Subject

Web Engineering
---------------------------------------------------------------------

Presentation Topic
“NETWORK ATTACKS”
---------------------------------------------------------------------
Presented by
---------------

---------------
Abdul Basit Khan
(2551 – 2018)
 Presentation Overview

• Network Attacks
• Types of Network Attacks
• Discussing Basic Network Attacks
• Prevention Techniques Against Them
• Conclusion
 Introduction

What is a Network Attack?

A network attack is an attempt to gain unauthorized access to an organization’s network, with the objective of
stealing data or perform other malicious activity.

Types of Network Attacks:

There are two main types of network attacks which are

• Active

• Passive
 Types of Network Attacks
Passive Attack: Attackers gain access to a network and can monitor or steal sensitive information, but without
making any change to the data, leaving it intact.

Active Attack: Attackers not only gain unauthorized access but also modify data, either deleting, encrypting or
otherwise harming it
 Basic Network Attacks

Some basic network attacks are as under:

• Password Based Attack
• Malware Attack
• DDoS Attack
• IP Spoofing
• SQL Injection Attack
• Phishing Attack
 Basic Network Attacks

1- Password Based Attack:

An attack in which repetitive attempts are made to duplicate a valid login or password sequence.

There are three types of Password Based Attack:

• Brute Force Attack
• Dictionary Attack
• Hybrid Attack
Continue…

i- Brute Force Attack

• A brute force attack, also known as an exhaustive search, is a cryptographic hack that relies on guessing possible
combinations of a targeted password until the correct password is discovered. The longer the password, the
more combinations that will need to be tested.

What do hackers gain from Brute Force Attack?

• Profiting from ads or collecting activity data

• Stealing personal data and valuables
• Spreading malware to cause disruptions
• Hijacking your system for malicious activity
• Ruining a website’s reputation
Continue…

ii- Dictionary Attack

• A dictionary attack is a brute-force technique where attackers run through common words and phrases, such as
those from a dictionary, to guess passwords. The fact people often use simple, easy-to-remember passwords
across multiple accounts means dictionary attacks can be successful while requiring fewer resources to execute.
• A dictionary attack is a type of brute-force attack, but it uses a predefined list of passwords that would have a
higher probability of success

iii- Hybrid Attack

• Hybrid brute force attacks: these hackers blend outside means with their logical guesses to attempt a break-in.
A hybrid attack usually mixes dictionary and brute force attacks. These attacks are used to figure out combo
passwords that mix common words with random characters.

• An example of this nature would include passwords such as NewYork1993 or Spike1234

 Basic Network Attacks

2- Malware Attack:

• A malware attack is a common cyber attack where malware (normally malicious software) executes unauthorized

actions on the victim's system

• Examples of common malware include viruses, worms, Trojan viruses, spyware, adware, and ransomware

How does Malware Attack work?

All an attacker needs to do is inject malware into the computer, which will then install itself into the browser without
the user's knowledge. The malware will then record the data that is being sent between the victim and specifically
targeted websites
 Basic Network Attacks
3- DDoS Attack:

• A denial-of-service (DoS) attack is a tactic for overloading a machine or network to make it unavailable.

• The DDoS attack alone doesn’t allow the malicious hacker to breach the security but will temporarily or
permanently render the site offline.

• A botnet usually creates a vast number of requests, which is distributed among previously infected computers.

• E.g. buffer overflow attack, SYN flooding, HTTP get Request Flooding, Ping of death. 
 Basic Network Attacks

Prevention against DDoS Attacks:

• Use Anti-DDos Services (Tools)

• Configure Firewalls and Routers

• Use Load Balancing – (Load balancers also add resiliency by rerouting live traffic from one server to another if a
server falls prey to DDoS attacks or otherwise becomes unavailable.)

• Handle Spikes in Traffic – (Use Content Delivery Network “CDN” {enhances the response time})
 Basic Network Attacks
4- IP Spoofing:

• n IP spoofing, a hacker uses tools to modify the source address in the packet header to make the receiving
computer system think the packet is from a trusted source, such as another computer on a legitimate network, and
accept it.

• This type of attack is common in Denial-of-Service (DoS) attacks, which can overwhelm computer networks with
traffic.

• A variation on this approach uses thousands of computers to send messages with the same spoofed source IP
address to a huge number of recipients. The receiving machines automatically transmit acknowledgement to the
spoofed IP address and flood the targeted server.
 Basic Network Attacks

Prevention against IP Spoofing:

• While IP spoofing can’t be prevented, measures can be taken to stop spoofed packets from infiltrating a network.

• A very common defense against spoofing is ingress filtering.

• Ingress filtering is a form of packet filtering usually implemented on a network edge device which examines
incoming IP packets and looks at their source headers. If the source headers on those packets don’t match their
origin or they otherwise look fishy, the packets are rejected.
 Basic Network Attacks
5- SQL Injection Attacks:

• SQL injection attacks are used to deface the website.

• When an attacker finds out that input fields are not sanitized properly, he can add SQL strings to maliciously craft
a query which is executed by the web browser.

• He may store malicious/unrelated data in the database; when the website is requested, it will show irrelevant data
on the website, thus displaying a defaced website.

“Use Stored Procedures”

“Sanitize data by limiting
special characters”
“Validate user inputs”
 Basic Network Attacks

6- Phishing Attacks:

• Phishing Attack is the practice of sending emails that appear to be from trusted sources with the goal of gaining
personal information or influencing  users to do something.

• It could involve an attachment to an email that loads malware onto your computer.

• It could also be a link to an illegitimate website that can trick you into downloading malware or handing over
your personal information.
 Conclusion

Finishing off with a quote:

“Let’s face it: the future is now. We are already living in a cyber society, so we need to stop ignoring it or pretending
that is not affecting us.”

-Marco Ciapelli
 THANK YOU
---------------------------------------------------------------------

ANY QUERIES???
Feel free to Ask..!!