Our travels through the OSI seven layers of networking have shown that each layer has specific weaknesses and angles of attack. In turn, each has its best defenses. Now, we’ve come to the OSI presentation layer. Here translation, encryption and compression all happen.

What Is the Presentation Layer?

The simplest way to describe the OSI presentation layer is as follows: it is where machine-readable code gets processed into something the end user can use later in the application layer. This layer is where formatting, conversion and encryption happen. Without it, unless you’re a developer, you likely won’t know what you’re looking at.

Attacks and Threats

If you are using an HTTPS website, encryption would happen at the presentation layer. That means getting your encryption right matters here. Therefore threat actors look for exploits in encryption flaws within the OSI presentation layer. One of the most common tactics is SSL hijacking or sniffing.

Like we said in previous entries, man-in-the-middle (MitM) attacks are one of the go-to moves for threat actors. In conjunction with malware, SSL hijacking can be damaging at the OSI presentation layer. If an attacker has already installed malware on a machine, the MitM would use a proxy to serve as an untrusted certificate authority. If this is the case, the browser will trust the wrong certificate authority and now the attacker will be able to read all messages. For this reason, it is important that your antivirus is up to date and you are doing what you can to stop malware from entering your devices.

As mentioned in the previous piece on the session layer, attackers will take advantage of bad coding practices. That’s true at this layer as well. Keep this in mind when you choose and add software into your enterprise.

The Journey Through the OSI Seven-Layer Model

We’re almost done with the journey through the OSI seven-layer model. After the OSI presentation layer, we’ll look at the application layer. By far, this is where the widest range of attacks and breaches can occur. Therefore, it’s very important to understand.

More from Mobile Security

Third-Party App Stores Could Be a Red Flag for iOS Security

Even Apple can’t escape change forever. The famously restrictive company will allow third-party app stores for iOS devices, along with allowing users to “sideload” software directly. Spurring the move is the European Union’s (EU) Digital Markets Act (DMA), which looks to ensure open markets by reducing the ability of digital “gatekeepers” to restrict content on devices. While this is good news for app creators and end-users, there is a potential red flag: security. Here’s what the compliance-driven change means for…

A View Into Web(View) Attacks in Android

James Kilner contributed to the technical editing of this blog. Nethanella Messer, Segev Fogel, Or Ben Nun and Liran Tiebloom contributed to the blog. Although in the PC realm it is common to see financial malware used in web attacks to commit fraud, in Android-based financial malware this is a new trend. Traditionally, financial malware in Android uses overlay techniques to steal victims’ credentials. In 2022, IBM Security Trusteer researchers discovered a new trend in financial mobile malware that targets…

How the Mac OS X Trojan Flashback Changed Cybersecurity

Not so long ago, the Mac was thought to be impervious to viruses. In fact, Apple once stated on its website that "it doesn't get PC viruses". But that was before the Mac OS X Trojan Flashback malware appeared in 2012. Since then, Mac and iPhone security issues have changed dramatically — and so has the security of the entire world. In this post, we'll revisit how the Flashback incident unfolded and how it changed the security landscape forever. What…

Switching to 5G? Know Your Integrated Security Controls

5G is a big leap in mobile technology. It presents enterprises and service providers with capabilities for advanced applications, content delivery and digital engagement anywhere. It enables businesses with new use cases and integrated security needs to have a trusted network and application/data delivery function. How does one build a secure 5G network that provides the level of trust required by users today and in the future? The Benefits of 5G 5G's new use cases come from: Customized network slices…