As we’ve talked about in the rest of this series, there are several ways to use the Open Systems Interconnection (OSI) seven layers of networking model to help us secure our networks and make them more resilient. Now, we’ve reached the first of the ‘host’ layers, the OSI transport layer. 

Previously, we described ‘what’ allows data to travel (physical layer), ‘how’ it travels (data link layer) and ‘where’ the data travels (network layer). Next, the OSI transport layer is a bit more of ‘how’ the zeroes and ones travel. More specifically the transport layer focuses on quality and speed.

What Is the OSI Transport Layer?

The Transport Layer outlines the functions and protocols for transferring variable-length data sequences between the source and the host. That means that since data has different sizes and is broken up into packets, some rules are in place on how to do that. Two types of protocols are often associated with the OSI model, the Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). The quick distinction between the two is that TCP prioritizes data quality over speed. Meanwhile, UDP is a connectionless protocol that prioritizes speed over quality.

Cybersecurity Threats to the OSI Transport Layer

Despite being a ‘host’ layer, the transport layer is prone to some of the threats to the previous ‘media’ layers. This is another place to expect sniffing, specifically related to ports and protocols. Distributed denial of services (DDoS) attacks can also strike the transport layer. In particular, two types of attacks common to the OSI transport layer are SYN floods and Smurf attacks. In an SYN flood, an attacker initiates many connections to a server using a spoofed IP address, not waiting for a connection to finalize. Smurf attacks use malware to overload network resources. The attacker broadcasts Internet Control Message Protocol echoes, resulting in an infinite loop of requests.

Therefore, you really want to limit access on the OSI transport layer. Lock down your ports, configure your firewalls for only what is needed and gate access to your transmission protocols.

Attackers Scouting Layers

There is also another issue to consider in the transport layer. It is a great place for a malicious actor to do reconnaissance. They may not attack you directly on the transport layer unless they intend to inflict a DDoS attack on you. However, the actor can learn a lot about how to get into your environment, especially the commonly-targeted session layer.

Reliability on the OSI transport layer is crucial. There is a lot going on in this layer because all the packets move around. As a side note, we often refer to packets as segments or datagrams on the transport layer, based on protocol used. If this layer does not segment and reassemble the packets correctly, performance may suffer. That means the OSI transport layer needs to be as error-free as possible. This is also why it performs error control as well. If errors are happening here, communication between hosts will get messy. 

In the next piece, we will look at the session layer, which introduces some different naming. What we’ve been calling segments or datagrams, we’ll now refer to simply as ‘data’ as they move through. With different layers seeing different threats, it’s important to cover all of them thoroughly.

More from Mobile Security

Quishing: A growing threat hiding in plain sight

4 min read - Our mobile devices go everywhere we go, and we can use them for almost anything. For businesses, the accessibility of mobile devices has also made it easier to create more interactive ways to introduce new products and services while improving user experiences across different industries. Quick-response (QR) codes are a good example of this in action and help mobile devices quickly navigate to web pages or install new software by simply scanning an image.However, legitimate organizations aren’t the only ones…

Juice jacking: Is it a real issue or media hype?

4 min read - You get off a flight and realize your phone is almost out of battery, which will make getting an Uber at your destination a bit challenging. Then you see it — a public charging station at the next gate like a pot of gold at the end of the rainbow. As you run rom-com style to the USB port, you may briefly wonder if it’s actually safe from a cybersecurity perspective to plug in your phone. The answer is technically…

Third-party app stores could be a red flag for iOS security

4 min read - Even Apple can’t escape change forever. The famously restrictive company will allow third-party app stores for iOS devices, along with allowing users to “sideload” software directly. Spurring the move is the European Union’s (EU) Digital Markets Act (DMA), which looks to ensure open markets by reducing the ability of digital “gatekeepers” to restrict content on devices. While this is good news for app creators and end-users, there is a potential red flag: security. Here’s what the compliance-driven change means for…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today