开发者

Data Integrity attack

I need to construct three examples of different kinds of attacks against the CIA model. Now C and A I had no problems finding lots material for, but I'm having no luck at all finding exaples of Integrity attacks.

I understand that attacks on Integrity ei开发者_如何学Cther aim to make data un-usable or wrong. Making it unusable could propably be made with catching IP packets and scrambling their data. Is this at all correct?

Any tips for searching for this is also helpful as I'm not quite sure of the terms as my studies are not in english. I've tried all variations of "Data Integrity", "Data Integrity Attack" etc., but no luck.


While that kind of integrity is important, it's not what CIA is referring to.

Integrity in this case means "what I sent is what you received." Whether or not what I sent you was valid to begin with is not of concern in terms of the transmission of the data.

For something to have integrity you would have to be able to say with certainty that it has or has not been modified.

So to attack that, you would have to find a way to modify the data/packet in transit (man in the middle?) in such a manner that the recipient wouldn't know it. Can you think of a way to do this, or at least what information/access you would need to devise a technique for this?


Like you stated, an attack on integrity would involve making data incorrect, either subtly or obviously. Think about a student breaking into their school's computer to modify their grades; that is an attack on integrity, since no information is revealed that shouldn't be and the computer remains usable despite the attack.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜