Common Security Attacks in the OSI Layer Model
infosectrainsunny
146 views
10 slides
Mar 13, 2024
Slide 1 of 10
1
2
3
4
5
6
7
8
9
10
About This Presentation
Information Technology (IT) has transformed traditional corporate processes with the advent of cutting-edge advancements such as cloud computing, AI, and machine learning. It is a valuable asset to any firm, but as IT advances, so do risks to corporate security. According to research and studies, IT...
Slide Content
"a INFOSECTRAIN
OSI Layer Model
&
Security Attacks
=
:9
ae
P N [be |
OSI Layer Model
&
Security Attacks
=
:9
ae
P N [be |
85 INFOSECTRAIN
What is the OSI Layer Model?
The OSI (Open Systems Interconnection) model defines
networking functionality. It categorizes computing
functions across seven layers, ensuring
seamless software and hardware interconnection.
#LearnToRise
What is the OSI Layer Model?
The OSI (Open Systems Interconnection) model defines
networking functionality. It categorizes computing
functions across seven layers, ensuring
seamless software and hardware interconnection.
#LearnToRise
85 INFOSECTRAIN
Layer 1: Physical
The Physical Layer ensures network
node connectivity through wired or
wireless means.
Attack: Sniffing Attack
In the Physical Layer, a sniffing attack involves attackers
capturing and analyzing network traffic to acquire sensitive
information such as login credentials, credit card numbers,
and personal data.
Ä
#LearnToRise
Layer 1: Physical
The Physical Layer ensures network
node connectivity through wired or
wireless means.
Attack: Sniffing Attack
In the Physical Layer, a sniffing attack involves attackers
capturing and analyzing network traffic to acquire sensitive
information such as login credentials, credit card numbers,
and personal data.
Ä
#LearnToRise
85 INFOSECTRAIN
Layer 2: Data Link
The Data Link Layer manages communication
between connected network nodes, breaking
data into frames for transmission.
Attack: Spoofing Attack
In spoofing attacks, attackers change a device's MAC.
address to impersonate another, gaining network access
and intercepting traffic. Methods include ARP spoofing,
DHCP spoofing, and MAC flooding.
#LearnToRise
Layer 2: Data Link
The Data Link Layer manages communication
between connected network nodes, breaking
data into frames for transmission.
Attack: Spoofing Attack
In spoofing attacks, attackers change a device's MAC.
address to impersonate another, gaining network access
and intercepting traffic. Methods include ARP spoofing,
DHCP spoofing, and MAC flooding.
#LearnToRise
85 INFOSECTRAIN
Layer 3: Network
The Network Layer has two main functions:
segmenting data into network packets and
routing these packets through the physical
network.
Attack: Man-in-the-Middle Attack
In the Network Layer, a "Man-in-the-Middle (MITM) Attack"
occurs when attackers intercept and alter communication
secretly. Using techniques like ARP spoofing and redirecting
packets to their device instead of the intended source.
|
#LearnToRise
Layer 3: Network
The Network Layer has two main functions:
segmenting data into network packets and
routing these packets through the physical
network.
Attack: Man-in-the-Middle Attack
In the Network Layer, a "Man-in-the-Middle (MITM) Attack"
occurs when attackers intercept and alter communication
secretly. Using techniques like ARP spoofing and redirecting
packets to their device instead of the intended source.
|
#LearnToRise
85 INFOSECTRAIN
Layer 4: Transport
The Transport Layer manages data flow and
error control, adjusting data transmission to
match the receiving device's speed.
Attack: Reconnaissance
Reconnaissance in the Transport Layer is an.attacker's
attempt to gather information by probing transport layer
protocols (TCP or UDP). Techniques include port scanning
to find open vulnerable ports and using packet sniffers to
monitor and extract data from network traffic.
Ä
#LearnToRise
Layer 4: Transport
The Transport Layer manages data flow and
error control, adjusting data transmission to
match the receiving device's speed.
Attack: Reconnaissance
Reconnaissance in the Transport Layer is an.attacker's
attempt to gather information by probing transport layer
protocols (TCP or UDP). Techniques include port scanning
to find open vulnerable ports and using packet sniffers to
monitor and extract data from network traffic.
Ä
#LearnToRise
85 INFOSECTRAIN
Layer 5: Session
The Session Layer manages communication
sessions between devices, ensuring their
efficiency during data transfer and closure
upon completion.
Attack: Hijacking
Session hijacking in the Session Layer occurs when. attackers
intercept and control sessions, exploiting vulnerabilities or
manipulating traffic. There are two types of session hijacking:
© Active: Attackers alter traffic during sessions.
© Passive: Attackers monitor and take over sessions
after user login by watching traffic
|
#LearnToRise
Layer 5: Session
The Session Layer manages communication
sessions between devices, ensuring their
efficiency during data transfer and closure
upon completion.
Attack: Hijacking
Session hijacking in the Session Layer occurs when. attackers
intercept and control sessions, exploiting vulnerabilities or
manipulating traffic. There are two types of session hijacking:
© Active: Attackers alter traffic during sessions.
© Passive: Attackers monitor and take over sessions
after user login by watching traffic
|
#LearnToRise
85 INFOSECTRAIN
Layer 6: Presentation
Responsible for encoding, encryption, and
compression methods for data exchange, the
Presentation Layer transforms data from the
Application Layer.
Attack: Phishing Attack
Phishing at the Presentation Layer involves using social
engineering tactics to trick people into disclosing sensitive
information or clicking on malicious links. Attackers create
fake emails or websites, appearing legitimate, to steal
login details and credit card information or install malicious
malware on victims' systems.
Ä
#LearnToRise
Layer 6: Presentation
Responsible for encoding, encryption, and
compression methods for data exchange, the
Presentation Layer transforms data from the
Application Layer.
Attack: Phishing Attack
Phishing at the Presentation Layer involves using social
engineering tactics to trick people into disclosing sensitive
information or clicking on malicious links. Attackers create
fake emails or websites, appearing legitimate, to steal
login details and credit card information or install malicious
malware on victims' systems.
Ä
#LearnToRise
85 INFOSECTRAIN
Layer 7: Application
The Application Layer is closest to users and
facilitates communication with individual
applications.
Attack: Exploit
In the Application Layer, "Exploit" attacks target software
vulnerabilities for unauthorized access or malicious actions.
It leads to DoS or DDoS attacks, causing disruptions to
websites and critical systems.
NI
Pres
di vipe Right
#LearnToRise
Layer 7: Application
The Application Layer is closest to users and
facilitates communication with individual
applications.
Attack: Exploit
In the Application Layer, "Exploit" attacks target software
vulnerabilities for unauthorized access or malicious actions.
It leads to DoS or DDoS attacks, causing disruptions to
websites and critical systems.
NI
Pres
di vipe Right
#LearnToRise
FOUND THIS USEFUL?
To Get More Insights
Courses | Workshops | eBooks | Checklists | Mock Tests
LIKE SHARE FOLLOW
INFOSEC
To Get More Insights
Courses | Workshops | eBooks | Checklists | Mock Tests
LIKE SHARE FOLLOW
INFOSEC
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 146
- Slides 10
- Age 628 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
45 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
21
Know for Certain
DaveSinNM
19 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views