In networking, a protocol is a standardized set of rules for formatting and processing data. Protocols enable computers to communicate with one another.
In networking, a protocol is a set of rules for formatting and processing data. Network protocols are like a common language for computers. The computers within a network may use vastly different software and hardware; however, protocols enable them to communicate with each other regardless.
Standardized protocols are like a common language that computers can use, similar to how two people from different parts of the world may not understand each other’s native languages, but they can communicate using a shared third language. If one computer uses the Internet Protocol (IP) and a second computer does as well, they will be able to communicate — just as the United Nations relies on its 6 official languages to communicate amongst representatives from all over the globe. But if one computer uses IP and the other does not know this protocol, they will be unable to communicate.
On the Internet, there are different protocols for different types of processes. Protocols are often discussed regarding which OSI model layer they belong to.
What are the layers of the OSI model?
The Open Systems Interconnection (OSI) model is an abstract representation of how the Internet works. It contains 7 layers, each representing a different category of networking functions.
Protocols make these networking functions possible. For instance, the Internet Protocol (IP) is responsible for routing data by indicating where data packets* come from and their destination. IP makes network-to-network communications possible. Hence, IP is considered a network layer (layer 3) protocol.
As another example, the Transmission Control Protocol (TCP) ensures that the transportation of data packets across networks goes smoothly. Therefore, TCP is considered a transport layer (layer 4) protocol.
*A packet is a small data segment; all data sent over a network is divided into packets.
Which protocols run on the network layer?
As described above, IP is a network layer protocol responsible for routing. But it is not the only network layer protocol.
IPsec: Internet Protocol Security (IPsec) sets up encrypted, authenticated IP connections over a virtual private network (VPN). Technically IPsec is not a protocol but rather a collection of protocols that includes the Encapsulating Security Protocol (ESP), Authentication Header (AH), and Security Associations (SA).
ICMP: The Internet Control Message Protocol (ICMP) reports errors and provides status updates. For example, if a router cannot deliver a packet, it will send an ICMP message back to the packet’s source.
IGMP: The Internet Group Management Protocol (IGMP) sets up one-to-many network connections. IGMP helps set up multicasting, meaning multiple computers can receive data packets directed at one IP address.
What other protocols are used on the Internet?
Some of the most essential protocols to know are:
TCP: As described above, TCP is a transport layer protocol that ensures reliable data delivery. TCP is meant to be used with IP; the two protocols are often referenced as TCP/IP.
HTTP: The Hypertext Transfer Protocol (HTTP) is the foundation of the World Wide Web, the Internet that most users interact with. It is used for transferring data between devices. HTTP belongs to the application layer (layer 7), because it puts data into a format that applications (e.g. a browser) can use directly, without further interpretation. The lower layers of the OSI model are handled by a computer’s operating system, not applications.
HTTPS: The problem with HTTP is that it is not encrypted — any attacker who intercepts an HTTP message can read it. HTTPS (HTTP Secure) corrects this by encrypting HTTP messages.
TLS/SSL: Transport Layer Security (TLS) is the protocol HTTPS uses for encryption. TLS used to be called Secure Sockets Layer (SSL).
UDP: The User Datagram Protocol (UDP) is a faster but less reliable alternative to TCP at the transport layer. It is often used in services like video streaming and gaming, where fast data delivery is paramount.
What protocols do routers use?
Network routers use certain protocols to discover the most efficient network paths to other routers. These protocols are not used for transferring user data. Important network routing protocols include:
BGP: The Border Gateway Protocol (BGP) is an application layer protocol networks use to broadcast which IP addresses they control. This information allows routers to decide which networks data packets should pass through on the way to their destinations.
EIGRP: The Enhanced Interior Gateway Routing Protocol (EIGRP) identifies distances between routers. EIGRP automatically updates each router’s record of the best routes (called a routing table) and broadcasts those updates to other routers within the network.
OSPF: The Open Shortest Path First (OSPF) protocol calculates the most efficient network routes based on a variety of factors, including distance and bandwidth.
RIP: The Routing Information Protocol (RIP) is an older routing protocol that identifies distances between routers. RIP is an application layer protocol.
How are protocols used in cyber attacks?
Just as with any aspect of computing, attackers can exploit how networking protocols function to compromise or overwhelm systems. Many of these protocols are used in distributed denial-of-service (DDoS) attacks. For example, in a SYN flood attack, an attacker takes advantage of how the TCP protocol works. They send SYN packets to repeatedly initiate a TCP handshake with a server, until the server is unable to provide service to legitimate users because its resources are tied up by all the phony TCP connections.