An Entity of Type: Thing, from Named Graph: http://dbpedia.org, within Data Space: dbpedia.org

A man-on-the-side attack is a form of active attack in computer security similar to a man-in-the-middle attack. Instead of completely controlling a network node as in a man-in-the-middle attack, the attacker only has regular access to the communication channel, which allows him to read the traffic and insert new messages, but not to modify or delete messages sent by other participants. The attacker relies on a timing advantage to make sure that the response he sends to the request of a victim arrives before the legitimate response.

Property Value
dbo:abstract
  • Ein Man-on-the-Side-Angriff ist ein aktiver Angriff im Gebiet der Netzwerksicherheit, bei dem ein Angreifer eine Anfrage des Opfers schneller beantwortet als der angefragte Dienst.Anders als bei einem Man-in-the-Middle-Angriff braucht der Angreifer nicht die vollständige Kontrolle über die Kommunikation zwischen den beiden angegriffenen Systemen. Es reicht, wenn er wie ein normaler Teilnehmer den Netzverkehr mitlesen und neue Nachrichten in das Netzwerk einspeisen kann. Der Angreifer benötigt lediglich eine niedrige Latenz, damit seine Antwort auf eine Anfrage des Opfers vor der eigentlichen Antwort ankommt. Der Angreifer kann mit seinem Antwortpaket Malware auf dem Rechner des Opfers platzieren. Der Angriff ist schwierig auszuführen, da der Angreifer eine privilegierte Position im Netzwerk, beispielsweise im Backbone, einnehmen muss, um den benötigten Timing-Vorteil zu bekommen. (de)
  • A man-on-the-side attack is a form of active attack in computer security similar to a man-in-the-middle attack. Instead of completely controlling a network node as in a man-in-the-middle attack, the attacker only has regular access to the communication channel, which allows him to read the traffic and insert new messages, but not to modify or delete messages sent by other participants. The attacker relies on a timing advantage to make sure that the response he sends to the request of a victim arrives before the legitimate response. In real-world attacks, the response packet sent by the attacker can be used to place malware on the victim's computer. The need for a timing advantage makes the attack difficult to execute, as it requires a privileged position in the network, for example on the internet backbone. Potentially, this class of attack may be performed within a local network (assuming a privileged position), research has shown that it has been successful within critical infrastructure. The 2013 global surveillance revelations revealed that the US National Security Agency (NSA) widely uses a man-on-the-side attack to infect targets with malware through its QUANTUM program. GitHub suffered such an attack in 2015. The Russian Threat Group might have suffered a similar attack in 2019. (en)
  • Em segurança de computadores, um ataque man-on-the-side é uma forma de ataque semelhante ao man-in-the-middle. Ao invés de controlar totalmente um nó da rede, como ocorre no man-in-the-middle, o atacante tem apenas acesso regular ao canal de comunicação, que o permite ler o tráfego de dados e inserir novas mensagens sem, no entanto, poder modificar ou deletar mensagens enviadas por outros participantes. Para garantir que a resposta enviada pelo atacante à requisiçao da vítima chegue antes da resposta legítima, ele precisa contar com uma vantagem de tempo. Em situações reais, o pacote de resposta enviado pelo atacante pode ser usado para infectar o computador da vítima com código malicioso. A necessidade de se ter uma vantagem de tempo torna o ataque difícil de ser executado, uma vez que exige uma posição privilegiada dentro da rede, por exemplo, no backbone de Internet. As revelações de vigilância global de 2013 mostram que a NSA, por meio de seu programa QUANTUM, utiliza bastante este tipo de ataque para infectar alvos com malware. (pt)
  • 旁观者攻击(英語:man-on-the-side attack)是计算机安全领域中一种主动攻击的形式。 (zh)
dbo:wikiPageID
  • 42209881 (xsd:integer)
dbo:wikiPageLength
  • 14817 (xsd:nonNegativeInteger)
dbo:wikiPageRevisionID
  • 1091810165 (xsd:integer)
dbo:wikiPageWikiLink
dbp:wikiPageUsesTemplate
dct:subject
gold:hypernym
rdfs:comment
  • 旁观者攻击(英語:man-on-the-side attack)是计算机安全领域中一种主动攻击的形式。 (zh)
  • Ein Man-on-the-Side-Angriff ist ein aktiver Angriff im Gebiet der Netzwerksicherheit, bei dem ein Angreifer eine Anfrage des Opfers schneller beantwortet als der angefragte Dienst.Anders als bei einem Man-in-the-Middle-Angriff braucht der Angreifer nicht die vollständige Kontrolle über die Kommunikation zwischen den beiden angegriffenen Systemen. Es reicht, wenn er wie ein normaler Teilnehmer den Netzverkehr mitlesen und neue Nachrichten in das Netzwerk einspeisen kann. Der Angreifer benötigt lediglich eine niedrige Latenz, damit seine Antwort auf eine Anfrage des Opfers vor der eigentlichen Antwort ankommt. (de)
  • A man-on-the-side attack is a form of active attack in computer security similar to a man-in-the-middle attack. Instead of completely controlling a network node as in a man-in-the-middle attack, the attacker only has regular access to the communication channel, which allows him to read the traffic and insert new messages, but not to modify or delete messages sent by other participants. The attacker relies on a timing advantage to make sure that the response he sends to the request of a victim arrives before the legitimate response. (en)
  • Em segurança de computadores, um ataque man-on-the-side é uma forma de ataque semelhante ao man-in-the-middle. Ao invés de controlar totalmente um nó da rede, como ocorre no man-in-the-middle, o atacante tem apenas acesso regular ao canal de comunicação, que o permite ler o tráfego de dados e inserir novas mensagens sem, no entanto, poder modificar ou deletar mensagens enviadas por outros participantes. Para garantir que a resposta enviada pelo atacante à requisiçao da vítima chegue antes da resposta legítima, ele precisa contar com uma vantagem de tempo. (pt)
rdfs:label
  • Man-on-the-Side-Angriff (de)
  • Man-on-the-side attack (en)
  • Ataque man-on-the-side (pt)
  • 旁观者攻击 (zh)
owl:sameAs
prov:wasDerivedFrom
foaf:isPrimaryTopicOf
is dbo:wikiPageRedirects of
is dbo:wikiPageWikiLink of
is foaf:primaryTopic of
Powered by OpenLink Virtuoso    This material is Open Knowledge     W3C Semantic Web Technology     This material is Open Knowledge    Valid XHTML + RDFa
This content was extracted from Wikipedia and is licensed under the Creative Commons Attribution-ShareAlike 3.0 Unported License