The IT Law Wiki

Active attack

32,077pages on
this wiki
Add New Page
Add New Page Talk0

Definitions Edit

Electronic messages Edit

An active attack is an attempt "to alter system resources or affect their operation."[1] It includes the falsification of data and transactions through such means as: (1) alteration, deletion, or addition; (2) changing the apparent origin of the message; (3) changing the actual destination of the message; (4) altering the sequence of blocks of data or items in the message: 5) replaying previously transmitted or stored data to create a new false message; or (6) falsifying an acknowledgement for a genuine message.[2]

System security Edit

An active attack is

[a]n attack on the authentication protocol where the attacker transmits data to the claimant or verifier. Examples of active attacks include a man-in-the-middle, impersonation, and session hijacking."[3]
[a]n actual assault perpetrated by an intentional threat source that attempts to alter a system, its resources, its data, or its operations.[4]

References Edit

  1. IETF Network Working Group, Internet Security Glossary, Version 2 (RFC 4949) (Aug. 2007).
  2. Id.
  3. NIST, Electronic Authentication Guideline 4 (NIST Special Publication 800-63) (Apr. 2006) (full-text).
  4. NICCS, Explore Terms: A Glossary of Common Cybersecurity Terminology (full-text).

Also on Fandom

Random Wiki