Precision time protocol attack strategies and their resistance to existing security extensions  

在线阅读下载全文

作  者:Waleed Alghamdi Michael Schukat 

机构地区:[1]School of Computer Science,National University of Ireland Galway Ireland

出  处:《Cybersecurity》2021年第1期160-176,共17页网络空间安全科学与技术(英文)

基  金:the Technical and Vocational Training Corporation, Saudi Arabia.

摘  要:The IEEE 1588 precision time protocol(PTP)is very important for many industrial sectors and applications that require time synchronization accuracy between computers down to microsecond and even nanosecond levels.Nevertheless,PTP and its underlying network infrastructure are vulnerable to cyber-attacks,which can stealthily reduce the time synchronization accuracy to unacceptable and even damage-causing levels for individual clocks or an entire network,leading to financial loss or even physical destruction.Existing security protocol extensions only partially address this problem.This paper provides a comprehensive analysis of strategies for advanced persistent threats to PTP infrastructure,possible attacker locations,and the impact on clock and network synchronization in the presence of security protocol extensions,infrastructure redundancy,and protocol redundancy.It distinguishes between attack strategies and attacker types as described in RFC7384,but further distinguishes between the spoofing and time source attack,the simple internal attack,and the advanced internal attack.Some experiments were conducted to demonstrate the impact of PTP attacks.Our analysis shows that a sophisticated attacker has a range of methodologies to compromise a PTP network.Moreover,all PTP infrastructure components can host an attacker,making the comprehensive protection of a PTP network against a malware infiltration,as for example exercised by Stuxnet,a very tedious task.

关 键 词:APT Cyber-attacks IEEE 1588 PTP Security Time synchronization protocols 

分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象