Overview#Internet Threat Model is described in BCP 72 as a fairly well understood Threat Model.
In general, we assume that the end-systems engaging in a protocol exchange have not themselves been compromised. Protecting against an attack when one of the end-systems has been compromised is extraordinarily difficult. It is, however, possible to design protocols which minimize the extent of the damage done under these circumstances.
This means that the attacker can read any Protocol Data Unit (PDU) on the network and undetectably remove, change, or inject forged packets onto the wire. This includes being able to generate packets that appear to be from a trusted machine. Thus, even if the end-system with which you wish to communicate is itself secure, the Internet environment provides no assurance that packets which claim to be from that system in fact are.
It's important to realize that the meaning of a Protocol Data Unit is different at different levels. At the IP level, a PDU means an IP packet. At the TCP level, it means a TCP segment. At the Application Layer, PDU means some kind of application PDU.