Difference Between Active And Passive Attacks: An Easy Guide In 2022

Ajay Ohri


Active and passive attacks both fall in the family of security attacks, with a few underlying points that differentiate them. Security attacks are typically computer attacks that jeopardize the security of the system. These security attacks are further classified into active attacks and passive attacks, where the hacker gets unlawful access to the system’s recourses. Want to gain more knowledge about these attacks? Continue reading to know the same.

  1. What is Active attack?
  2. What is Passive attack?
  3. Difference between them
  4. Examples
  5. Types

1) What is Active attack?

Active attacks are attacks in which the hacker attempts to change or transform the content of messages or information. These attacks are a threat to the integrity and availability of the system. Due to these attacks, systems get damaged, and information can be altered. The prevention of these attacks is difficult due to their high range of physical and software vulnerabilities. The damage that is done with these attacks can be very harmful to the system and its resources.  

The good thing about this type of attack is that the victim is notified about the attack. So, instead of prevention, the paramount importance is laid on detecting the attack and restoration of the system from the attack. An active attack typically requires more effort and generally have more difficult implication. Some protective measures that can be taken against this kind of attack are:

  • Making use of one-time passwords helps in authenticating the transactions between two parties. 
  • A random session key can be generated, which will be valid for only one transaction. This will help prevent the attacker from retransmitting the original information after the session ends. 

2) What Is A Passive attack?

Passive attacks are the ones in which the attacker observes all the messages and copy the content of messages or information. They focus on monitoring all the transmissions and gaining data. The attacker does not try to change any data or information he gathers. Although there is no potential harm to the system due to these attacks, they can significantly threaten your data’s confidentiality. 

Unlike Active attacks, these are difficult to detect as it does not involve alteration in data or information. Thus, the victim doesn’t get any idea about the attack. Although it can be prevented using some encryption techniques. In this way, at any time of transmission, the message is in indecipherable form, so that hacker could not understand it. So this is the reason why more emphasis is given to prevention than detection. There are some protective measures that you can take to prevent these attacks.

  • Avoid posting sensitive and personal information online as attackers can use it to hack your network.
  • Use encryption for your messages and make them unreadable for any unintended intruder.

3) Difference between them

Although both active and passive attacks are part of security attacks, if you compare active and passive attacks, they have many differences between them. The main differences between them are made based on how they are done and how much damage they do to the system and its resources. The difference between active and passive attacks in network security are listed down below:

Active Attacks 

Passive Attack 

A modification in information occurs 

No modification in the information occurs 

Here the primary focus is on the prevention 

The primary focus here is on the detection 

Due to the nature of the attack, the executive system is always damaged 

Due to the nature of the attack, there is no harm to the system 

The victim often gets informed during the attack 

The victim, most of the time, does not have any clue about the attack 

The attack here is usually done based on the information called via passive attacks 

The attacks here are usually done by gathering sensitive information such as password, messages etc. 

Active attacks are generally difficult to restrict  

Passive attacks are easy to restrict by taking a few precautions 

Easy to detect 

Can be very difficult to detect 


4) Examples

Here are some examples of active and passive attacks examples:

Passive attacks

  • The attackers try to scan a device to find vulnerabilities, such as weak operating systems or open ports.
  • The hackers analyze and monitor a website’s traffic to see who visits it. 

Active attacks

  • The attacker is inserting his data into the original data stream.
  • Man-in-the-middle attack where the attacker sits between both parties communicating and replacing their messages with his message. In other words, both parties believe that they are talking to each other, but in reality, they are talking to the attacker. 

5) Types

There are different types of active and passive attacks.

Types of active attacks:

  • Interruption: These attacks are also known as masquerade attacks, where an unlawful attacker tries to show themselves as another identity. 
  • Modification of messages: A message has been tampered with or delayed, or reordered in some way to produce an unwanted effect. The integrity of the original data is violated when it is altered. Denial-of-service attacks, such as altering or flooding the network with deceptive data packets, can be used by unauthorized parties to gain access to and tamper with data. Authentication is under attack when something is manufactured. For example, a message saying “Allow Robert to read confidential file A” is changed to “Allow Thomas to read confidential file A.”
  • Repudiation occurs when the network is not completely secure, or the login credential has been tampered with. Using this attack, a malicious user can change the author’s information to save false data in log files, up to general data manipulation on behalf of others, similar to e-mail spoofing. 
  • Replay entails passively capturing and transmitting a message to produce an authorized effect. Using this attack method, the attacker essentially hopes to copy all of the data on a network and then use it for their purposes in the future. User safety and security are compromised if a data breach occurs. 
  • Denial of Service– It impedes the normal operation of communication networks. This attack may target a specific individual; for example, all messages destined for a specific location are filtered out or suppressed. Other ways of denying service include overloading a network with messages or disabling the network altogether.
  • Fabrication: These attacks cause Denial of service attacks in which the attackers try to prevent legal users from preventing access to some services. In other words, the attacker gains access to the activities, and the permitted users are prohibited from using the services.

Types of Passive attacks

  • The release of information: It can be somewhat understood by the example, where a sender sends a confidential message to the receiver, seen by an attacker. 
  • Traffic analysis: In this attack, the sender sends a message in encrypted form to the receiver. The hacker analyses the traffic and observes the pattern to decrypt the message. These types of attacks are called traffic analysis. 


Cybersecurity is a big part of our lives today. It is crucial to protect our devices from these malicious activities of attackers. We hope you have gained much better insights about active and passive network security attacks in this article. 

So, have you made up your mind to make a career in Cyber Security? Visit our Master Certificate in Cyber Security (Red Team) for further help. It is the first program in offensive technologies in India and allows learners to practice in a real-time simulated ecosystem that will give them an edge in this competitive world.


Related Articles

Please wait while your application is being created.
Request Callback