Difference between revisions of "Attack"

Revision as of 12:22, 19 January 2024

Full Title or Meme

A program that attempts to exploit a Vulnerability

Models

Threat models are assessed according models like the ISO 29115 standard (ISO/IEC JTC 1/SC 27 2013), which describes standardized attack vectors for an IT system: ● Online/offline guessing (repeatedly trying out the credentials or keys) ● Credential duplication (copy of credentials and their keys) ● Phishing (interception of credentials via fake websites/emails and social manipulation) ● Eavesdropping ● Replay attack (reuse of recorded messages) ● Session hijacking ● Man-in-the-middle attack (MitM; active attacker positions himself between the communication partners and pretends to be the respective counterpart) ● Credential theft ● Spoofing and masquerading

References

Difference between revisions of "Attack"

Revision as of 12:22, 19 January 2024

Full Title or Meme

Models

References

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools

Sidebar Links

@@ Line 1: / Line 1: @@
 ==Full Title or Meme==
 A program that attempts to exploit a [[Vulnerability]]
+==Models==
+Threat models are assessed according models like the ISO 29115 standard (ISO/IEC JTC 1/SC 27 2013), which describes standardized attack vectors for an IT system:
+● Online/offline guessing (repeatedly trying out the credentials or keys)
+● Credential duplication (copy of credentials and their keys)
+● Phishing (interception of credentials via fake websites/emails and social manipulation)
+● Eavesdropping
+● Replay attack (reuse of recorded messages)
+● Session hijacking
+● Man-in-the-middle attack (MitM; active attacker positions himself between the communication partners and pretends
+to be the respective counterpart)
+● Credential theft
+● Spoofing and masquerading
 ==References==
 [[Category: Glossary]]