Preventing Time Synchronization in NTP's Broadcast Mode

@article{Tripathi2021PreventingTS,
  title={Preventing Time Synchronization in NTP's Broadcast Mode},
  author={Nikhil Tripathi and Neminath Hubballi},
  journal={Comput. Secur.},
  year={2021},
  volume={102},
  pages={102135}
}
Delays have Dangerous Ends: Slow HTTP/2 DoS attacks into the Wild and their Real-Time Detection using Event Sequence Analysis
TLDR
A scheme to detect Slow Rate DoS attacks against HTTP/2 in real-time with high accuracy and marginal computational overhead is proposed and shown to be effective.
Application Layer Denial-of-Service Attacks and Defense Mechanisms
TLDR
This article provides a structured and comprehensive survey of the existing application layer DoS attacks and defense mechanisms, classified into different categories, describe their working, and compare them based on relevant parameters.

References

SHOWING 1-10 OF 39 REFERENCES
Preventing (Network) Time Travel with Chronos
TLDR
Chronos is presented, a new NTP client that achieves good synchronization even in the presence of powerful man-in-the-middle attackers and is carefully engineered to minimize communication overhead so as to avoid overloading NTP servers.
Attacking NTP's Authenticated Broadcast Mode
TLDR
Why NTP's current implementation of symmetric-key cryptographic authentication does not provide security in broadcast mode is discussed, and some recommendations to improve the current state of affairs are made.
The Security of NTP's Datagram Protocol
TLDR
It is argued that NTP’s datagram protocol in RFC5905 is both underspecified and flawed, and the NTP specifications do not sufficiently respect the conflicting security requirements of different NTP modes and the mechanism NTP uses to prevent off-path attacks.
Network Time Protocol Version 4: Protocol and Algorithms Specification
TLDR
NTP version 4 (NTPv4), which is backwards compatible with NTP version 3 (N TPv3), described in RFC 1305, as well as previous versions of the protocol, are described.
Authenticated Network Time Synchronization
TLDR
An authenticated version of NTP is presented, called ANTP, to protect against desynchronization attacks and achieve secure time synchronization under standard cryptographic assumptions, using a novel provable security framework that involves adversary control of time.
Network Time Protocol Version 4: Autokey Specification
This memo describes the Autokey security model for authenticating servers to clients using the Network Time Protocol (NTP) and public key cryptography. Its design is based on the premise that IPSEC
A closer look into DHCP starvation attack in wireless networks
Attacking the Network Time Protocol
TLDR
The risk that network attackers can exploit unauthenticated Network Time Protocol (NTP) traffic to alter the time on client systems is explored, and an extremely low-rate (single packet) denial-of-service attack that an off-path attacker can use to disable NTP clock synchronization on a client is presented.
Multi-path Time Protocols
  • Alexander Shpiner, Yoram Revah, Tal Mizrahi
  • Computer Science
    2013 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control and Communication (ISPCS) Proceedings
  • 2013
TLDR
Extensions to the PTP and NTP standards are introduced called Multi-Path PTP (MPPTP) and Multi- Path NTP ( MPNTP), respectively, and their application over various transport protocols are described.
Exploiting DHCP server-side IP address conflict detection: A DHCP starvation attack
  • Nikhil Tripathi, N. Hubballi
  • Computer Science
    2015 IEEE International Conference on Advanced Networks and Telecommuncations Systems (ANTS)
  • 2015
TLDR
A new method of creating starvation in both wired and wireless networks is described which exploits a precautionary probing done by a DHCP server as described in RFC 2131 and it is shown that a malicious insider can just send spoofed replies to these probes to create the effect of starvation.
...
1
2
3
4
...