Approved 2024/02/05 08:36 by psycore (version: 3) | Approver: psycore

OSI layer cyber attacks

Listing of attacks according to OSI-Modell and associated risk minimisation.

Possible attacks OSI Layer Risk minimisation
SQL-Injection, Cross-Site-Scripting , Remote Code Execution Application Patch management, vulnerability management, web application firewall (WAF)
Code Injection, Data Format Manipulation, Serialisation Attacks Representation Check and clean up data input, use secure programme libraries
Session Hijacking, Token Based Attacks, Session Sidejacking Session randomised session IDs, automated logout mechanisms, secure tokens for user authentication
SYN flood attacks, TCP session hijacking, UDP flood Transport Monitor and control network traffic at the firewall, mitigate SYN flood attacks, implement secure data exchange
IP spoofing, ICMP attacks, denial of service attacks Mediation Firewall filtering, IDS, IPS, prevent IP address spoofing via the router
MAC address spoofing, ARP spoofing Backup Limit the number of MAC IDs on a port, network segmentation via VLAN
physical manipulation, such as pulling network cables or cutting the power supply Bit transmission Access restriction, video surveillance

Source: https://www.linkedin.com/company/ethical-hackers-academy/

  • en/it-security/osi_layer_cyber_attacks.txt
  • Last modified: 2024/02/05 08:33
  • by psycore