Networking models help us understand the ‘lay of the land’ when it comes to protecting the network. In our journey through the Open Systems Interconnection (OSI) framework, we’ve arrived at the last stop in the media group, the OSI network layer.

Remember, we’ve gotten here via the OSI data link layer, or the ‘how’ the zeroes and ones traverse. In the past entry in this series, we discussed the importance of ensuring this link is secure through encryption, disabling ports and other ways to deny access.

Now, the OSI network layer is where the rubber really starts to hit the road. The data packets now get traveling. Think of it like this: the data link layer is node-to-node, whereas the network layer is network-to-network, and even through networks. The key to making this layer work is the router.

What is the OSI Network Layer?

You can also think of the network layer as the guide and traffic operator. It tells all the data packets where to go. Once data comes into the OSI network layer, an internet protocol (IP) address is added. Now, the data packet knows where to go. And the routers are what keep track and manage all the traffic. There are different ways to manage the traffic, also known as protocols, such as IPv4 and IPv6.  Without the network layer, the zeroes and ones can’t get anywhere.

Cybersecurity Threats to the OSI Network Layer

Malicious actors can attack the network layer through overloading the network, spoofing and sniffing. Let’s begin with overloading a network. An attacker can do this through denial of service (DoS) attacks, such as a ping flood. When an attacker knows which IP addresses are associated with a target network, they will send an internet control message protocol ping — or echo — repeatedly to overload the part or the entire network. This means an attacker can attack a single endpoint or a router to disrupt all communication.

Another method of attack is IP spoofing. Often used for distributed DoS attacks (DDoS), an attacker will alter the source IP in the header. IP spoofing is pretty much standard now for DDoS malware kits.

Finally, attackers can impact the OSI network layer through IP and port sniffing. IP and port sniffing allows an attacker to perform reconnaissance and learn more about a user through packet analysis. If the connection is not secured (think encryption) a malicious actor can steal valuable information.

In other words, it is not all too uncommon to see man-in-the-middle attacks happen at the OSI network layer level.

Using Firewalls in the OSI Network Layer

To prevent against these attacks, use of firewalls is critical. Firewall usage these days is pretty much a given, though future use of firewalls is up for debate on account of new cloud security technologies. Also, do not be surprised if a firewall gets overloaded during these types of attacks.

Similarly, a firewall technique that can reduce risk is packet filtering. This technique only allows incoming packets to pass based on the source and destination IP addresses and protocols. Finally, take a look at another related technique called anti-spoofing. A firewall will block a packet if the IP address is wrong, falsified or otherwise spoofed. All of the above seems relatively straightforward, but configuration is critical to success.

The Next Stop on the Journey

Collectively, the first three OSI layers — physical, data link and network layers — make up the ‘media’ portion of the OSI model. In the next piece, we will look at the first of the ‘host’ layers, the transport layer.

More from Mobile Security

How the Mac OS X Trojan Flashback Changed Cybersecurity

Not so long ago, the Mac was thought to be impervious to viruses. In fact, Apple once stated on its website that "it doesn't get PC viruses". But that was before the Mac OS X Trojan Flashback malware appeared in 2012. Since then, Mac and iPhone security issues have changed dramatically — and so has the security of the entire world. In this post, we'll revisit how the Flashback incident unfolded and how it changed the security landscape forever. What…

Switching to 5G? Know Your Integrated Security Controls

5G is a big leap in mobile technology. It presents enterprises and service providers with capabilities for advanced applications, content delivery and digital engagement anywhere. It enables businesses with new use cases and integrated security needs to have a trusted network and application/data delivery function. How does one build a secure 5G network that provides the level of trust required by users today and in the future? The Benefits of 5G 5G's new use cases come from: Customized network slices…

IAM Secures the New, Perimeter-less Reality

Necessity may be the mother of invention, and it also drives change. To remain competitive in 2021, companies had to transform rapidly. Today, many of us work from home. Remote and hybrid work models have become the new normal. But what about security? In one recent survey, 70% of office workers admitted to using their work devices for personal tasks, while 69% used personal laptops or printers for work. Also, 30% of remote workers let someone else use their work…

Will the Metaverse Usher in a Universe of Security Challenges?

How much do you know about the metaverse? Everyone started talking about the metaverse in the summer of 2021. Facebook CEO Mark Zuckerberg kicked it off with his plan to focus his company on building what he imagined would be the future of social, business, leisure and culture: the metaverse. He even changed the name of his company from Facebook to Meta. Since then, the chatter about the coming changes has been loud. Silicon Valley, the global tech industry, the…