Categories of Information Security Threats

Here, we will discuss about the categories of information security threats. Now let us define the following terms

• Information Security
• Network
• Host
• Application

Information Security:- Information Security is defined as “the protection of information from unauthorized access”. Since, information is the critical asset to any organization, we need to use, store and transmit information securely.

Network:- Network is defined as “the group of computers which use some set of protocols for communication through which the resources can be shared”. Here, we can transmit information from one system to another system through communication channel.

Host:- Host is defined as “any network device connected to another device via internet” which can share and consume resources. We can also say that every server can be called as a host.

Application:- Application can be defined as “a program or software which can perform a specific function to an end user or for some another application”. The code for an application resides on web server and users access the application through web browser.

Now, we will discuss about Information security threat categories. Information security threat categories are of “three” types which are as follows:

• Network Threats
• Host Threats
• Application Threats

Network Threats:- As discussed above, that the information is transmitted from one system to another through communication channel, we define Network Threats as “the attacker who breaks into communication channel and steals the information traveling over the network”. Some of the examples of networks threats are listed below.

• Information Gathering
• Spoofing
• Man-in-the-Middle Attack
• DNS Poisoning
• Session Hijacking, etc.

Host Threats:- As discussed above, that host is a device that connects to another device via internet, we define Host Threats as “the attackers who try to breach the security of the system and obtain valuable information from the system”. Some of the examples of host threats are as follows.

• Malware Attacks
• Foot-printing
• Password Attacks
• Arbitrary Code Execution
• Privilege escalation, etc.

Application Threats:- As discussed above, that application is a software or program, we define Application Threats as “exploiting the vulnerabilities present in an application to steal or destroy data”. If improper security measures were taken while developing, deploying, and maintaining the vulnerabilities of an application will be found. Some of the examples of application threats are listed below.

• Security misconfiguration
• Buffer Overflow issues
• Broken Session Management
• SQL Injection
• Cryptography Attacks, etc.