Abstract:

Most of the services available on the Internet are based on the communication model described by the IS0-OSI reference standard. The networks that make up the global network use a set of TCP / IP communication protocols for data transmission. The TCP / IP model implements the ISO-OSI guidelines in the form of network software that implements the mechanisms of individual layers. The organization of network communication based on the TCP / IP protocol stack has a number of advantages. First of all, by isolating the processes taking place in individual layers, it enables changes to be made in them, without the need to rebuild the entire stack. It gives the possibility of dynamic development of network technologies within the scope of issues related to the functions of individual layers. Another advantage is the implementation of the network transparency concept, consisting in masking the processes carried out by lower TCP / IP layers, related to the specificity of the telecommunications channel related to the physical medium used for data transmission. The functionality of the ISO-OSI model can be used to analyze and identify threats to network communication. The article proposes a method of security analysis of TCP / IP protocols based on the ISO-OSI model. As a result of the analysis, three main threats were identified, occurring in each of the layers of the ISO-OSI model. These are eavesdropping, spoofing, and denial of service. Each of these security threats is implemented in a manner characteristic of the function performed by a given network layer. In conclusion, defense mechanisms securing network communication based on TCP / IP protocols are proposed