The security, availability, and accuracy of time information transmitted over transport networks are getting increased attention since different application domains require secure and accurate time. In this work, we classify first the security attacks affecting the transport-based time synchronization architectures. Such an architecture is currently designed in the ROOT (Rolling Out OSNMA for the Secure Synchronization of Telecom Networks) project. We indicate the attacks applying to different views of the ROOT architecture, namely the time distribution, network management, hardware, and software. We then considered the software view, and we experimented with a set of software tampering attacks on a dedicated Raspberry Pi 4 device employed for time distribution. To counteract such attacks, we exploited the Trusted Platform Module available on the device and Keylime remote attestation software to verify the integrity of time distribution software installed on the device. These tests represent a first step toward deploying the software integrity controls on the specialized nodes handling time synchronization in the ROOT project.
Attack Strategies and Countermeasures in Transport-Based Time Synchronization Solutions / Berbecaru, Diana Gratiela; Lioy, Antonio. - STAMPA. - 1026:(2022), pp. 203-213. (Intervento presentato al convegno 2021 International Symposium on Intelligent and Distributed Computing (IDC 2021) nel 16 - 18 September 2021) [10.1007/978-3-030-96627-0_19].
Attack Strategies and Countermeasures in Transport-Based Time Synchronization Solutions
Berbecaru, Diana Gratiela;Lioy, Antonio
2022
Abstract
The security, availability, and accuracy of time information transmitted over transport networks are getting increased attention since different application domains require secure and accurate time. In this work, we classify first the security attacks affecting the transport-based time synchronization architectures. Such an architecture is currently designed in the ROOT (Rolling Out OSNMA for the Secure Synchronization of Telecom Networks) project. We indicate the attacks applying to different views of the ROOT architecture, namely the time distribution, network management, hardware, and software. We then considered the software view, and we experimented with a set of software tampering attacks on a dedicated Raspberry Pi 4 device employed for time distribution. To counteract such attacks, we exploited the Trusted Platform Module available on the device and Keylime remote attestation software to verify the integrity of time distribution software installed on the device. These tests represent a first step toward deploying the software integrity controls on the specialized nodes handling time synchronization in the ROOT project.File | Dimensione | Formato | |
---|---|---|---|
AttackStrategies_Countermeasures_2022_min.pdf
non disponibili
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Non Pubblico - Accesso privato/ristretto
Dimensione
6.64 MB
Formato
Adobe PDF
|
6.64 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
art_IDC2021.pdf
accesso aperto
Tipologia:
2. Post-print / Author's Accepted Manuscript
Licenza:
PUBBLICO - Tutti i diritti riservati
Dimensione
304.14 kB
Formato
Adobe PDF
|
304.14 kB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2963410