What Is A Passive Attack?
A passive attack attempts to learn or make use of information from the system but does not affect system resources. Passive attacks are in nature of eavesdropping on or monitoring of transmission. In other words, the attacks focus on monitoring all the transmission and gaining the data. The attacker does not try to change any data or information he gathered.
Passive attacks are very difficult to detect because they do not involve any alteration of the data. Typically, the massage traffic is not sent and received in an apparently normal fashion and neither the sender nor the receiver is aware that a third party has read the messages or observed the traffic pattern. However, it is practical to prevent the success of these attacks, usually by means of encryption thus, the emphasis in dealing with passive attacks is on prevention rather than detection.
Types of passive attacks include:
- The release of message content
- Traffic analysis
What You Need to Know About Passive Attacks
- Passive attacks attempts to learn or make use of information from the system but does not affect system resources.
- Passive attacks are very difficult to detect because they do not involve any alteration of the data, though there are measures available to prevent successful passive attacks.
- In passive attack, the system is not damaged.
- Passive attacks are performed by collecting the information such as passwords, messages by itself.
- Passive attacks can be prevented.
- Passive attacks pose a danger to the confidentiality of the data.
- Victims are not informed about the attack.
- Passive attacks involve release of message contents and traffic analysis.
- When dealing with passive attacks, emphasis and attention is majorly on prevention.
- In passive attack, the attacker just needs to observe the transmission.
What Is An Active Attack?
An active attack is one in which an unauthorized change of the system is attempted. This could include for example the modification of transmitted or stored data or the creation of new data streams. Due to these attacks, system gets damaged.
It is quite difficult to prevent active attacks absolutely because of the wide variety of potential physical, software and network vulnerabilities. Instead, when dealing with active attacks, the emphasis should be is to detect the attacks and recover from any disruption or delays caused by them. If the detection has a deterrent effect, it may also contribute to prevention.
Types of active attacks include:
- Denial of service (DoS)
- Distributed Denial of Service (DDoS)
- Session replay
- Masquerade
- Message Modification
- Repudiation
- Trojans etc
What You Need To Know About Active Attacks
- Active attacks involve some modification of the data stream or the creation of a false stream.
- Active attacks attempts to alter system resources or affect their operation and therefore easy to detect.
- In active attacks, the system is damaged.
- In active attack, information collected through passive attacks is used during execution of the attack.
- It is quite difficult to prevent active attacks absolutely because of the wide variety of potential physical, software and network vulnerabilities.
- Active attacks pose a threat to the availability and integrity of the original information.
- Victims are informed about the attack.
- Active attacks involve: Disclosure, Traffic Analysis, Masquerade, Content modification, Sequence modification, Timing Modification, Source Repudiation, and Destination Repudiation.
- When dealing active attacks, emphasis and attention is generally on detection.
- The active attack is accomplished by gaining the physical control over the communication link to capture and insert transmission.
Difference Between Passive And Active Attacks In Tabular Form
| BASIS OF COMPARISON | PASSIVE ATTACKS | ACTIVE ATTACKS |
| Description | Passive attacks attempts to learn or make use of information from the system but does not affect system resources. | Active attacks involve some modification of the data stream or the creation of a false stream. |
| Detection | Passive attacks are very difficult to detect because they do not involve any alteration of the data. | Active attacks attempts to alter system resources or affect their operation and therefore easy to detect. |
| System Damage | In passive attack, the system is not damaged. | In active attacks, the system is damaged. |
| Execution | Passive attacks are performed by collecting the information such as passwords, messages by itself. | Information collected through passive attacks is used during execution of the attack. |
| Prevention | Passive attacks can be prevented. | It is quite difficult to prevent active attacks absolutely because of the wide variety of potential physical, software and network vulnerabilities. |
| Threat | Passive attacks pose a danger to the confidentiality of the data. | Active attacks pose a threat to the availability and integrity of the original information. |
| Victims | Victims are not informed about the attack. | Victims are informed about the attack. |
| Involves | Passive attacks involve release of message contents and traffic analysis. | Disclosure, Traffic Analysis, Masquerade, Content modification, Sequence modification, Timing Modification, Source Repudiation, and Destination Repudiation. |
| Emphasis | When dealing with passive attacks, emphasis and attention is majorly on prevention. | When dealing active attacks, emphasis and attention is generally on detection. |
| Attacker’s Task | In passive attack, the attacker just needs to observe the transmission. | The active attack is accomplished by gaining the physical control over the communication link to capture and insert transmission. |