Home » » Introduction to OSI Model in Cybersecurity

Introduction to OSI Model in Cybersecurity

Introduction to OSI Model in Cybersecurity

Cybersecurity is the practice of protecting networks, systems, and data from unauthorized access, manipulation, or damage. Cybersecurity professionals need to understand how different components of a network communicate and interact with each other, as well as how to identify and mitigate potential threats and vulnerabilities. One of the most useful tools for understanding network communication is the OSI model.

What is the OSI Model?

The OSI model, which stands for Open Systems Interconnection, is a conceptual framework that describes the functions of a networking system. It was developed by the International Organization for Standardization (ISO) in the late 1970s and early 1980s to support the interoperability of diverse networking methods and protocols1. The OSI model divides the network communication process into seven abstraction layers, each with a specific role and responsibility. The layers are:

  • Physical layer: This is the lowest layer of the OSI model, where the raw data is transmitted over a physical medium, such as a cable, a fiber optic, or a wireless signal. The physical layer converts the bits into electrical, optical, or electromagnetic signals and controls the rate and timing of transmission. The physical layer also deals with issues such as connectors, voltage levels, and modulation schemes2.
  • Data link layer: This layer is responsible for breaking the data into frames (small units of data) and adding headers and trailers to each frame for error detection and correction. The data link layer also manages the access to the shared medium and ensures that frames are delivered to the correct destination. The data link layer operates on MAC addresses (unique identifiers for network devices) and uses protocols such as Ethernet, Wi-Fi, and Bluetooth2.
  • Network layer: This layer handles the routing of packets (larger units of data) across multiple networks or subnets. The network layer assigns logical addresses (such as IP addresses) to each device and uses protocols such as IP, ICMP, and ARP to determine the best path for each packet. The network layer also performs fragmentation and reassembly of packets if needed2.
  • Transport layer: This layer provides end-to-end communication between applications running on different devices. The transport layer ensures that data is delivered reliably, in order, and without errors or duplication. The transport layer also manages the flow control and congestion control of data. The transport layer uses protocols such as TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) to establish connections and exchange segments (smaller units of data) between applications2.
  • Session layer: This layer establishes, maintains, and terminates sessions between applications. A session is a logical connection that allows two applications to exchange data for a certain period of time. The session layer also synchronizes the data transfer and handles authentication and authorization of users. The session layer uses protocols such as SSL (Secure Sockets Layer), TLS (Transport Layer Security), and SSH (Secure Shell) to provide security and encryption for sessions2.
  • Presentation layer: This layer transforms the data into a format that can be understood by the application layer. The presentation layer performs functions such as encryption, decryption, compression, decompression, translation, and formatting of data. The presentation layer also ensures that the data is compatible with different systems and platforms. The presentation layer uses standards such as ASCII, Unicode, JPEG, GIF, MPEG, and XML to represent data2.
  • Application layer: This is the highest layer of the OSI model, where the user interacts with the network through various applications. The application layer provides services such as file transfer, email, web browsing, remote access, and network management. The application layer uses protocols such as FTP (File Transfer Protocol), SMTP (Simple Mail Transfer Protocol), HTTP (Hypertext Transfer Protocol), Telnet, SNMP (Simple Network Management Protocol), and DNS (Domain Name System) to communicate with other applications2.

The following image illustrates the seven layers of the OSI model:

Why is the OSI Model Important for Cybersecurity?

The OSI model is an essential tool for cybersecurity because it helps to:

  • Understand how different layers of a network communicate and interact with each other
  • Identify potential threats and vulnerabilities at each layer
  • Apply appropriate security measures and controls at each layer
  • Troubleshoot issues and problems at each layer
  • Describe network attacks and incidents using a common language

Some examples of cybersecurity threats and countermeasures at each layer are:

  • Physical layer: Threats include physical damage or theft of devices or cables; countermeasures include locks, alarms, cameras, firewalls, and encryption
  • Data link layer: Threats include MAC spoofing (impersonating another device’s MAC address), ARP spoofing (redirecting traffic to a malicious device), or jamming (interfering with wireless signals); countermeasures include MAC filtering (allowing only authorized devices to access the network), ARP monitoring (detecting abnormal ARP requests or replies), or frequency hopping (changing the wireless channel to avoid interference)
  • Network layer: Threats include IP spoofing (sending packets with a forged source IP address), ICMP flooding (overwhelming a device with ping requests), or IP fragmentation attacks (sending malformed or overlapping packets to cause errors or crashes); countermeasures include IP filtering (blocking or allowing packets based on their source or destination IP address), ICMP filtering (limiting or disabling ping responses), or IP reassembly (checking and discarding invalid packets)
  • Transport layer: Threats include TCP SYN flooding (sending incomplete connection requests to exhaust a device’s resources), TCP reset attacks (sending fake packets to terminate a connection), or UDP flooding (sending large amounts of UDP packets to consume bandwidth or processing power); countermeasures include SYN cookies (using a cryptographic technique to verify connection requests), TCP sequence number randomization (making it harder to guess the next packet in a connection), or UDP rate limiting (dropping or delaying excessive UDP packets)
  • Session layer: Threats include session hijacking (taking over an existing session between two applications), session replay attacks (recording and re-sending a valid session), or session fixation attacks (forcing a user to use a predetermined session identifier); countermeasures include session encryption (using SSL, TLS, or SSH to protect the data in transit), session timeout (ending a session after a period of inactivity), or session tokens (using random and unique identifiers for each session)
  • Presentation layer: Threats include data tampering (modifying the data in transit), data leakage (exposing sensitive data to unauthorized parties), or data corruption (rendering the data unusable); countermeasures include data integrity checks (using hashes or digital signatures to verify the data), data confidentiality checks (using encryption or obfuscation to hide the data), or data recovery methods (using backups or redundancy to restore the data)
  • Application layer: Threats include malware infection (installing malicious software on a device), phishing attacks (tricking users into revealing their credentials or personal information), or denial-of-service attacks (preventing users from accessing an application); countermeasures include antivirus software (detecting and removing malware), user education and awareness (teaching users how to recognize and avoid phishing emails), or load balancing and caching (distributing and storing the application’s workload)

Conclusion

The OSI model is a valuable tool for understanding network communication and cybersecurity. By dividing the network communication process into seven abstraction layers, the OSI model helps to identify the functions, protocols, threats, and countermeasures at each layer. The OSI model also provides a common language and framework for describing network concepts and activities. By learning and applying the OSI model, cybersecurity professionals can improve their network security and performance.

0 comments:

Post a Comment

Office/Basic Computer Course

MS Word
MS Excel
MS PowerPoint
Bangla Typing, English Typing
Email and Internet

Duration: 2 months (4 days a week)
Sun+Mon+Tue+Wed

Course Fee: 4,500/-

Graphic Design Course

Adobe Photoshop
Adobe Illustrator

Duration: 3 months (2 days a week)
Fri+Sat

Course Fee: 8,500/-

Web Design Course

HTML 5
CSS 3

Duration: 3 months (2 days a week)
Fri+Sat

Course Fee: 8,500/-

Video Editing Course

Adobe Premiere Pro

Duration: 3 months (2 days a week)
Fri+Sat

Course Fee: 9,500/-

Digital Marketing Course

Facebook, YouTube, Instagram, SEO, Google Ads, Email Marketing

Duration: 3 months (2 days a week)
Fri+Sat

Course Fee: 12,500/-

Advanced Excel

VLOOKUP, HLOOKUP, Advanced Functions and many more...

Duration: 2 months (2 days a week)
Fri+Sat

Course Fee: 6,500/-

Class Time

Morning to Noon

1st Batch: 08:00-09:30 AM

2nd Batch: 09:30-11:00 AM

3rd Batch: 11:00-12:30 PM

4th Batch: 12:30-02:00 PM

Afternoon to Night

5th Batch: 04:00-05:30 PM

6th Batch: 05:30-07:00 PM

7th Batch: 07:00-08:30 PM

8th Batch: 08:30-10:00 PM

Contact:

Alamin Computer Training Center

796, West Kazipara Bus Stand,

West side of Metro Rail Pillar No. 288

Kazipara, Mirpur, Dhaka-1216

Mobile: 01785 474 006

Email: alamincomputer1216@gmail.com

Facebook: www.facebook.com/ac01785474006

Blog: alamincomputertc.blogspot.com

Contact form

Name

Email *

Message *