 In this video we introduce the various kinds of security attacks we see on the internet. We will identify which attacks exist and how these attacks relate. In particularly, we will explain the relationship between the following attacks. Traffic analysis, message disclosure, masquerade, message modification, replay, topology disclosure, unauthorized access, denial of service. Note that this video just identifies and relates these attacks. We have a series of separate videos in which we discuss each attack in detail. But before we identify the various kinds of attacks, it is important to first understand what is being attacked, thus what is the target of the attack and how the attack is performed. In principle, we can distinguish between two possible targets. First attacks that target the data flowing over the network. And second, attacks that target the systems connected to the network. These systems may belong to end users, such as PCs or laptops, but also be systems within the network, such as routers and switches. To answer the question how attacks are being performed, we may distinguish between passive attacks, in which the attacker just intercepts network traffic, or active attacks, in which the attacker injects or modifies network packets. Now that we know what is being attacked and how, we can organize the various kinds of attacks. Passive attacks on network data can be either the analysis of traffic patterns, thus finding out who communicates with whom, or the disclosure of message contents, thus reading the contents of traffic exchange over the network. Active attacks on network data include masquerade, the sending data using the identity of someone else, message modification, thus changing the contents of traffic exchange over the network, as well as replay, the sending a certain message multiple times. For attacks on end users or network systems, we distinguish between three kinds of attacks. The first is topology disclosure, such as scanning attacks to find details of the network or the connected systems. The second is unauthorized access, which starts with password attacks, for example phishing or by brute force guessing, and may end with the installation of backdoors. The third kind of attack is denial of service, in which attackers try to overload systems, services, or network links. In a number of subsequent videos, we will discuss these attacks in detail. Also note that we detailed analysis of attacks on network data is the focus of our Internet Security Protocols MOOC module, and that attacks on network systems is the focus of our Internet Security Attack and Defense MOOC module. Next to our videos, all the good sources of information are RC4949, which is a glossary of security terms as used by the ITF, Part 2 of the OSI basic reference model, which defines a security architecture for network systems, and CCITT recommendation X800, which is identical to the previous OSI security architecture, but which is freely available on the Internet.