In our journey through the Open Systems Interconnection (OSI) seven layers of networking, the OSI session layer is a gatekeeper that manages the connection between applications. In other words, we are past just connecting devices. Now, we need to do something with that connection, which at this stage is called a session. This part of the OSI model gets into the ‘why’ of data movement. Think of everything done so far in the previous four layers as getting everyone to the party. What do you need to look out for in terms of threats now that they’re here?

What Is the Session Layer?

The OSI session layer is responsible for syncing everything up for action. For example, you can’t just ‘view’ a web page. You need to establish a connection to the web server. The session layer therefore creates, manages, accepts, opens and closes these sessions. On occasion, it’s even responsible for sessions failing, especially if your computer is managing a whole bunch of them. Therefore, not only is performance important at the session layer, so is security.

Connected Threats

Management of the OSI session layer is critical to success. You’ve probably heard of session hijacking as a type of attack. As you would correctly guess, those attacks happen in the session layer. Session hijacking can happen in different ways, including cross-site scripting, sidejacking, fixation, cookie theft and brute force attempts.

How do you stop these types of attacks? Here are some tips:

  • Force the use of HTTPS or some other protocol that ensures encryption.
  • Prevent access to cookies from client-side scripts.
  • Configure your system to regenerate the session key after it has established authentication.
  • In general, layers five through seven are all vulnerable due to bad coding practices.

Another way to protect the OSI session layer is through management of the session. Encryption is vital to session safety, so if you need some help on standards, reference NIST Special Publication 800-175B Revision 1.

Restricting failed session attempts and adding timing methods can also protect sessions. This is where your business operations matter. Being too restrictive could impede business; too loose and you take on more risk. Remember, you need to browse safely, but cybersecurity is only part of the larger picture.

Finally, watch out for FTP sniffing on the OSI session layer as well. FTP, on its own, is not secure. And while many organizations have moved to some type of secure FTP solution such as SFTP (securing with SSH) or FTPS (securing with SSL), it’s easy to miss that vanilla FTP is still out there.

Next, we’ll take a look at what that gate opens onto.

More from Mobile Security

Third-Party App Stores Could Be a Red Flag for iOS Security

Even Apple can’t escape change forever. The famously restrictive company will allow third-party app stores for iOS devices, along with allowing users to “sideload” software directly. Spurring the move is the European Union’s (EU) Digital Markets Act (DMA), which looks to ensure open markets by reducing the ability of digital “gatekeepers” to restrict content on devices. While this is good news for app creators and end-users, there is a potential red flag: security. Here’s what the compliance-driven change means for…

A View Into Web(View) Attacks in Android

James Kilner contributed to the technical editing of this blog. Nethanella Messer, Segev Fogel, Or Ben Nun and Liran Tiebloom contributed to the blog. Although in the PC realm it is common to see financial malware used in web attacks to commit fraud, in Android-based financial malware this is a new trend. Traditionally, financial malware in Android uses overlay techniques to steal victims’ credentials. In 2022, IBM Security Trusteer researchers discovered a new trend in financial mobile malware that targets…

How the Mac OS X Trojan Flashback Changed Cybersecurity

Not so long ago, the Mac was thought to be impervious to viruses. In fact, Apple once stated on its website that "it doesn't get PC viruses". But that was before the Mac OS X Trojan Flashback malware appeared in 2012. Since then, Mac and iPhone security issues have changed dramatically — and so has the security of the entire world. In this post, we'll revisit how the Flashback incident unfolded and how it changed the security landscape forever. What…

Switching to 5G? Know Your Integrated Security Controls

5G is a big leap in mobile technology. It presents enterprises and service providers with capabilities for advanced applications, content delivery and digital engagement anywhere. It enables businesses with new use cases and integrated security needs to have a trusted network and application/data delivery function. How does one build a secure 5G network that provides the level of trust required by users today and in the future? The Benefits of 5G 5G's new use cases come from: Customized network slices…