International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056

Volume: 06 Issue: 03 | Mar 2019 www.irjet.net p-ISSN: 2395-0072

CYBER ATTACKS AND ITS DIFFERENT TYPES

Jibi Mariam Biju1, Neethu Gopal2, Anju J Prakash3
1,2Mtech, CSE Department, Sree Buddha College of Engineering, Kerala, India
3Assistant Professor, CSE Department, Sree Buddha College of Engineering, Kerala, India
---------------------------------------------------------------------***----------------------------------------------------------------------
Abstract - Technology has made human life more than the untargeted as they are specifically made. Examples
straightforward as it brings everything to our finger tips. The includes spear phishing, deploying a botnet, subverting the
invention of computers and mobile phones brought us higher supply chain etc.
attainment with time and they played a vital role in
accomplishing our day to day task with ease both in Untargeted attack: In this kind of attack, the attacker targets
professional as well as in personal lives. They are not only a as many devices or users widely. Here the attacker may take
simple means of gaining information and communication but the advantage of the openness of the internet. Examples
also a means for data storing and data warehousing i.e we can include phishing, ransomware, scanning.
store much important information on them. They include
The different stages involved in most of the cyber-attack are
credit card details, passwords, user credential information etc.
survey, delivery, breach and affect.
Most of these data are stored in plain text and can be easily
obtained. Cyber criminals aim at getting the information,  Survey- In order to determine the possible threat
gaining access to information between a client and a server by information about the target is analyzed.
spreading malware and thereby gaining unauthorized access
which is known as cyber-attack. There are different types of  Delivery- Attending to the factor in a machine in
cyber-attacks and there is a need to be aware of such attacks which a vulnerability can be exploited.
in order to protect ourselves from attackers. This paper
provides an overview of different cyber-attacks and how it can  Breach – Exploiting the vulnerabilities to take the
be prevented. advantage of unauthorized access.
Key Words: Cyber Attacks, Cyber Security, Malwares  Affect - Carrying out activities within a device that
reap the attacker’s goal.
1. INTRODUCTION
3. TYPES OF CYBER ATTACK
Cyberattack is a kind of attack that targets computer or
computer network in an attempt to steal, alter or destroy 3.1 Denial-of-service (DoS) and distributed denial-
any critical data present in it. The attacker can be any
of-service (DDoS) attacks
individual or a process that gain unauthorized access or use.
Cyber-attack can be operated either by an individual or by A denial-of-service attack overruns the system resources so
groups. The aim of cyber-attack is to get the information that it cannot answer to the service request. The host
system of an individual or a management. Cyberattack make machine which are affected by malicious software that are
use of malicious code and hence it changes the computer controlled by an attacker launches DDoS attack. In this kind
data, code or logic. This leads to disruptive effects and of cyber-attack, the machine or network resources are made
compromise data and lead to cybercrimes such as theft of unavailable for the intended user by disturbing the service of
information and identity. the host which is connected to the internet. TCP SYN flood
attack, teardrop attack, smurf attack, ping-of-death attack
2. WORKING OF CYBER ATTACK
and botnets are the different type of DoS and DDoS attacks.
If cyber-attack is executed by an experienced and skilled
rival, it may involve many repeated pages. Hence by It is very difficult to prevent DoS attack as it is very
understanding the different kind of attacks and the stages challenging to differentiate a legitimate one from a malicious
involved in it, one could protect himself from the attack. traffic request as they use same port and protocol. In order
Attacks can be grouped into two types: targeted and un- to protect the system from denial-of-service attack, make
targeted. sure that the system contain IDS, DDoS protection product. It
is necessary to ensure that there is surplus of bandwidth
Targeted attack: In this kind of attack, the attacker has a internet connection on a particular organization. As there is
special concern on a particular organization or has been paid large bandwidth for service traffic requests, it helps to
to target such organization. The preparation of such attack protect against low-scale DDoS attacks.
may take long time so as to find best way to carry out the
exploit to the system. The targeted attack causes more threat

© 2019, IRJET | Impact Factor value: 7.211 | ISO 9001:2008 Certified Journal | Page 4849
 International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 06 Issue: 03 | Mar 2019 www.irjet.net p-ISSN: 2395-0072

3.2 Man-in-the-middle (MitM) attack Updating the software quickly and regularly, removal of
unwanted software applications and browser plug-in, by
using firewall and web filtering software can be used to
A MitM attack takes place when a third party comes in
prevent drive-by download attack. Moreover, any kind of
between the communication of a client and a server. The
malicious software can enter itself into a system without any
third party impersonates both the client and the server and
explicit permission when we are using a privileged account
gain access to the information between them. This kind of
whenever to browse the internet. Such entry to the system
attack makes a threat actor to seize, sent and receive the
can be prevented by keeping two separate account. One can
data which intended for someone else others. A MITM attack
be used for daily activities and other can be used for
misuses the real time operation of transactions,
administrator account for installing software.
communication or exchange of other information. The
different types of man-in-the-middle attack includes session
3.5 Password Attack
hijacking, IP spoofing and reply. An intrusion detection
system can be set up in order to avoid man-in-middle attack. The most common method to authenticate user is to use
It helps to give immediate alert if someone tries to hijack the passwords and obtaining such passwords is an effective
network flow. Virtual private network can also be used to attack approach. Password attack is the technique in which
prevent man-in-middle attack. This helps to create user’s password is obtained or decrypted by illegitimate
additional secure layers when accessing a company’s means. User password can be obtained by looking around
confidential layer via Wi-Fi. the user’s desk, by guessing, accessing password database,
sniffing the network connection to get the plaintext
3.3 Phishing attacks password etc. Password sniffers, dictionary attacks, cracking
programs are the different methods used by the cyber
Phishing attack is the means of sending fraudulent emails
criminals in password attack. By changing the passwords
that seems to come from trusted sources. The main goal of
frequently, using unrecognizable words and minimum length
this kind of attack is gaining personal and credential
can the different means by which password attack can be
information. Phishing attack is a form of social engineering
defended. Brute force and dictionary attack are the two main
and technical trickery. It is in the form of emails which
techniques in which password can be obtained. Brute force is
consists of embedded hyperlinks that loads malware onto
a random method in which different passwords are tried
our system. Sometimes this link also leads to an illegitimate
expecting that one password will word whereas the later
website that makes us to download malware or give up our
method gain access to a user’s computer and network.
personal information. To get sensitive data phishing attack
make use of some media tools, messages, calls etc. whaling,
3.6 SQL Injection Attack
spear phishing, pharming and deceptive are the different
phishing techniques.
SQL (Structured Query Language) is a computer language
In order to reduce the risk of phishing attack, critical that is used to store, manipulate and retrieve data stored in
thinking, hovering over the links, analyzing email headers the database. SQL language uses commands like select,
and sandboxing can be used. Moreover, by giving awareness update, delete to perform the required task. SQL can also
among the organization employees as well as for individuals execute queries against the database, insert records to the
we can prevent phishing attack to some extent. database and can create new tables in the database. SQL
Injection (SQI) attack make use of malicious code in order to
3. 4. Drive-by- download attack access information by manipulating database at the backend.
This information may include any sensitive organization
Drive-by-download attack is a common kind of cyber-attack details, customer/ user private data etc. This may result in
carried out by the cyber criminals to spread malware and the illegal viewing of the user data, deletion of the table data
gain unauthorized access. This attack occurs when a and unauthorized attack of database.
computer becomes infected by a malicious software by
simply visiting a website. The user does not need to click An attacker who wants to execute SQL injection will
anywhere to get infected, that’s why it is called” drive-by” manipulate a standard SQL query to exploit vulnerabilities in
download attack. Here the criminals often use a legitimate a database that are not validated. Attackers can also use mis-
website and inject a malicious object inside the web pages. filtered characters to alter SQL commands. There are several
The users cannot observe the infections and range from effective ways to prevent and protect against SQLI attacks if
malicious JavaScript code to iFrames, links, redirects, cross- they occur. Input validation can be performed to identify
site scripting, and other malicious elements. At the time unlawful user inputs which is the writing code practice that
when a user visits that infected web page, malicious codes can. But this method is not much suitable as the mapping of
are automatically loaded into the user’s browser. Then it all legal and illegal inputs is not feasible. Because of this,
suddenly scans the computer security vulnerabilities in the usually a web application firewall (WAF) is used to remove
operating system and other applications. out SQLI. Signature recognition, IP reputation and other

© 2019, IRJET | Impact Factor value: 7.211 | ISO 9001:2008 Certified Journal | Page 4850
 International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 06 Issue: 03 | Mar 2019 www.irjet.net p-ISSN: 2395-0072

security methods can also be used to identify and block SQL signature. Hash function processed message produces a
injections with a minimum of false positives. message digest of fixed length. This message digest
exclusively defines the input message as it is independent of
3.7 Cross-site scripting (XSS) attack the length of the input message. Birthday attack is the
process of finding two arbitrary message that generate same
Cross-site scripting is a common type of injection attack that message digest when processed by a hash function. If the
inserts malicious code into a trusted web site or into a sender calculated message digest is same as that of the
sensitive web application. In other words, XSS occurs when message digest calculated by an attacker, the attacker can
the attacker injects a malicious code or JavaScript into replace the message of sender with attacker message.
website’s database. The intruder injects malicious JavaScript Thereby the receiver of the message cannot recognize the
code into the end user’s webpage and make him/her to message as fraud as it shows same message digest.
download the webpage. The browser of the victim executes
the malicious script within the response, sending the cookies 3. 10 Malware Attack
of the victim to the server of the attacker. There are three
main types of XSS attack: Persistent XSS, Reflected XSS and Malware attack is a class of cyberattack in which malicious
DOM based XSS. In persistent XSS, malicious code arose from software is installed into the user’s computer without any
the website’s database whereas in case of Reflected XSS, consent of the user. This is what we called now as virus,
malicious code arose from the victim’s request. DOM based spyware or ransomware etc. Malicious code is attached to
XSS is an alternate for above mentioned methods. Here the the legitimate code, get propagated and executed by
vulnerability is present in the client side not in the server themselves. Malwares are able to access private network,
side. Cross-site scripting can be prevented either by interrupt certain computing operation, steal sensitive
encoding or validation. Encoding escapes the user input so information or any other user data and thereby making
that the browser interprets it only as data, not as code and money illicitly from the target. Now a day, malware aims
validation filters the user input to be interpreted by the more at business or financial information than any
browser as code without malicious commands. credential personal information. Most common type of
malware includes:
3.8 Eavesdropping attack
 Virus: A malicious software that get attached to any
Also known as sniffing or snooping attack. Eavesdropping
computer program, replicate and modify codes
attack deals hacking data that are sent through digital
when executed. It can spread either by downloading
devices. Attacker uses insecure network for communication
a file or running any program.
and examines send and receive data. As they do not show
any abnormal operation during transmission via network,  Worms: spread across computers or networks via
this kind of attack are very hard to detect. Using this method email attachments. This may result in denial-of-
an attacker can obtain various information like credit card service attacks
number, password and other sensitive information that are  Trojans: One of the most danger malware which
sent across the network. Attacker may introduce sniffer on a has malicious function. It hides in a useful program
computer or server to perform the eavesdropping attack and do not replicate like viruses.
seize data during transmission. This attack can be of two  Ransomware: A type of malicious software that
types: Passive Eavesdropping and Active Eavesdropping. locks out the user data and threatens user unless a
Passive Eavesdropping takes place by listening to the ransom is paid. It is very difficult to prevent this
message transmission in the network, attacker uncovers the attack even though the code is simple.
data. In Active Eavesdropping, attacker get the data by  Spyware: A kind of malware that inspects the user
pretending himself as a friendly unit and sending transmitter activity without user approval and report it to the
queries. Use of an anti-virus software, firewall, virtual attacker.
private network, encryption and avoiding the public network
for transmitting sensitive data helps to prevent 4. CONCLUSION
eavesdropping attack.
Cyberattacks are one of the most ambiguous factors which is
3.9 Birthday Attack quickly and constantly evolving that causes threat to
computer or computer networks. Cyber criminals have
Birthday attack is a kind of cryptographic attack belonging to introduced different hacking techniques and causes
a brute force attack class. It works on the principle of individual as well as business sectors more vulnerable to
birthday problem in probability theory. This attack can be security problems. This paper outlined about the most
used to misuse the exchange of information between more common cyberattacks that are used by the attackers in order
than two parties. Birthday attacks are carried out using hash to compromise our critical information. These attacks cause
algorithms to check the message integrity, software or digital a negative impact on the integrity, confidentiality and

© 2019, IRJET | Impact Factor value: 7.211 | ISO 9001:2008 Certified Journal | Page 4851
 International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 06 Issue: 03 | Mar 2019 www.irjet.net p-ISSN: 2395-0072

security of the system as well as the network. The major BIOGRAPHIES

thing that we can do is to protect ourselves from attack is to
understand about the possible threat and take required
steps to safeguard the system and network.
Jibi Mariam Biju, she is currently
REFERENCES pursuing M.tech in Computer
Scinece and Engineering in Sree
[1] Cyber-Attacks-Different types and its prevention Buddha College of Engineering,
methods,https://www.cisco.com/c/en/us/products/sec Elavumthitta. Her research areas
urity/common-cyberattacks.html include the field of data mining,
cryptography and security.
[2] Top 10 common cyber-attacks and it’s counter measures
https://blog.netwrix.com/2018/05/15/top-10-most-
common-types-of-cyber-attacks.html

[3] Andreea Bendovschi, “Cyber-attacks – trends, patterns

and security countermeasures” in ResearchGate, 2016.
Anju J Prakash is working as
[4] Antesar M.Shabut,” Cyber Attacks, Countermeasures, Asst.Professor in computer science
and Protection Schemes–AState of the Art Survey”, 2016 and engineering in Sree Buddha
10th International Conference on Software, Knowledge, College of engineering, meanwhile
Information Management & Applications.
pursuing her PhD in the field of
[5] L. Meyer ; W.T. Penzhorn “Denial-of-service (DoS) and image processing or data mining
distributed denial-of-service (DDoS) attacks”, IEEE from Noorul Islam Centre for
AFRICON 2004 higher education.
[6] Oliver Eigner “Detection of Man-in-the-Middle Attacks
on Industrial Control Network”, 2016 International
Conference on Software Security and Assurance
https://www.veracode.com/security/man-middle- Neethu Gopal, she is currently
attack.html pursuing Master’s Degree in
Computer Science and Engineering
[7] Tommy Chin, Member, IEEE, Kaiqi Xiong, Senior in Sree Buddha College of
Member, IEEE, and Chengbin Hu, “PhishLimiter: A
Engineering, Elavumthitta, Kerala,
Phishing Detection.
India. Her research area of interest
[8] Aditya K. Sood,” Drive-By Download Attacks A includes the field of Security and
Comparative Study”, IEEE Computer Society,2016 Blockchain Technology.
[9] Hong-Ning Dai ; Hao Wang ; Hong Xiao ; Xuran Li ; Qiu
Wang, “On Eavesdropping Attacks in Wireless Network”

[10] Rahul Raveendranath ; Venkiteswaran Rajamani ; Anoop

Joseph Babu ; Soumya Kanti Datta, “Android malware
attacks and countermeasures: Current and future
directions”

© 2019, IRJET | Impact Factor value: 7.211 | ISO 9001:2008 Certified Journal | Page 4852