Section 19.182 Replay Attacks

Question 1

Replay Attacks

Answer 1

Type of network-based attack where valid data transmissions are maliciously or fraudulently re-broadcast, repeated, or delayed

■ Involves intercepting data, analysing it, and deciding whether to retransmit it later

Example Let’s say an attacker’s able to capture the session that occurs when you log into your bank
with your username and password. Now, they could then replay that session to the bank at a later time and attempt to log in as you. This is the basic premise of a replay attack. And then reuse them to gain unauthorized access to the system.

Question 2

Credential Replay Attack

Answer 2

Specific type of replay attack that Involves capturing a user’s login credentials during a session and reusing them for unauthorised access

Question 3

Different from a Session Hijack

Session Hijack

Answer 3

● In a Session Hijack, the attacker alters real-time data transmission

● In a Replay Attack, the attacker intercepts the data and then can decide
later whether to retransmit the data

Question 4

Applications of Replay Attacks

Answer 4

Not limited to banking; can occur in various network transmissions

● Email
● Online shopping
● Social media

■ Common in wireless authentication attacks, especially with older encryption protocols like WEP (Wired Equivalent Privacy)

Question 5

Preventing Replay Attacks

Answer 5

■ Use session tokens to uniquely identify authentication sessions

■ Session tokens are generated for each session, making it challenging for attackers to replay sessions

■ Implement multi-factor authentication to require additional authentication
factors, making replay more difficult

■ By using multi-factor authentication, attackers lack the necessary additional
information to replay login sessions

■ Implement security protocols like WPA3 (Wi-Fi Protected Access 3) to mitigate replay attack threats