Computers

Difference Between Active Attack and Passive Attack

ADVERTISEMENT
CONTINUE READING BELOW

Main Difference

The main difference between an active attack and a passive attack is that in an active attack, the attacker makes modifications to the information and also intercepts the connection, whereas, in the passive attack, the attacker interrupts the connection to read and analyze the information and does not cause any damage.

Active Attack vs. Passive Attack

In an active attack, the attacker modifies the information and also interrupts the link, whereas, in the passive attack, the attacker interrupts the connection to read and analyze the information and does not cause any damage. The active attack results in the loss and changes to the data information and infrastructure. In contrast, the passive attack does not result in changes to the data information but planned to gather or use that information. The modification of information occurs in an active attack, whereas, in the passive attack, the modification of information does not take place.

ADVERTISEMENT
CONTINUE READING BELOW

In an active attack, the individual gets a notification about the attack, while in a passive attack, the individual is unaware of the attack. The active attack threatens the integrity and availability of data; on the other hand, the passive attack threatens the confidentiality of data. The active attack focuses on detection, whereas the passive attack focused on prevention. An active attack causes harm to the system and its resources, while a passive attack does not cause such harm to the system.

An active attack is easy to detect, while a passive attack is hard to detect. In an active attack, alterations and loss of the data occur. In the passive attack, the target is to gain information, and no data is changed. The active attacker tries to cause a noise disturbance in the data transmission. The passive attacker can’t cause a noise disturbance or error bits in the original message.

ADVERTISEMENT
CONTINUE READING BELOW

Comparison Chart

Active AttackPassive Attack
Definition
A security incident that occurs and results in the loss and changes to the data information and infrastructure.A security incident that does not result in changes to the data information but planned to gather or use that information.
System Harm
An active attack causes harm to the system and its resources.The passive attack does not cause harm to the assets.
Modification of data
In an active attack, the modification of information occurs.In a passive attack, no information is modified.
Risk of
It risks data integrity and data availability.It risks data confidentiality.
Attack Alertness
The individual gets a notification about the attack.The individual is uninformed of the attack.
Noise in data
The attacker tries to cause a noise disturbance in the data transmission.The attacker can’t cause a noise disturbance or error bits in the original message.
Focus on
The active attack focuses on the detection.Its focus is on prevention.
Target
In an active attack, alterations and loss of the data occur.In the passive attack, the target is to gain information, and no data is changed.
Detection
Easy to detect.Hard to detect.

What is an Active Attack?

An active attack refers to hacking as the attacker not only observes the data but also causes harm to the system and its resources by directly accessing the hardware on which the data resides. The active attacker tries to cause a noise disturbance in the data transmission by putting error bits in the transmission. In an active attack, the modification and loss of the data information threaten data availability and data integrity.

An active attack is easy to detect because the individual gets a notification about the attack when an unauthorized user tries to access the data illegally. In an active attack, the modification of information takes place that results in the loss and changes to the data information and infrastructure. An active attack emphasizes detection.

Types

  • Denial of service (DoS): The attacker sends a large number of requests to slow down the server by which the authorized user cannot get a response from the server. The attacker accesses the stream by blocking the legal user.
  • Session replay: A sequence of data units is captured and resent by the attackers.
  • Masquerade: The attacker uses a false identity and behaves like an authorized user by taking the privileged status; it grabs all the data.
  • Message modification: Some portion of the message is altered, reordered, or delayed.

What is Passive Attack?

In the passive attack, the attacker interrupts the connection to read and analyze the information but does not cause any damage as the attacker cannot update or modify the data, which is also known as eavesdropping. The passive attacker can’t cause a noise disturbance or error bits in the original message. The passive attack looks less harmful, but it is hard to detect as the individual is unaware of the attack, and damage can be severe if the right information is obtained, e.g., bank or credit card information, meeting papers, etc.

Passive attacks can be interrupted by using encryption methods. That is why the passive attack focuses on prevention. The passive attack can be used to gather information to launch a more adverse active attack. The passive attack does not result in the loss of the system assets. It threatens data confidentiality.

Types

  • Traffic analysis: If we encrypt the message, the information is protected even if the attacker captured the message. He monitors communication traffic to collect information about identities, locations, length of the exchanged message, and to identify the pattern of the encryption used.
  • Release of message contents: The attacker monitors the unprotected medium like a telephonic conversation or an email that contains sensitive data.

Key Differences

  1. An active attack is a security incident that results in loss and changes to the data information and infrastructure. In contrast, the passive attack does not result in changes to the data information but planned to gather or use that information.
  2. The active attack causes harm to the system and its resources; on the other hand, in the passive attack, the resources are not damaged.
  3. In an active attack, the modification of the information occurs conversely in the passive attack; the modification of the information does not take place.
  4. The active attack threatens the integrity and availability of data on the flip side; the passive attack threatens the confidentiality of data.
  5. The active attack focuses on detection, while the passive attack focuses on prevention.
  6. An active attack is easy to detect, while a passive attack is hard to detect.
  7. In an active attack, the individual gets a notification about the attack, whereas, in a passive attack, the individual is unaware of the attack.
  8. In an active attack, alterations and loss of the data occur; on the other hand, in a passive attack, the target is to gain information without any change in data.
  9. In an active attack, the attacker tries to cause a disturbance in the data transmission, whereas in a passive attack, the attacker can’t cause disturbance or error bits in the original message.

Conclusion

The passive attack is hard to detect as there is no sign of modification of data, and the individual is unaware of its occurrence, whereas an active attack results in the loss of data and information as a lot of data is manipulated and damaged. An active attack is easy to detect as the individual gets a notification about the attack.

ADVERTISEMENT
Harlon Moss

Harlon currently works as a quality moderator and content writer for Difference Wiki. He graduated from the University of California in 2010 with a degree in Computer Science. Follow him on Twitter @HarlonMoss