Attacking the Network Time Protocol

نویسندگان

  • Aanchal Malhotra
  • Isaac E. Cohen
  • Erik Brakke
  • Sharon Goldberg
چکیده

We explore the risk that network attackers can exploit unauthenticated Network Time Protocol (NTP) traffic to alter the time on client systems. We first discuss how an onpath attacker, that hijacks traffic to an NTP server, can quickly shift time on the server’s clients. Then, we present an extremely low-rate (single packet) denial-of-service attack that an off-path attacker, located anywhere on the network, can use to disable NTP clock synchronization on a client. Next, we show how an off-path attacker can exploit IPv4 packet fragmentation to dramatically shift time on a client. We discuss the implications of these attacks on other core Internet protocols, quantify their attack surface using Internet measurements, and suggest a few simple countermeasures that can improve the security of NTP.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

An Effective Network Security Log Mining Algorithm based on Fuzzy Clustering

In this paper, we concentrate on the network security log mining problem, and proposed a novel fuzzy clustering algorithm to solve it. The architecture of network security log mining system is discussed at first, and three main modules are included in this system, such as data pre-processing, pattern mining and pattern analyzing. The main work of network security log mining is to find the frequ...

متن کامل

Two-Tier GCT Based Approach for Attack Detection

The frequent attacks on network infrastructure, using various forms of denial of service attacks, have led to an increased need for developing new techniques for analyzing network traffic. If efficient analysis tools were available, it could become possible to detect the attacks and to take action to weaken those attacks appropriately before they have had time to propagate across the network. I...

متن کامل

Evolutionary Computing Assisted Wireless Sensor Network Mining for QoS-Centric and Energy-efficient Routing Protocol

The exponential rise in wireless communication demands and allied applications have revitalized academia-industries to develop more efficient routing protocols. Wireless Sensor Network (WSN) being battery operated network, it often undergoes node death-causing pre-ma...

متن کامل

DTMP: Energy Consumption Reduction in Body Area Networks Using a Dynamic Traffic Management Protocol

Advances in medical sciences with other fields of science and technology is closely casual profound mutations in different branches of science and methods for providing medical services affect the lives of its descriptor. Wireless Body Area Network (WBAN) represents such a leap. Those networks excite new branches in the world of telemedicine. Small wireless sensors, to be quite precise and calc...

متن کامل

A new virtual leader-following consensus protocol to internal and string stability analysis of longitudinal platoon of vehicles with generic network topology under communication and parasitic delays

In this paper, a new virtual leader following consensus protocol is introduced to perform the internal and string stability analysis of longitudinal platoon of vehicles under generic network topology. In all previous studies on multi-agent systems with generic network topology, the control parameters are strictly dependent on eigenvalues of network matrices (adjacency or Laplacian). Since some ...

متن کامل

Attacking the Asokan–Ginzboorg Protocol for Key Distribution in an Ad-Hoc Bluetooth Network Using CORAL

We describe CORAL, a counterexample finder for incorrect inductive conjectures. By devising a first-order version of Paulson’s formalism for cryptographic protocol analysis, [10], we are able to use CORAL to attack protocols which may have an unbounded number of principals involved in a single run. We show two new attacks CORAL has found on the Asokan–Ginzboorg protocol for establishing a group...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:
  • IACR Cryptology ePrint Archive

دوره 2015  شماره 

صفحات  -

تاریخ انتشار 2015