Hey, I am through. Please find the correct and quality answer in the attached word file.
Attached.

Running head: Network Security Incident Response

Network Security Incident Response

Student Name

Course Name

Instructor Name

Institution Name

Date

1

Network Security Incident Response

2

Types and quantities of attacks encountered often.
1. Active attack
Active attacks comprise of, Wormhole attacks, spoofing attack, Denial of services, Modification,
Sybil and Sinkhole attacks.

Spoofing
Spoofing is the assumption act of the identity of a different computer or program. Forms
of spoofing include IP spoofing, network spoofing, and email spoofing. The most common is the
IP address spoofing or IP spoofing whereby Internet Protocol (IP) packets are created with a
source IP address that is false so as to hide the sender’s identity or to impersonate a different
computing system.

Modification
This attack takes place when a malicious node does modifications in the routing route to
make the sender to send the message via the longest route possible. Creation of a communication
delay between sender and receiver is normally the sole intention of this attack is the creation a

Wormhole
It is also referred to as the tunneling attack and involves an intruder receiving a packet at
a particular point and then tunneling it to a different network node which is malicious. This is
intended to deceive beginners into the assumption that they found the network’s shortest path.

Network Security Incident Response
Denial of services
In this kind of attack which is usually very common, a message is sent by the malicious
node to the node with the purpose consuming the bandwidth of the network so as to interrupt
normal communication between nodes. The malicious node keeps the network node busy doing
nothing thus disrupting normal services (Ingols, 2009). Messages from authenticated nodes will
not be received that message because the network node is kept busy by the malicious node

2. Passive attack
Passive attacks include Eavesdropping, traffic analysis, and Monitoring.
Traffic analysis
In this kind of attack, the hacker or intruder attempts to sense the sender and receiver’s
communication path. An attacker is able to find out the amount of data which is traveling
between sender and receiver route. Traffic analysis does not, however, modify data.

Eavesdropping
It occurs in the mobile ad-hoc network with the intention of finding out some secretive
or information that is confidential during the communication process (Jawandhiya, 2010). This
secret information can be the public or private key of the sender as well as the receiver or any
kind of secret data.

c. Monitoring
In the monitoring attack, the attackers usually read-only status. Reading of the data that
is confidential is possible but editing or modification of the same data is impossible.

3

Network Security Incident Response

4

3. Advance attacks
a. Black hole attack
This is among the most advanced attacking methods whereby the intruder utilizes the
routing protocol in falsely advertising itself as possessing the best path to the node whose
packets it would like to intercept. Attackers utilize the protocol which is based on flooding to
make a request for a particular route from the sender and then makes a replying message that
they have the path that is the shortest to the sender. When this particular message originating
from the attacker reaches the sender before the message reply originating from the real node
does, then the sender considers it as the path that is shortest to the receiver.

b. Rushing attack
This takes place the moment a sender sends packets to the receiver and this packets are
altered by the attacker and then forwarded to the receiver. The attacker performs multiple
duplicate transmission of this packets (Martins, 2010). The receiver then makes the assumption
that...