a look at the X.800 and describes various types of attacks. We've talked earlier about passive attacks. So we have one type of an attack which is the disclosure side, which is the release of a message content. So this is revealed to unauthorized parties. This is the envelope being opened, the letter being taken out, read and told to another individual. So if the intercept or Trudy, intercept is a message between Bob and Alice, and never reveals the contents of the message that is not a disclosure attack. So it's the interception plus the reveal side of that, that makes for the disclosure side of that. So this is an attack on the confidentiality of the message. The Pharaoh Stallings also spans out of X.800 two forms of passive attacks. So we have traffic analysis or traffic flow analysis also. So traffic analysis is not the revealing of the content which were described on the previous slide. This is being able to ascertain rather content about the sender's actions based on the frequency and the size of the message. So for example, if we were able to ascertain that a lot of message traffic had been sent between a system administrator and a database administrator that was significantly above the normal level of activity, we could ascertain there is a problem with the data architecture. Perhaps there is a leak, storage problem, right? But something that says, this is above a threshold and because it's above the threshold and who the sender is, who the receiver is, the types of message, the frequency, the size of them, the temporal aspects, right? When they are sent, then we can actually derive content from that. So this also is an attack on the confidentiality of the message so that a third party is gaining insight into the sender's intent by the application of traffic flow analysis. So we talked about the masquerade attack that we talked about the four styles on attacks earlier. This is the impersonation of a known or authorized user or a system interestingly about or a system. So this could be, for example, Trudy pretending to be Alice and communicating with Bob, that's a masquerade. Additionally, it could be Trudy setting up a fake service appearing to be Google, that Alice communicates with for the collection of passwords and usernames. Both of those are a masquerade end of it. So there is a failure here of authentication and identification. So in the Google approach, the system that Trudy had created to impersonate Google, sends to Alice, "Hi, I'm Google," and Alice moves on as if it was Google, when in fact it doesn't. So we fail on the identity phase, we fail on the authentication phase, that Trudy's fake Google system spooked fooled Alice on the actual source on the service, and when Alice sends Bob, it's the authentication of the origin of the service that's employed.