Skip to content

Attacks

  • malware
  • [[social engineering]]
  • network attacks

  • [[physical security]]/attacks

  • wireless jamming - needs to be pretty close

  • radio frequency jamming

  • crypto attack

    • birthday attack -> hash collisions md5
    • downgrade attack - force ppl to use weaker enc (2014 [[SSL-TLS]] POODLE, SSL 3.0)

  • OSI model attacks

    • application - exploit
    • presentation - phishing
    • session - hijacking
    • transport - reconaissance
    • network - MITM
    • data link - [[spoofing]]
    • physical - sniffing

  • app design attacks

  • attacks on AI

    • poison training data
    • evasion attacks -> jailbreak

prevention

  • supply chain security
    • can you trust your hardware
    • use small supplier base
    • strict control over policy/procedure in supplier
  • local or cloud computing