Τεχνικές επιθέσεων τελικού χρήστη
Client side attacks
View/
Keywords
Επιθέσεις διαδικτυακών εφαρμογών ; Επιθέσεις τελικού χρήστη ; Προσομοίωση ; Κακόβουλο λογισμικόAbstract
This thesis scope is to look into a new, fast growing kind of cyber-attacks. These attacks are performed on the client
side (or better by the end user); that is the reason they are called client side attacks. The attacker's target is to
deceive/manipulate in various ways the end user so as to act carelessly, and to finally take over his system. The
contents of this thesis could be divided in three parts.
The first part seeks out to explain the reasons why this kind of attacks is so preferable, instead of serverside
attacks, and to present the motivations of the attackers. Afterwards, the generic model of a client side attack is
described and the reasons behind the high success rate of such an attack are analyzed. Furthermore, the
predominant and state-of-the-art techniques for client side attacks are analyzed with a separate part on the social
engineering methods. Also, different tools for each technique are suggested.
At the second part, which is the practical one, combined client side attacks are simulated in a lab. The
attacker’s main objective is to achieve remote access of the target's machine. In every scenario in the lab the social
engineering part is thoroughly examined.
At the third and final part, mitigation techniques are proposed in order to protect the end user and reduce
the success rate of client side attacks.
Postgraduate Studies Programme
Προηγμένα Συστήματα ΠληροφορικήςDepartment
Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα ΠληροφορικήςNumber of pages
59Language
GreekCollections
Except where otherwise noted, this item's license is described as
Attribution-NonCommercial-NoDerivatives 4.0 Διεθνές
Attribution-NonCommercial-NoDerivatives 4.0 Διεθνές