SlideShare une entreprise Scribd logo

Security Threats at OSI layers

Department of Computer Science
Department of Computer Science

Threats at each layer of OSI Model By:- RV

Technologie
1  sur  32
• OSI Layer- Introduction • Explanation of Layers • Need of Security • Top Security Threats • Security Threats at each layer
•Developed by the International Organization for Standardization (ISO) in 1978. •(OSI) model describes how data is sent and received over a network. •The OSI Model also defines a logical networks and effectively describes computer packet transfer by using different layer protocols.
• While working on a network framework, ISO decided to develop the seven-layer model • it also called a reference Model • OSI’s seven layers are divided into two portions: 1. Hot layers 2. Media layers. • The hot portion includes the application, presentation, session and transport layers • The media portion includes the network, data link and physical layers. • The OSI Model works in a hierarchy, assigning tasks to all seven layers. • Each layer is responsible for performing assigned tasks and transferring completed tasks to the next layer for further processing.
Functions of physical layers: • Bit representation • Transmission rate • Physical representation • Synchronizing • Transmission mode • Physical topology
Responsible for delivery of data between two systems on network. Switch & Bridge are Data Link Layer devices • Framing • Physical Addressing • Synchronization. • Error Control. • Flow Control. • Multi-Access.
Segment in Network layer is referred as Packet Network layer is implemented by networking devices such as routers • Routing • Logical Addressing
• Responsible for source to destination delivery of entire message. • Segmentation an reassembly divide message into smaller segments , number them and transmit • Resemble these messages at receiving end. • Error control The services provided by transport layer : 1. Connection Oriented Service: It is a three phase process which include • Connection Establishment • Data Transfer • Termination / disconnection 2. Connection less service
Data in the Transport Layer is called as Segments Transport Layer is called as Heart of OSI model
The data link layer has three main functions: • Session establishment, maintenance and termination. • Synchronization • Dialog Controller
Responsible of this layers are : • Transmission : Different computer use different encoding system (bit order translation). Syntax represents information such as character code- how many bits to represents data (7or 8 ) bits . • Compression • Encryption • Decryption
• Directly interacts with the end user. • Contain protocol that allow the users to access the network.(HTTP, FTP etc). • It also include application program such as e-mail, browsers, word processing application etc.
• The network needs security against attackers and hackers • Protecting confidentiality, integrity, availability of Data • Network Security includes two basic securities 1. Information Security 2. Computer Security • Data can be of the sensitive type; things like credit card information, passwords or contact lists • And another type is information that might interest advertisers, like your Internet browsing habits.
1. Privilege Escalation 2. Worm 3. Virus 4. Trojan 5. Spyware 6. Spam 7. Botnet 8. Logic Bomb
• Installing a firewall for protecting systems or data from being attacked is dangerous fallacy • Application security can be likened to a Tootsie Pop(Hard from inside but soft from inside) • Based on statistics from Cisco Systems, the idea that most attacks come from the Internet is a serious misconception
Security threats that may occur at this level are the following: 1. Access Control • Permitting only authorized personnel to possess logins and passwords and closing unmanaged ports • Physical security also involves keeping hardware (particularly laptop computers) from being stolen • Closing open ports, locking doors, using surveillance monitors, restricting access to critical servers, and using strong passwords can prevent many common attacks.
2. Physical Damage or Destruction of Data And Hardware 3. Environmental issues include fire, smoke, water • Environmental issues at the Physical layer include fire, smoke, water • Hardware failures are much more likely in the system • Poor control over environmental factors such as temperature, humidity, dust, and ventilation can cause frequent failures • Use of climate-controlled rooms with proper dust filters and ventilation can significantly reduce the incidence of hardware failure 4. Disconnection of Physical Links 5. Backup
Security threats that may occur at this level are the following: 1. ARPs or ARP spoof 2. MAC flooding 3. Spanning tree attack 1. ARPs/ARP spoofing • Can be used to maliciously take over a machine’s IP address • ARP spoofing is targeted to fool a switch into forwarding packets to a device in a different VLAN • The security vulnerability occurs at the lower layer but affects upper level security without the upper layer knowing about it
• To prevent these attacks, some switches and routers can be configured to ignore gratuitous ARPs. Cisco switches offer Edge VLAN segregation (Private VLANs) and ARP inspection to mitigate this threat. 2. MAC Flooding • it is the method of attacking the network switches • MAC Flooding occurs when the MAC table of a switch reaches capacity and floods • A malicious user can sniff the flooded traffic to obtain network information such as passwords. • Some switches, i.e., Cisco switches, have a port option that prevents such flooding: • setportsecurity3/21enableage10maximum5violation restrict
• Authentication with AAA server • Port Security 3. Spanning Tree Attacks • occur when an attacker’s computer inserts itself into a data stream and causes a DoS attack • A spanning tree attack begins with a physical attack by a malicious user who inserts an unauthorized switch between two existing network switches • The attacker assigns a lower root priority • Assigning the lower root priority causes the network connection between Switch 2 (S-2) and M-1 to be dropped. The attacker’s switch thereby becomes the root switch, and the attacker gains full access to data transmitted between S-2 and the rest of the network
• One-way of mitigating this problem is configure a network’s root switch with Root Priority = 0. Other examples are:- • Private VLAN attack • Multicast brute force attack • Random frame stress attack
Security threats that may occur at this level are the following: 1. IP Address Spoofing 2. Routing attacks 3. Back Hole/Selective Forwarding 1. IP Address Spoofing • also known as IP address forgery or a host file hijack • IP address spoofing is the act of falsifying the content in the Source IP header, usually with randomized numbers, either to mask the sender’s identity or to launch a reflected DDoS attack • monitoring networks for a typical activity, • deploying packet filtering to detect inconsistencies • using robust verification methods • authenticating all IP addresses
2. Back Hole:- • In this attack malicious node behave like normal node and forward packets but selectively drop some packets • When the malicious node acts like a black hole, it drops all the packet passing through it • Selective Forwarding attack is called as special case of Black Hole attack Countermeasures • Acknowledgement based detection • Detection using neighborhood information • Using multidata flow to mitigate attack.
Security threats that may occur at this level are the following 1) SYN Flood 2) Smurf Attack 1) SYN Flood • Also called Half open attack or TCP Sync Flood • Type of Distributed Denial of Service (DDoS) attack on a computer server • The attack involves having a client repeatedly send SYN (synchronization) packets to every port on a server, using fake IP addresses in order to make it over consumed and unresponsive • exploits part of the normal TCP three-way handshake
Counter measures 1. RST cookies • for the first request from a given client, the server intentionally sends an invalid SYN-ACK • This should result in the client generating an RST packet 2. SYN Cookies • using cryptographic hashing • the server sends its SYN-ACK response with a sequence number • When the client responds, this hash is included in the ACK packet
2. Smurf Attack • It is a DoS Attack in which a system is flooded with spoofed ping messages. • Attacker creates lots of ICMP Packets with the intended victims IP Address • Broadcasts those packets • As a result most of devices in network responds Counter measures • Config. Individual host or router not to respond to ICMP REQ or broadcast • Config. Router not to forward packet directed to broadcast address
Security threats that may occur at this level are the following 1. Session Hijacking • is a security attack on a user session • A session hijacking attack works when it compromises the token by guessing what an authentic token session will be, thus acquiring unauthorized access to the Web server • MITM Attack Common ways of Session Hijacking 1. Packet Sniffers 2. Cross Site Scripting(XSS Attack)
Security threats that may occur at this level are the following 1. SSL Hijacking • Superfish uses a process called SSL hijacking to get at users’ encrypted data  Your computer connects to the HTTP (insecure) site.  The HTTP server redirects you to the HTTPS (secure) version of the same site.  Your computer connects to the HTTPS site.  The HTTPS server provides a certificate, providing positive identification of the site.  The connection is completed.
Security threats that may occur at this level are the following 1. Virus 2. Worm 3. Phishing 4. Key Loggers 5. Backdoors 6. Program logic flaws 7. Bugs 8. Trojan Horses
Security Threats at OSI layers

Recommandé

Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Fundamentals of Network security
Fundamentals of Network securityFundamentals of Network security
Fundamentals of Network securityAPNIC
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacksRamiro Cid
 
Network Security
Network Security Network Security
Network Security Abdul Qadir Pattal
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)Papun Papun
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and ProtectionChandrak Trivedi
 
System hacking
System hackingSystem hacking
System hackingCAS
 

Recommandé

Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Fundamentals of Network security
Fundamentals of Network securityFundamentals of Network security
Fundamentals of Network securityAPNIC
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacksRamiro Cid
 
Network Security
Network Security Network Security
Network Security Abdul Qadir Pattal
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)Papun Papun
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and ProtectionChandrak Trivedi
 
System hacking
System hackingSystem hacking
System hackingCAS
 
Network Security
Network SecurityNetwork Security
Network SecurityMAJU
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Network security
Network securityNetwork security
Network securitySimranpreet Singh
 
Introduction IDS
Introduction IDSIntroduction IDS
Introduction IDSHitesh Mohapatra
 
Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attackskrishh sivakrishna
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in DepthDilum Bandara
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityRamiro Cid
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security PresentationAllan Pratt MBA
 
Cyber security
Cyber securityCyber security
Cyber securityBhavin Shah
 
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet Filters
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet FiltersCyber Security - Unit - 2 - Network Defense tools Firewalls and Packet Filters
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet FiltersGyanmanjari Institute Of Technology
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoorsGaurav Dalvi
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )Kashyap Mandaliya
 
Cyber security for an organization
Cyber security for an organizationCyber security for an organization
Cyber security for an organizationTejas Wasule
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
Types of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsTypes of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsLearningwithRayYT
 
Network Security and Firewall
Network Security and FirewallNetwork Security and Firewall
Network Security and FirewallShafeeqaFarsana
 
Web application attacks
Web application attacksWeb application attacks
Web application attackshruth
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Securitylalithambiga kamaraj
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
Network security and protocols
Network security and protocolsNetwork security and protocols
Network security and protocolsOnline
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKSShaurya Gogia
 

Contenu connexe

Tendances

Network Security
Network SecurityNetwork Security
Network SecurityMAJU
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in DepthDilum Bandara
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityRamiro Cid
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security PresentationAllan Pratt MBA
 
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet Filters
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet FiltersCyber Security - Unit - 2 - Network Defense tools Firewalls and Packet Filters
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet FiltersGyanmanjari Institute Of Technology
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoorsGaurav Dalvi
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )Kashyap Mandaliya
 
Cyber security for an organization
Cyber security for an organizationCyber security for an organization
Cyber security for an organizationTejas Wasule
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
Types of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsTypes of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsLearningwithRayYT
 
Network Security and Firewall
Network Security and FirewallNetwork Security and Firewall
Network Security and FirewallShafeeqaFarsana
 
Web application attacks
Web application attacksWeb application attacks
Web application attackshruth
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 

Tendances (20)

Network Security
Network SecurityNetwork Security
Network Security
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
Network security
Network securityNetwork security
Network security
 
Introduction IDS
Introduction IDSIntroduction IDS
Introduction IDS
 
Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attacks
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in Depth
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet Filters
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet FiltersCyber Security - Unit - 2 - Network Defense tools Firewalls and Packet Filters
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet Filters
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoors
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internet
 
VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )
 
Cyber security for an organization
Cyber security for an organizationCyber security for an organization
Cyber security for an organization
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
 
Types of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsTypes of Threat Actors and Attack Vectors
Types of Threat Actors and Attack Vectors
 
Network Security and Firewall
Network Security and FirewallNetwork Security and Firewall
Network Security and Firewall
 
Web application attacks
Web application attacksWeb application attacks
Web application attacks
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
 

Similaire à Security Threats at OSI layers

Network security and protocols
Network security and protocolsNetwork security and protocols
Network security and protocolsOnline
 
Computer Network Case Study - bajju.pptx
Computer Network Case Study - bajju.pptxComputer Network Case Study - bajju.pptx
Computer Network Case Study - bajju.pptxShivamBajaj36
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Pathshibaehed
 
Protocol layer,OSI model & POP3
Protocol layer,OSI model & POP3Protocol layer,OSI model & POP3
Protocol layer,OSI model & POP3Zakirul Islam
 
Unit 4 ec8702 - ad hoc and wireless sensor networks unit -4 mr.darwin nesaku...
Unit 4 ec8702 - ad hoc and wireless sensor networks unit -4 mr.darwin nesaku...Unit 4 ec8702 - ad hoc and wireless sensor networks unit -4 mr.darwin nesaku...
Unit 4 ec8702 - ad hoc and wireless sensor networks unit -4 mr.darwin nesaku...Darwin Nesakumar
 
Ids 009 network attacks
Ids 009 network attacksIds 009 network attacks
Ids 009 network attacksjyoti_lakhani
 
How we breach small and medium enterprises (SMEs)
How we breach small and medium enterprises (SMEs)How we breach small and medium enterprises (SMEs)
How we breach small and medium enterprises (SMEs)NCC Group
 
Linux Inter Process Communication
Linux Inter Process CommunicationLinux Inter Process Communication
Linux Inter Process CommunicationAbhishek Sagar
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementationajeet singh
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementationajeet singh
 
Sonali Bank Network Design Project Report
Sonali Bank Network Design Project ReportSonali Bank Network Design Project Report
Sonali Bank Network Design Project ReportHasibul Islam Nirob
 
Security concepts
Security conceptsSecurity concepts
Security conceptsartisriva
 
Ransomware Attack: Best Practices to proactively prevent contain and respond
Ransomware Attack: Best Practices to proactively prevent contain and respondRansomware Attack: Best Practices to proactively prevent contain and respond
Ransomware Attack: Best Practices to proactively prevent contain and respondAlgoSec
 
Ransomware- What you need to know to Safeguard your Data
Ransomware- What you need to know to Safeguard your DataRansomware- What you need to know to Safeguard your Data
Ransomware- What you need to know to Safeguard your DataInderjeet Singh
 

Similaire à Security Threats at OSI layers (20)

Network security and protocols
Network security and protocolsNetwork security and protocols
Network security and protocols
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKS
 
Network sec 1
Network sec 1Network sec 1
Network sec 1
 
Computer Network Case Study - bajju.pptx
Computer Network Case Study - bajju.pptxComputer Network Case Study - bajju.pptx
Computer Network Case Study - bajju.pptx
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths
 
Isys20261 lecture 06
Isys20261 lecture 06Isys20261 lecture 06
Isys20261 lecture 06
 
Protocol layer,OSI model & POP3
Protocol layer,OSI model & POP3Protocol layer,OSI model & POP3
Protocol layer,OSI model & POP3
 
Unit 4 ec8702 - ad hoc and wireless sensor networks unit -4 mr.darwin nesaku...
Unit 4 ec8702 - ad hoc and wireless sensor networks unit -4 mr.darwin nesaku...Unit 4 ec8702 - ad hoc and wireless sensor networks unit -4 mr.darwin nesaku...
Unit 4 ec8702 - ad hoc and wireless sensor networks unit -4 mr.darwin nesaku...
 
Security - ch5.ppt
Security - ch5.pptSecurity - ch5.ppt
Security - ch5.ppt
 
Ids 009 network attacks
Ids 009 network attacksIds 009 network attacks
Ids 009 network attacks
 
How we breach small and medium enterprises (SMEs)
How we breach small and medium enterprises (SMEs)How we breach small and medium enterprises (SMEs)
How we breach small and medium enterprises (SMEs)
 
Cryptography and Network security # Lecture 3
Cryptography and Network security # Lecture 3Cryptography and Network security # Lecture 3
Cryptography and Network security # Lecture 3
 
Security and Linux Security
Security and Linux SecuritySecurity and Linux Security
Security and Linux Security
 
Linux Inter Process Communication
Linux Inter Process CommunicationLinux Inter Process Communication
Linux Inter Process Communication
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
 
Sonali Bank Network Design Project Report
Sonali Bank Network Design Project ReportSonali Bank Network Design Project Report
Sonali Bank Network Design Project Report
 
Security concepts
Security conceptsSecurity concepts
Security concepts
 
Ransomware Attack: Best Practices to proactively prevent contain and respond
Ransomware Attack: Best Practices to proactively prevent contain and respondRansomware Attack: Best Practices to proactively prevent contain and respond
Ransomware Attack: Best Practices to proactively prevent contain and respond
 
Ransomware- What you need to know to Safeguard your Data
Ransomware- What you need to know to Safeguard your DataRansomware- What you need to know to Safeguard your Data
Ransomware- What you need to know to Safeguard your Data
 

Dernier

MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 

Dernier (20)

MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 

Security Threats at OSI layers

  • 1.
  • 2. • OSI Layer- Introduction • Explanation of Layers • Need of Security • Top Security Threats • Security Threats at each layer
  • 3. •Developed by the International Organization for Standardization (ISO) in 1978. •(OSI) model describes how data is sent and received over a network. •The OSI Model also defines a logical networks and effectively describes computer packet transfer by using different layer protocols.
  • 4. • While working on a network framework, ISO decided to develop the seven-layer model • it also called a reference Model • OSI’s seven layers are divided into two portions: 1. Hot layers 2. Media layers. • The hot portion includes the application, presentation, session and transport layers • The media portion includes the network, data link and physical layers. • The OSI Model works in a hierarchy, assigning tasks to all seven layers. • Each layer is responsible for performing assigned tasks and transferring completed tasks to the next layer for further processing.
  • 5.
  • 6. Functions of physical layers: • Bit representation • Transmission rate • Physical representation • Synchronizing • Transmission mode • Physical topology
  • 7. Responsible for delivery of data between two systems on network. Switch & Bridge are Data Link Layer devices • Framing • Physical Addressing • Synchronization. • Error Control. • Flow Control. • Multi-Access.
  • 8. Segment in Network layer is referred as Packet Network layer is implemented by networking devices such as routers • Routing • Logical Addressing
  • 9. • Responsible for source to destination delivery of entire message. • Segmentation an reassembly divide message into smaller segments , number them and transmit • Resemble these messages at receiving end. • Error control The services provided by transport layer : 1. Connection Oriented Service: It is a three phase process which include • Connection Establishment • Data Transfer • Termination / disconnection 2. Connection less service
  • 10. Data in the Transport Layer is called as Segments Transport Layer is called as Heart of OSI model
  • 11. The data link layer has three main functions: • Session establishment, maintenance and termination. • Synchronization • Dialog Controller
  • 12. Responsible of this layers are : • Transmission : Different computer use different encoding system (bit order translation). Syntax represents information such as character code- how many bits to represents data (7or 8 ) bits . • Compression • Encryption • Decryption
  • 13. • Directly interacts with the end user. • Contain protocol that allow the users to access the network.(HTTP, FTP etc). • It also include application program such as e-mail, browsers, word processing application etc.
  • 14. • The network needs security against attackers and hackers • Protecting confidentiality, integrity, availability of Data • Network Security includes two basic securities 1. Information Security 2. Computer Security • Data can be of the sensitive type; things like credit card information, passwords or contact lists • And another type is information that might interest advertisers, like your Internet browsing habits.
  • 15. 1. Privilege Escalation 2. Worm 3. Virus 4. Trojan 5. Spyware 6. Spam 7. Botnet 8. Logic Bomb
  • 16. • Installing a firewall for protecting systems or data from being attacked is dangerous fallacy • Application security can be likened to a Tootsie Pop(Hard from inside but soft from inside) • Based on statistics from Cisco Systems, the idea that most attacks come from the Internet is a serious misconception
  • 17.
  • 18. Security threats that may occur at this level are the following: 1. Access Control • Permitting only authorized personnel to possess logins and passwords and closing unmanaged ports • Physical security also involves keeping hardware (particularly laptop computers) from being stolen • Closing open ports, locking doors, using surveillance monitors, restricting access to critical servers, and using strong passwords can prevent many common attacks.
  • 19. 2. Physical Damage or Destruction of Data And Hardware 3. Environmental issues include fire, smoke, water • Environmental issues at the Physical layer include fire, smoke, water • Hardware failures are much more likely in the system • Poor control over environmental factors such as temperature, humidity, dust, and ventilation can cause frequent failures • Use of climate-controlled rooms with proper dust filters and ventilation can significantly reduce the incidence of hardware failure 4. Disconnection of Physical Links 5. Backup
  • 20. Security threats that may occur at this level are the following: 1. ARPs or ARP spoof 2. MAC flooding 3. Spanning tree attack 1. ARPs/ARP spoofing • Can be used to maliciously take over a machine’s IP address • ARP spoofing is targeted to fool a switch into forwarding packets to a device in a different VLAN • The security vulnerability occurs at the lower layer but affects upper level security without the upper layer knowing about it
  • 21. • To prevent these attacks, some switches and routers can be configured to ignore gratuitous ARPs. Cisco switches offer Edge VLAN segregation (Private VLANs) and ARP inspection to mitigate this threat. 2. MAC Flooding • it is the method of attacking the network switches • MAC Flooding occurs when the MAC table of a switch reaches capacity and floods • A malicious user can sniff the flooded traffic to obtain network information such as passwords. • Some switches, i.e., Cisco switches, have a port option that prevents such flooding: • setportsecurity3/21enableage10maximum5violation restrict
  • 22. • Authentication with AAA server • Port Security 3. Spanning Tree Attacks • occur when an attacker’s computer inserts itself into a data stream and causes a DoS attack • A spanning tree attack begins with a physical attack by a malicious user who inserts an unauthorized switch between two existing network switches • The attacker assigns a lower root priority • Assigning the lower root priority causes the network connection between Switch 2 (S-2) and M-1 to be dropped. The attacker’s switch thereby becomes the root switch, and the attacker gains full access to data transmitted between S-2 and the rest of the network
  • 23. • One-way of mitigating this problem is configure a network’s root switch with Root Priority = 0. Other examples are:- • Private VLAN attack • Multicast brute force attack • Random frame stress attack
  • 24. Security threats that may occur at this level are the following: 1. IP Address Spoofing 2. Routing attacks 3. Back Hole/Selective Forwarding 1. IP Address Spoofing • also known as IP address forgery or a host file hijack • IP address spoofing is the act of falsifying the content in the Source IP header, usually with randomized numbers, either to mask the sender’s identity or to launch a reflected DDoS attack • monitoring networks for a typical activity, • deploying packet filtering to detect inconsistencies • using robust verification methods • authenticating all IP addresses
  • 25. 2. Back Hole:- • In this attack malicious node behave like normal node and forward packets but selectively drop some packets • When the malicious node acts like a black hole, it drops all the packet passing through it • Selective Forwarding attack is called as special case of Black Hole attack Countermeasures • Acknowledgement based detection • Detection using neighborhood information • Using multidata flow to mitigate attack.
  • 26. Security threats that may occur at this level are the following 1) SYN Flood 2) Smurf Attack 1) SYN Flood • Also called Half open attack or TCP Sync Flood • Type of Distributed Denial of Service (DDoS) attack on a computer server • The attack involves having a client repeatedly send SYN (synchronization) packets to every port on a server, using fake IP addresses in order to make it over consumed and unresponsive • exploits part of the normal TCP three-way handshake
  • 27. Counter measures 1. RST cookies • for the first request from a given client, the server intentionally sends an invalid SYN-ACK • This should result in the client generating an RST packet 2. SYN Cookies • using cryptographic hashing • the server sends its SYN-ACK response with a sequence number • When the client responds, this hash is included in the ACK packet
  • 28. 2. Smurf Attack • It is a DoS Attack in which a system is flooded with spoofed ping messages. • Attacker creates lots of ICMP Packets with the intended victims IP Address • Broadcasts those packets • As a result most of devices in network responds Counter measures • Config. Individual host or router not to respond to ICMP REQ or broadcast • Config. Router not to forward packet directed to broadcast address
  • 29. Security threats that may occur at this level are the following 1. Session Hijacking • is a security attack on a user session • A session hijacking attack works when it compromises the token by guessing what an authentic token session will be, thus acquiring unauthorized access to the Web server • MITM Attack Common ways of Session Hijacking 1. Packet Sniffers 2. Cross Site Scripting(XSS Attack)
  • 30. Security threats that may occur at this level are the following 1. SSL Hijacking • Superfish uses a process called SSL hijacking to get at users’ encrypted data  Your computer connects to the HTTP (insecure) site.  The HTTP server redirects you to the HTTPS (secure) version of the same site.  Your computer connects to the HTTPS site.  The HTTPS server provides a certificate, providing positive identification of the site.  The connection is completed.
  • 31. Security threats that may occur at this level are the following 1. Virus 2. Worm 3. Phishing 4. Key Loggers 5. Backdoors 6. Program logic flaws 7. Bugs 8. Trojan Horses