In this video, you will learn to identify and classify the various forms of active and passive attacks. Let's now take a look at a couple of model descriptions for these attacks. So this is how life should work, or normal flow of information. So the information source in this context is Alice, the information destination the receiver is Bob. This is the communication channel described earlier and what we don't see in here are the encryption capabilities, will get to those a little bit later, but this is the normal flow of information from Alice to Bob. So this is an attack that is an interruption of services. So Alice here, tempting to send a message to Bob. Here, has the message disrupted by Trudy, the interceptor in route. So is it a passive or an active attack? Well, it's an active attack because Bob here, will know that the message has not been received at some point. Alice will know that the message that was never delivered. So by the fact that the two recipients Alice and Bob will have knowledge that the message was not delivered. It becomes not a passive attack therefore must be active attack. The traffic analysis files of this is that Bob may say, "Hey I used to get 10 e-mails a day from Alice, so now I'm not getting any. Something's wrong." So we don't know what the content is, but we know that the parameters surrounding the message delivery in itself carries a message. This is an active system. So out of the four models that we talked about masquerade, replay, modification, or denial service. Which of this, obviously the denial of service because truly is simply stopped all messages from going through it. Trudy, getting into play right here on Slide 32. So once again, we have Alice is sending a message to Bob and Trudy, is the interceptor or who is C right here. Now, the only thing that's occurring is the Trudy, is a making a copy of the message traffic moving from Alice to Bob. So the question here, is this a passive or active attack? Well, I would argue that it's a passive attack, because Alice sends a message to Bob. Bob receives a message from Alice, it can be authenticated, it makes sense, it can have some mechanisms in place to explain to test for modification, and all of those paths. So it's a legitimate message. The only thing is that Trudy, the interceptor has a copy of the message. So given that, what is the effect of this? So none of these are in play because its not an active, but the potential for this is going to be disclosure from Trudy. A WikiLeaks dump sending the copy of the email to the boss. Whenever bad people do with copies of information between good people would come into play right there. Other attack, is the modification phase. So once again we have Alice, we have Bob who are sending a message. Now, notice this time that the message path does not go directly from Alice to Bob, but vectors down and goes through Trudy. So the opponent, that's Trudy intercepts the message and forwards a modification of that message to Bob and appearing to come from the original source. So what kind of attack is this is? Is a passive or an active attack? Well, obviously, it's an active attack. Because Trudy is intercepting the message and choosing to modify that and send it along with it appearing that it had come from Alice. So this is a masquerade. Well, yes. So that she is modifying, Trudy modifying the message to appear to come from Alice. So Trudy is appearing to be Alice the sender. Is it a replay? Well, it could be. We never really talk about when it sent, is the message modified? It is absolutely modified. Denial of service? No, it's not. Now, let's take a look at a fabrication model. So here, if you'll notice Alice, never sends Bob a message. She's sitting there minding her own time, she may be a sleep. Trudy sends Bob a message. "Let's go to lunch". This is Alice. So she is appearing to represent Alice in the context of this. This could also be anything else, it could be a service, it could be bank your calling you up to change say, "Hey, go change your password." Then we're going to put in place some mechanisms to intercept that password. So it appears to come from a legitimate source. So our questions again, passive versus active? Well, it's obviously active. It is a masquerade because Trudy is appearing to be Alice in communicating to Bob. So this is a serious type of an attack because Kathy actually isn't doing it. I mean excuse me, Alice isn't actually doing it. They didn't. So from her perspective there's nothing wrong. So now we have only one element and because it appears to come from Alice that awareness of the security attack maybe delay. Another denial of service. So in this one, once again, Alice is attempting to send Bob a communication but Trudy intercepts this, prevents the transmission to Bob. So what happens here? So Alice sends Bob a message. Trudy intercepts that, Alice thinks it's been delivered. Because, in this case, there's obviously no message delivery verification. So a questions about this being passive or active? It's obviously active, because Trudy's taking an event, taking an action changes the state of the system. So what type of an active system? I would view this actually as a denial of service, because of changing the state of the system and preventing a service from occurring. The service is message delivery, does not occur, meets the definition formal for denial of service, and Trudy, because she's got a copy of the message, can then release this content to an unauthorized third parties. This was a dangerous style of attack.
