Layer 4 of the OSI model is the Transport Layer. According to an article in Infoblox, the Transport Layer is responsible for transferring data between end users and providing reliable data transfer services to the upper layers. The Transport Layer controls the reliability of given links through the use of flow control, segmentation and desegmentation and error control. Further, the Transport Layer can keep track of segments for protocols that are state and connection-oriented. The Transport Layer is also able to resend segments for those that fail. This is also the layer that provides acknowledgement of data sent successfully and it will send the next data if there were no other errors. Typical examples of Layer 4 include Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). The difference between TCP and UDP is that TCP prioritizes data quality over speed and UDP is a connectionless protocol that prioritizes speed over quality. Both protocols are rules that are in place regarding how to send data packets.
Something interesting about the Transport Layer is that this layer can be prone to some of the threats to previous media layers (Platsis, 2021). One can expect sniffing, especially related to ports and protocols. DDoS attacks are also common at this layer. Other types of attacks that are typical at the Transport Layer include SYN Floods and SMURF attacks. In a SYN flood, a hacker initiates multiple connections to a server using a spoofed IP address, while not waiting for a connection to finalize. Smurf attacks use malware to overload network resources. The attacker then broadcasts Internet Control Message Protocol echoes, which causes an infinite loop of requests. To mitigate attacks of this layer, it’s recommended to lock down ports and configure firewalls for only what is needed and gate access to your transmission protocols. Overall, it’s important for the Transport Layer to be as error-free as possible because there is a lot going on with all of the packet movement.
Platsis, G., George Platsis Senior Lead Technologist, Platsis, G., Technologist, S. L., & George Platsis works with the private. (2021, June 14). The OSI model and you part 4: Stopping threats at the OSI transport layer. Security Intelligence. Retrieved October 22, 2021, from https://securityintelligence.com/articles/osi-model-stopping-threats-osi-transport-layer/.
What is layer 4 of the OSI model: Transport layer?: DDI (secure DNS, DHCP, IPAM). Infoblox. (2021, April 27). Retrieved October 22, 2021, from https://www.infoblox.com/glossary/layer-4-of-the-osi-model-transport-layer/.
Physical Security Threats
Threats today range from hybrid attacks to targeting both physical and cyber assets. With the adoption and integration of Internet of Things (IoT) and the Industrial Internet of Things (IIoT) devices has increased interconnected mesh of cyber-physical system (CPS), that expands the attack surface and blurs the once clear functions of cybersecurity and physical security in this new threat landscape.
This new landscape allows for successful cyber/physical attacks on industrial control systems (ICS) to disrupt operations and deny services to the population affected by the attack. Cybersecurity & Infrastructure Security Agency (CISA) provides examples of types of physical attacks (CISA 2021):
As cyber-physical attack continue to grow, global insurance companies are trying to ascertain how much to cover for such a dynamic risk as attacks are constantly evolving. There are so many potential attack surfaces, vectors and avenues there are infinite possibilities for cyber-physical attacks as the world moves forward with self-driven cars, telehealth, medical devices, traffic flow sensors, drones, transit systems. The triad’s approach to Confidentiality, Integrity and Availability, with Confidentiality at the forefront with physical security, will need strict access controls, educating all users of technology of the dangers of cyber world. (Hamilton 2021)
CISA (2021) “ Cybersecurity and Physical Security Convergence” Cybersecurity & Infrastructure Security Agency Cybersecurity and Physical Security Convergence (cisa.gov)
Hamilton, E., (July 2021) “ What are Cyber-Physical Attacks?” The Science Times What Are Cyber-Physical Attacks? | Science Times
Are you overwhelmed by an intense schedule and facing difficulties completing this assignment? We at GrandHomework know how to assist students in the most effective and cheap way possible. To be sure of this, place an order and enjoy the best grades that you deserve!Post Homework