Security and privacy of electronic banking by
Yüklə 159,16 Kb. Pdf görüntüsü
|
|
6.
Denial of Service Attacks Denial of service attacks are used to overload a server and render it useless. The server is asked repeatedly to perform tasks that require it to use a large amount of resources until it can no longer function properly. The attacker will install virus or Trojan software onto an abundance of user PC’s and instruct them to perform the attack on a specific server. Denial of service attacks can be used by competitors to interrupt the service of another E-Commerce retailer or by attackers who want to bring down a web server for the purpose of disabling some type of security feature. Once the server is down, they may have access to other functions of a server, such as the database or a user’s system. This allows the attacker the means to install software or disable other security features. IJCSI International Journal of Computer Science Issues, Vol. 9, Issue 4, No 3, July 2012 ISSN (Online): 1694-0814 www.IJCSI.org 441 Copyright (c) 2012 International Journal of Computer Science Issues. All Rights Reserved. 7. Server Bugs Server bugs are often found and patched in a timely fashion that does not allow an attacker to utilize the threat against an E-Commerce web site. However, system administrators are often slow to implement the newest updates, thus allowing an attacker sufficient time to generate a threat. With the millions of web servers in use around the world, thousands often go without timely patches, leaving them vulnerable to an onslaught of server bugs and threats (Khusial, McKegney, 2005). 8. Super User Exploits Super user exploits allow attackers to gain control of a system as if they were an administrator. They often use scripts to manipulate a database or a buffer overflow attack that cripples a system, much like a Denial of Service attack for the purpose of gaining control of the system. Users can create scripts that manipulate a browser into funneling information from sources, such as databases. Despite the various attacks on e-commerce, there are various defenses as (Khusial, McKegney, 2005) noted below. Yüklə 159,16 Kb. Dostları ilə paylaş:
|