The security, availability, and accuracy of time information transmitted over transport networks are getting increased attention since different application domains require secure and accurate time. In this work, we classify first the security attacks affecting the transport-based time synchronization architectures. Such an architecture is currently designed in the ROOT (Rolling Out OSNMA for the Secure Synchronization of Telecom Networks) project. We indicate the attacks applying to different views of the ROOT architecture, namely the time distribution, network management, hardware, and software. We then considered the software view, and we experimented with a set of software tampering attacks on a dedicated Raspberry Pi 4 device employed for time distribution. To counteract such attacks, we exploited the Trusted Platform Module available on the device and Keylime remote attestation software to verify the integrity of time distribution software installed on the device. These tests represent a first step toward deploying the software integrity controls on the specialized nodes handling time synchronization in the ROOT project.

Attack Strategies and Countermeasures in Transport-Based Time Synchronization Solutions / Berbecaru, Diana Gratiela; Lioy, Antonio. - STAMPA. - 1026:(2022), pp. 203-213. (Intervento presentato al convegno 2021 International Symposium on Intelligent and Distributed Computing (IDC 2021) nel 16 - 18 September 2021) [10.1007/978-3-030-96627-0_19].

Attack Strategies and Countermeasures in Transport-Based Time Synchronization Solutions

Berbecaru, Diana Gratiela;Lioy, Antonio
2022

Abstract

The security, availability, and accuracy of time information transmitted over transport networks are getting increased attention since different application domains require secure and accurate time. In this work, we classify first the security attacks affecting the transport-based time synchronization architectures. Such an architecture is currently designed in the ROOT (Rolling Out OSNMA for the Secure Synchronization of Telecom Networks) project. We indicate the attacks applying to different views of the ROOT architecture, namely the time distribution, network management, hardware, and software. We then considered the software view, and we experimented with a set of software tampering attacks on a dedicated Raspberry Pi 4 device employed for time distribution. To counteract such attacks, we exploited the Trusted Platform Module available on the device and Keylime remote attestation software to verify the integrity of time distribution software installed on the device. These tests represent a first step toward deploying the software integrity controls on the specialized nodes handling time synchronization in the ROOT project.
2022
978-3-030-96626-3
978-3-030-96627-0
File in questo prodotto:
File Dimensione Formato  
AttackStrategies_Countermeasures_2022_min.pdf

non disponibili

Tipologia: 2a Post-print versione editoriale / Version of Record
Licenza: Non Pubblico - Accesso privato/ristretto
Dimensione 6.64 MB
Formato Adobe PDF
6.64 MB Adobe PDF   Visualizza/Apri   Richiedi una copia
art_IDC2021.pdf

accesso aperto

Tipologia: 2. Post-print / Author's Accepted Manuscript
Licenza: PUBBLICO - Tutti i diritti riservati
Dimensione 304.14 kB
Formato Adobe PDF
304.14 kB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/2963410