A threat to a computing system is a set of circumstances that has the potential to cause loss or harm. It is a potential violation of security, means that it is a possible danger that might exploit the vulnerability.
The attack is an assault on system security that derives from an intelligent threat, an i.e. attack is an intelligent act that is an intentional attempt to evade security services and violate the security policy of a system.
Threats can be categorized into four classes:
- Disclosure- Unauthorized access to information Snooping
- Deception- Acceptance of false data Modification, Spoofing, denial of receipt, Repudiation of origin
- Disruption- Interruption of correct operation Modification
- Usurpation- Unauthorized control of some part of system
- Modification, Spoofing, denial of service, delay
Snooping- It is an unauthorized interception of information. It is passive, means that some entity is listening to communications or browsing the system information. Passive wiretapping is an example of snooping where attackers monitors the network communications.
Spoofing / Masquerading- It is an impersonation of one entity by another. E.g.: if a user tries to log into a computer across the internet but instead reaches another computer that claims to be the desired one, the user has been spoofed. Delegation is basically authorized spoofing. The difference is that the ones to which authority is delegated does not impersonate the delegator; he/she simply asserts authority to act as an agent for the delegator. So masquerading is a violation of security, whereas delegation is not.
Repudiation of origin- A false denial that an entity sent something, is a form of deception.
Denial of receipt- A false denial that an entity received some message or information, is a form of deception.