Archivio Istituzionale della RicercaThe security, availability, and accuracy of time information transmitted over transport networks are getting increased attention since different application domains require secure and accurate time. In this work, we classify first the security attacks affecting the transport-based time synchronization architectures. Such an architecture is currently designed in the ROOT (Rolling Out OSNMA for the Secure Synchronization of Telecom Networks) project. We indicate the attacks applying to different views of the ROOT architecture, namely the time distribution, network management, hardware, and software. We then considered the software view, and we experimented with a set of software tampering attacks on a dedicated Raspberry Pi 4 device employed for time distribution. To counteract such attacks, we exploited the Trusted Platform Module available on the device and Keylime remote attestation software to verify the integrity of time distribution software installed on the device. These tests represent a first step toward deploying the software integrity controls on the specialized nodes handling time synchronization in the ROOT project.
Attack Strategies and Countermeasures in Transport-Based Time Synchronization Solutions / Berbecaru, Diana Gratiela; Lioy, Antonio (STUDIES IN COMPUTATIONAL INTELLIGENCE). - In: Studies in Computational IntelligenceSTAMPA. - [s.l] : Springer, Cham, 2022. - ISBN 978-3-030-96626-3. - pp. 203-213 [10.1007/978-3-030-96627-0_19]
Attack Strategies and Countermeasures in Transport-Based Time Synchronization Solutions
Berbecaru, Diana Gratiela;Lioy, Antonio
2022
Abstract
The security, availability, and accuracy of time information transmitted over transport networks are getting increased attention since different application domains require secure and accurate time. In this work, we classify first the security attacks affecting the transport-based time synchronization architectures. Such an architecture is currently designed in the ROOT (Rolling Out OSNMA for the Secure Synchronization of Telecom Networks) project. We indicate the attacks applying to different views of the ROOT architecture, namely the time distribution, network management, hardware, and software. We then considered the software view, and we experimented with a set of software tampering attacks on a dedicated Raspberry Pi 4 device employed for time distribution. To counteract such attacks, we exploited the Trusted Platform Module available on the device and Keylime remote attestation software to verify the integrity of time distribution software installed on the device. These tests represent a first step toward deploying the software integrity controls on the specialized nodes handling time synchronization in the ROOT project.
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2963410