Attack vectors w.r.t OSI Layers

Rohan Krishnamurthy
Mar 31 · 3 min read
Source

Here’s a short summary of different attack possibilities to be considered at each OSI Layer.

OSI Layer

OSI layer is a structured model that presents the rulesets about how to set each communication methodology from a physical system into the real world.

The video below is a brilliant illustration to have a quick insight about the OSI Framework and post that, let’s discuss the cyber attack threats involved at each layer.

Let me help you to remember the 7 layers of an OSI, top-down and bottom-up as well.

Let us get to the attack surfaces of each and have a look at what ways we could attack a system.

Application Layer

  • Attack vectors: distributed denial-of-service attacks (DDoS) attacks, HTTP floods, SQL injections, cross-site scripting, parameter tampering, and Slowloris attacks. Other exploits include viruses, worms, phishing, key loggers, backdoors, program logic flaws, bugs, and trojan horses.
  • Mitigation: have an arsenal of security protections, such as web application firewalls (WAFs), secure web gateway services. This layer is the hardest to defend as the application is accessible only over Port 80 (HTTP) or Port 443 (HTTPS). Keep yourself acquainted with the Application Monitoring to detect zero-day vulnerabilities.

Presentation Layer

  • Attack vectors: SSL hijacking, encryption downgrade attacks, decryption attacks, encoding attacks, DDoS attacks
  • Mitigation: offload the SSL from the origin infrastructure and inspecting the application traffic for signs of attack traffic or violations of policy at an applications delivery platform (ADP). A good ADP will also ensure that your traffic is then re-encrypted and forwarded back to the origin infrastructure.

Session Layer

  • Attack vectors: Session hijacking attack, Man-in-the-Middle (MITM), Blind attack, Man-in-the-browser, SSH Sniffing
  • Mitigation: Check for new updates or version upgrades with your hardware provider. Generally, these updates would carry a patch to nullify the threat.

Transport Layer

  • Attack vectors: TCP Sequence prediction, SYN flood attack, TCP Session hijacking, UDP flood attack, UDP-based amplification attacks
  • Mitigation: DDoS blackhole routing/filtering or commonly referred to as Blackholing is one of the mitigation scenarios typically used by ISP’s.

Network Layer

  • Attack vectors: IP Spoofing and jamming, ICMP attack, Smurf attack, Worm-hole, Blackhole attacks, Sybil attack, Packet sniffing, and selective forwarding attacks
  • Mitigation: Ensure all security patches, packet filtering is kept enabled and any unused ports are blocked, unused services, and interfaces are disabled at the router operating system. Enable logging, place firewalls between your network and all untrusted networks and make sure that all switch traffic is encrypted.

Data Layer

  • Attack vectors: ARP Spoofing, MAC cloning, DoS, Spanning tree attack, VLAN hopping, DHCP attacks
  • Mitigation: configure their switches to limit the ports that can respond to DHCP requests, implement static ARP and install Intrusion Detection Systems (IDS). Allow discovered the MAC address to be authenticated against authentication, authorization and accounting (AAA) and subsequently filtered.

Physical Layer

  • Attack vectors: Unauthorised access, data sniffing, physical damage
  • Mitigation: Use defense-in-depth tactics, use access controls, accountability and auditing to track and control physical assets.

Being aware of the exploits and understanding the importance of the security issues is one of the first steps in the cybersecurity world. Please share your thoughts and pen down for further inputs.

CodeX

Everything connected with Tech & Code

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store