In any computing or communication system, there are entities - people, applications, programs, etc. - which are authorized to use the system. Authorization is specific to both the entity and the actions of that entity such as accessing data. I can withdraw money from my bank account at an ATM6.2 , but I am not authorized to withdraw from someone else's account.
Attacks on a system can be categorized as insider or outsider attacks. Insider attacks involve legitimate users of the system behaving in an unintended or unauthorized manner. When I attempt to withdraw funds from someone else's account at the ATM, I am conducting an insider attack on the system. Most serious security threats seem to be from insiders, which is reminiscent of the old Pogo comic strip conclusion "we have met the enemy and it is us!"
Outsider attacks are conducted by non-legitimate users of the system. If I try to access funds at another bank (at which I have no account) at the ATM, I am likely conducting an outsider attack.
The most common types of attacks are summarized as follows:
1. Masquerade: This is when an entity pretends to be a different entity. For instance, authentication sequences can be captured and replayed after a valid authentication sequence has taken place. In this way, the capturing entity assumes the identity of the entity whose authentication was compromised. A masquerade is thus usually used with some other form of active attack.
2. Replay: This occurs when a message, or part of a message, is repeated to produce an unauthorized effect. For example a valid message containing authentication sequences can be replayed by another entity in order to authenticate itself (as something that it is not).
3. Modification of messages: This occurs when the content of a data transmission is altered without detection and results in an unauthorized effect, as when, for example, a message "Allow Karen Jones to read confidential file 'accounts' "is changed to "Allow Tim Smith to read confidential file 'accounts'".
4. Denial of service: This occurs when an entity fails to perform its proper function or acts in a way that prevents other entities from performing their proper functions. Examples are general, or targeted suppression of messages and/or traffic, or generation of extra traffic or messages intended to disrupt the operation of the network.
5. Trapdoor: When an entity of a system is altered to allow an attacker to produce an unauthorized effect on command or at a predetermined event or sequence of events, the result is called a trapdoor. An example is modification of the password validation process so that, in addition to its normal effect, it also validates an attacker's password.
6. Trojan Horse: When introduced to a system, a Trojan horse has an unauthorized function in addition to its authorized function. A relay that also copies messages to an unauthorized channel is a Trojan horse.