software attacks

salam.1.malaysia.salam.uitm.

In Introduction Information System I have learn about Software attacks. well, for now software attacks have been occurring in which malware(malicious software) tried to infect as many computers worldwide as possible. Cybercriminals are heavily involved with malware attacks to make money and they use complicated attacks typically via the Internet. There are variety of software attacks.

(1) Virus - Segment of computer code that performs malicious actions by attaching to another computer program.


(2) Worm - Segment of computer code that performs malicious actions and will replicate, or spread, by itself (without requiring another program).


(3) Trojan Horse - Software programs thar hide in other programs and reveal their designed behavior only when they are activated.




(4) Back Door(Trap Door) - Typically a password, known only to the attacker, that allows him or her to access a computer system at will, without having to go through any security procedures.

(5) Logic Bomb - Segment of computer code that is embedded with an organization's existing computer programs and is designed to activate and perform a destructive action at a certain time or date.


(6) Password Attack Dictionary Attack - Attacks that try combinations of letters and numbers that are most likely to succeed, such as all words from a dictionary.


(7) Brute Force Attack - Attacks that massive computing resources to try every possible combination of password options to uncover a password.


The following picture is DES(Data Encryption Standard) cracker circuit board fitted with several deep crack chips which could brute force a DES key in a matter of days:




(8) Denial-of-Service Attack - Attacker sends so many information requests to a target computer system that the target cannot handle them successfully and typically crashes.

(9) Distributed Denial-of-Service Attack - An attacker first takes over many computers, typically by using malicious software. These computers are called zombies or bots. The attacker uses these bots (which form a botnet) to deliver a coordinated stream of information requests to a target computer, causing it to crash.


(10) Phishing Attack - Phishing attacks use deception to acquire sensitive personal information by masquerading as official-looking e-mails or instant messages.



(11) Zero-day Attack - A zero day attack takes advantage of a newly discovered, previously unknown vulnerability in a software product. Perpetrators attack the vulnerability before the software vendor can prepare a patch for the vulnerability.

resource: En. Harun note slide, Introduction Information Systems International Student Version.

No comments: