Cyber Attacks on Precision Time Protocol Networks—A Case Study

The IEEE 1588 precision time protocol (PTP) is used by many time-sensitive applications and systems, as it achieves sub-microsecond time synchronization between computer clocks. However, a PTP network is vulnerable to cyber-attacks that can reduce the protocol accuracy to unacceptable levels for some or all clocks in a network with potentially devastating consequences. Of particular concern are advanced persistent threats (APT), where an actor infiltrates a network and operates stealthily and over extended periods of time before being discovered. This paper investigates the impact of the most important APT strategies on a PTP network, i.e., the delay attack, packet modification or transparent clock attack, and time reference attack, using a fully programable and customizable man in the middle device, thereby considering the two most popular PTP slave daemons PTPd and PTP4l. In doing so, it determines suitable attack patterns and parameters to compromise the time synchronization covertly.

Download Full-text

Precision time protocol attack strategies and their resistance to existing security extensions

Cybersecurity ◽

10.1186/s42400-021-00080-y ◽

2021 ◽

Vol 4 (1) ◽

Author(s):

Waleed Alghamdi ◽

Michael Schukat

Keyword(s):

Time Synchronization ◽

Cyber Attacks ◽

Security Protocol ◽

Financial Loss ◽

Require Time ◽

Industrial Sectors ◽

Precision Time ◽

The Impact ◽

Synchronization Accuracy ◽

Precision Time Protocol

AbstractThe IEEE 1588 precision time protocol (PTP) is very important for many industrial sectors and applications that require time synchronization accuracy between computers down to microsecond and even nanosecond levels. Nevertheless, PTP and its underlying network infrastructure are vulnerable to cyber-attacks, which can stealthily reduce the time synchronization accuracy to unacceptable and even damage-causing levels for individual clocks or an entire network, leading to financial loss or even physical destruction. Existing security protocol extensions only partially address this problem. This paper provides a comprehensive analysis of strategies for advanced persistent threats to PTP infrastructure, possible attacker locations, and the impact on clock and network synchronization in the presence of security protocol extensions, infrastructure redundancy, and protocol redundancy. It distinguishes between attack strategies and attacker types as described in RFC7384, but further distinguishes between the spoofing and time source attack, the simple internal attack, and the advanced internal attack. Some experiments were conducted to demonstrate the impact of PTP attacks. Our analysis shows that a sophisticated attacker has a range of methodologies to compromise a PTP network. Moreover, all PTP infrastructure components can host an attacker, making the comprehensive protection of a PTP network against a malware infiltration, as for example exercised by Stuxnet, a very tedious task.

Download Full-text

Sysplex time synchronization using IEEE 1588 Precision Time Protocol (PTP)

IBM Journal of Research and Development ◽

10.1147/jrd.2020.3008108 ◽

2020 ◽

Vol 64 (5/6) ◽

pp. 12:1-12:9

Author(s):

S. R. Guendert ◽

J. S. Houston ◽

P. A. Wojciak ◽

S Cherniak ◽

D. L. Massey

Keyword(s):

Time Synchronization ◽

Ieee 1588 ◽

Precision Time ◽

Precision Time Protocol

Download Full-text

Hardware Assisted Clock Synchronization with the IEEE 1588-2008 Precision Time Protocol

Proceedings of the 26th International Conference on Real-Time Networks and Systems - RTNS '18 ◽

10.1145/3273905.3273920 ◽

2018 ◽

Cited By ~ 4

Author(s):

Eleftherios Kyriakakis ◽

Jens Sparsø ◽

Martin Schoeberl

Keyword(s):

Clock Synchronization ◽

Ieee 1588 ◽

Precision Time ◽

Precision Time Protocol

Download Full-text

An Extension to the Precision Time Protocol (PTP) to Enable the Detection of Cyber Attacks

IEEE Transactions on Industrial Informatics ◽

10.1109/tii.2019.2943913 ◽

2020 ◽

Vol 16 (1) ◽

pp. 18-27 ◽

Cited By ~ 3

Author(s):

Bassam Moussa ◽

Marthe Kassouf ◽

Rachid Hadjidj ◽

Mourad Debbabi ◽

Chadi Assi

Keyword(s):

Cyber Attacks ◽

Precision Time ◽

Precision Time Protocol

Download Full-text

A Novel Algorithm for Establishing a Balanced Synchronization Hierarchy with Spare Masters (BSHSM) for the IEEE 1588 Precision Time Protocol

Energies ◽

10.3390/en10101469 ◽

2017 ◽

Vol 10 (10) ◽

pp. 1469 ◽

Cited By ~ 1

Author(s):

Nguyen Tien ◽

Jong Rhee

Keyword(s):

Ieee 1588 ◽

Precision Time ◽

Novel Algorithm ◽

Precision Time Protocol

Download Full-text

A Procedure for Collecting and Labeling Man-in-the-Middle Attack Traffic

International Journal of Reliability Quality and Safety Engineering ◽

10.1142/s0218539317500024 ◽

2017 ◽

Vol 24 (01) ◽

pp. 1750002 ◽

Cited By ~ 2

Author(s):

Chad Calvert ◽

Taghi M. Khoshgoftaar ◽

Maryam M. Najafabadi ◽

Clifford Kemp

Keyword(s):

Real World ◽

Production Environment ◽

Representative Data ◽

Man In The Middle ◽

Scale Network ◽

The Impact ◽

Traffic Behavior ◽

Gain Access ◽

Mitm Attack

In this work, we outline a procedure for collecting and labeling Man-in-the-Middle (MITM) attack traffic. Our capture procedure allows for the collection of real-world representative data using a full-scale network environment. MITM attacks are typically performed with the purpose of intercepting information amongst two networked machines. This enables the attacker to gain access to otherwise confidential communications and potentially alter said communications maliciously. MITM attacks are still a very common attack that can be implemented with relative ease across a variety of network environments. Our work establishes experimental procedures for enacting three prevalent MITM attack variants through penetration testing. The process for data collection is defined, along with our approach on gathering real-world, representative data. We also present a novel labeling procedure based on the inherent behaviors of each MITM attack variant. Our work aims to address the challenges associated with collecting such data within a live production environment, as well as identify the impact MITM attacks have on traffic behavior. We also present a case study to provide some quantitative analysis regarding the data collected.

Download Full-text

The Impact Of Corruption On Economic Development: Case Study Romania

Annals of Spiru Haret University Economic Series ◽

10.26458/1613 ◽

2016 ◽

Vol 16 (1) ◽

pp. 33

Author(s):

Luminita Ionescu ◽

Florentin Caloian

Keyword(s):

Economic Development ◽

Financial Management ◽

Cyber Attacks ◽

Management Reform ◽

The Public ◽

Fiscal Transparency ◽

Public Financial Management ◽

The Impact ◽

Geopolitical Risks

In the last decade, Romania implemented a strong legislation and a comprehensive program of public financial management reform in order to improve the national fiscal transparency and to reduce corruption.Corruption is a growing phenomenon all over the world, affecting economic development and aggravated by the legacy of the global economic crisis. The global risks are different from the past due to notably cyber attacks, new economic realities and geopolitical risks. Most of the time, corruption is associated with financial crime, fraud and bribery. Corruption is a major factor of reducing economic development and the governments must increase of macroeconomic and fiscal forecasts in order to facilitate access to the public funds.

Download Full-text