With the development of technology comes the high profile hacking techniques. For this reason, security professionals are in massive demand. But for this, security professionals and analysts have to understand the fundamentals of how network layers work and the key ingredients that can make the security in every layer stronger? This chapter will discuss the security mechanisms and different measures that need to be taken in each layer of the OSI model.
What is OSI Model?
Before going into security, it is necessary to know the basics of networking and its models - the OSI model. It is a hypothetical networking framework that uses specific protocols and mechanisms in every layer of it. This model is used to divide the network architecture into seven different layers conceptually. These layers are:
- Physical layer.
- Datalink layer.
- Network layer.
- Transport layer.
- Session layer.
- Presentation layer.
- Application layer.
There also involves some security postures and mechanisms that a security professional must know to detect and put the security method effectively in every layer.
Implementation of Security Methods within the OSI Model
The first three layers of the OSI model are called the media layers.
- Physical Layer is used for defining the technical qualifications of the data connectivity. Since the security in this layer is critical, so in case of any cyber danger (DoS attack), it is recommended to unplug the cable from the primary system.
Safeguarding this layer needs bio-metric security, camera-based surveillance, key cards, and other physical monitoring.
- Data Link Layer comprises of data packets transported from the physical layer. Any malfunctioning in this layer or data breach can impede the working of the network layer. Vulnerabilities that can be used and attacks that can be made in this layer are MAC address spoofing and virtual-LAN circumvention.
So for protecting your system, common security mechanisms are MAC address filtering, assessment of wireless applications, checking of proper data encryption standards.
- Network Layer is the last of the media layer and has an association with the real world. It deals with the addressing and routing of packets. IP address spoofing is one o the common attack of this phase. Strengthening this layer needs the techniques of firm anti-spoofing, proper implementation of firewalls and routing filters, and secure routing protocols.
The subsequent four layers are host layers:
- Transport Layer - comes under the logical layer, which helps in transferring variable-length data sequence. The reliability of this layer can be achieved by ensuring the segmentation and de-segmentation mechanism and error control. For security purposes, this layer needs an appropriate firewall, restrictive admission of transmission protocols, and appropriate port number.
- Session Layer - essentially manages the inter-system communication and sessions. The handling of local and remote application's interaction is done in this layer. In case of weak authentication methods, it can help attackers to perform a brute force. So the effective way of securing this layer is by ensuring appropriate encrypted key exchange, along with the restriction of unsuccessful session attempts using timing methods.
- Presentation Layer - is used to standardize data with the help of various conversion schemes. But if there is poor conduct of malicious input, it can help cybercriminals exploit the system or even crash a system. Separate sanitized input and proper input validation can help protect the system from attackers.
- Application Layer - contain the UI and the closest of all layers for the user-end. The widest range of cyber attacks and security breaches is possible in this layer. It can lead to shutting down the network, stealing data, crashing the application, manipulating the information sent from source to destination, and many more.
So every layer needs proper security postures. Different ports and protocols are used for different scenarios, which will be covered in the subsequent chapters.