1.2 Attack Types Flashcards
what is malware?
malicious software
what is a virus
A virus is malware that can reproduce itself, but i needs the user to launch
what is crypto-malware
malicious software (malware) that is designed to mine cryptocurrencies without the consent of the computer’s owner
what is a rootkit
malicious software program designed to provide unauthorized access and control over a computer or computer network
what is malware
can reproduce its self
needs you to execute a program
reproduce through a file system or the network
Boot sector virus
This is a virus that exists in the boot sector of your storage device, and when you start your computer, the virus itself is launched
Macro virus
usually running inside of another application. commonly associated with Microsoft Office apps.
fileless virus
virus that never installs itself or saves itself as a file on your file system
never saving itself to the storage drive, then it may be able to evade the antivirus software.
operates solely in the memory of the computer
click a link - run as a Flash file, a Java file or a windows vulnerability in powershell
worm
does not need user input and can move from system to system itself
RAT
remote access Trojan, or remote administration tool.
PUP
Potential unwanted program
Password hash
hashing of a password takes the password and represents the password as a string of text information. We call this a message digest. You’ll sometimes hear this referred to as a fingerprint. It’s a cryptographic algorithm that cannot be reversed
SHA-256
Password hashing algorithim
spraying attack
use some very common passwords and only try a few of them before moving on, inorder not to get locked out.
brute force attack
try every combination of letters, numbers, special characters, or anything that could make up a password
brute force off line
with a list of username and passwords an off line brute force is used inorder to prevent a lockout
dictionary attack,
used to gain unauthorized access, trying a large number of possible passwords or passphrases from a precompiled list of words
rainbow table
database that contains a massive number of optimized hashes
challenge: each type of application or operating system may use a different method to create that hash: have different rainbow tables that are specific to that particular application or that particular operating system
salt
random data added to the password before it is hashed
there’s is randomness that has been added to every single password
machine learning
important during the learning process that all of the data going into the machine learning is legitimate. retrain with new data occasionally and make sure that the machine learning is always up to date. use some of the same techniques that the attackers are using just to make sure that your machine learning process does not become vulnerable.
cryptographic attacks
an attempt to compromise the security of a cryptographic system or algorithm by exploiting its vulnerabilities, weaknesses, or limitations
Known-Plaintext Attack
the attacker has access to both the plaintext and its corresponding ciphertext. This knowledge is used to deduce the encryption key or algorithm.
Chosen-Plaintext Attack
attacker can choose specific plaintexts to be encrypted and observe the corresponding ciphertexts. This attack helps the attacker gather information about the encryption process and potentially recover the key.
Chosen-Ciphertext Attack
the attacker can select ciphertexts and obtain their decrypted versions, which can reveal information about the encryption process and potentially lead to key recovery.
Side-Channel Attack
does not target the encryption algorithm directly but focuses on information leaked by the physical implementation of the system, such as power consumption, electromagnetic emissions, or timing data.
Collision Attack
A collision attack attempts to find two different inputs (e.g., messages) that produce the same hash value in a cryptographic hash function
MD5
Message Digest Algorithm version 5
downgrade attack
sit-in the middle and influence that conversation, you could have the two sides downgrade to a type of encryption that might be very easy to break
