21 research outputs found
Attacking the Network Time Protocol
We explore the risk that network attackers can exploit unauthenticated Network Time Protocol (NTP) traffic to alter the time on client systems. We first discuss how an on-path attacker, that hijacks traffic to an NTP server, can quickly shift time on the server\u27s clients. Then, we present a extremely low-rate (single packet) denial-of-service attack that an off-path attacker, located anywhere on the network, can use to disable NTP clock synchronization on a client. Next, we show how an off-path attacker can exploit IPv4 packet fragmentation to shift time on a client. We discuss the implications on these attacks on other core Internet protocols, quantify their attack surface using Internet measurements, and suggest a few simple countermeasures that can improve the security of NTP
Low-resource eclipse attacks on Ethereum’s peer-to-peer network
We present eclipse attacks on Ethereum nodes that exploit the peer-to-peer network used for neighbor discovery. Our attacks can be launched using only two hosts, each with a single IP address. Our eclipse attacker monopolizes all of the victim’s incoming and outgoing connections, thus isolating the victim from the rest of its peers in the network. The attacker can then filter the victim’s view of the blockchain, or co-opt the victim’s computing power as part of more sophisticated attacks. We argue that these eclipse-attack vulnerabilities result from Ethereum’s adoption of the Kademlia peer-to-peer protocol, and present countermeasures that both harden the network against eclipse attacks and cause it to behave differently from the traditional Kademlia protocol. Several of our countermeasures have been incorporated in the Ethereum geth 1.8 client released on February 14, 2018.First author draf
Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning
The secret keys of critical network authorities - such as time, name,
certificate, and software update services - represent high-value targets for
hackers, criminals, and spy agencies wishing to use these keys secretly to
compromise other hosts. To protect authorities and their clients proactively
from undetected exploits and misuse, we introduce CoSi, a scalable witness
cosigning protocol ensuring that every authoritative statement is validated and
publicly logged by a diverse group of witnesses before any client will accept
it. A statement S collectively signed by W witnesses assures clients that S has
been seen, and not immediately found erroneous, by those W observers. Even if S
is compromised in a fashion not readily detectable by the witnesses, CoSi still
guarantees S's exposure to public scrutiny, forcing secrecy-minded attackers to
risk that the compromise will soon be detected by one of the W witnesses.
Because clients can verify collective signatures efficiently without
communication, CoSi protects clients' privacy, and offers the first
transparency mechanism effective against persistent man-in-the-middle attackers
who control a victim's Internet access, the authority's secret key, and several
witnesses' secret keys. CoSi builds on existing cryptographic multisignature
methods, scaling them to support thousands of witnesses via signature
aggregation over efficient communication trees. A working prototype
demonstrates CoSi in the context of timestamping and logging authorities,
enabling groups of over 8,000 distributed witnesses to cosign authoritative
statements in under two seconds.Comment: 20 pages, 7 figure
The Leap Second Behaviour of NTP Servers
The NTP network is an important part of the
Internet’s infrastructure, and one of the most challenging times
for the NTP network is around leap seconds. In this paper we look
at the behaviour of public servers in the NTP network in 2005 and
over the period from 2008 to present, focusing on leap seconds.
We review the evolution of the NTP reference implementation
with respect to leap seconds and show how the behaviour of the
network has changed since 2005. Our results show that although
the network’s performance has certain problems, these seem to
be reducing over time
The security of NTP's datagram protocol
For decades, the Network Time Protocol (NTP) has been
used to synchronize computer clocks over untrusted network paths. This
work takes a new look at the security of NTP’s datagram protocol. We
argue that NTP’s datagram protocol in RFC5905 is both underspecified
and flawed. The NTP specifications do not sufficiently respect (1) the
conflicting security requirements of different NTP modes, and (2) the
mechanism NTP uses to prevent off-path attacks. A further problem
is that (3) NTP’s control-query interface reveals sensitive information
that can be exploited in off-path attacks. We exploit these problems
in several attacks that remote attackers can use to maliciously alter a
target’s time. We use network scans to find millions of IPs that are
vulnerable to our attacks. Finally, we move beyond identifying attacks
by developing a cryptographic model and using it to prove the security
of a new backwards-compatible client/server protocol for NTP.https://eprint.iacr.org/2016/1006.pdfhttps://eprint.iacr.org/2016/1006.pdfPublished versio
Threats and Defenses in SDN Control Plane
abstract: Network Management is a critical process for an enterprise to configure and monitor the network devices using cost effective methods. It is imperative for it to be robust and free from adversarial or accidental security flaws. With the advent of cloud computing and increasing demands for centralized network control, conventional management protocols like Simple Network Management Protocol (SNMP) appear inadequate and newer techniques like Network Management Datastore Architecture (NMDA) design and Network Configuration (NETCONF) have been invented. However, unlike SNMP which underwent improvements concentrating on security, the new data management and storage techniques have not been scrutinized for the inherent security flaws.
In this thesis, I identify several vulnerabilities in the widely used critical infrastructures which leverage the NMDA design. Software Defined Networking (SDN), a proponent of NMDA, heavily relies on its datastores to program and manage the network. I base my research on the security challenges put forth by the existing datastore’s design as implemented by the SDN controllers. The vulnerabilities identified in this work have a direct impact on the controllers like OpenDayLight, Open Network Operating System and their proprietary implementations (by CISCO, Ericsson, RedHat, Brocade, Juniper, etc). Using the threat detection methodology, I demonstrate how the NMDA-based implementations are vulnerable to attacks which compromise availability, integrity, and confidentiality of the network. I finally propose defense measures to address the security threats in the existing design and discuss the challenges faced while employing these countermeasures.Dissertation/ThesisMasters Thesis Computer Science 201
Security Vulnerability Assessment of Google Home Connection with an Internet of Things Device
With virtual assistants, both changes and serious conveniences are provided in human life. For this reason, the use of virtual assistants is increasing. The virtual assistant software has started to be produced as separate devices as well as working on phones, tablets, and computer systems. Google Home is one of these devices. Google Home can work integrated with smart home systems and various Internet of Things devices. The security of these systems is an important issue. As a result of attackers taking over these systems, very serious problems may occur. It is very important to take the necessary actions to detect these problems and to take the necessary measures to prevent possible attacks. The purpose of this study is to test whether an attack that attackers can make to these systems via network time protocol will be successful or not. Accordingly, it has been tried to attack the wireless connection established between Google Home and an Internet of Things device over the network time protocol. Attack results have been shared.With virtual assistants, both changes and serious conveniences are provided in human life. For this reason, the use of virtual assistants is increasing. The virtual assistant software has started to be produced as separate devices as well as working on phones, tablets, and computer systems. Google Home is one of these devices. Google Home can work integrated with smart home systems and various Internet of Things devices. The security of these systems is an important issue. As a result of attackers taking over these systems, very serious problems may occur. It is very important to take the necessary actions to detect these problems and to take the necessary measures to prevent possible attacks. The purpose of this study is to test whether an attack that attackers can make to these systems via network time protocol will be successful or not. Accordingly, it has been tried to attack the wireless connection established between Google Home and an Internet of Things device over the network time protocol. Attack results have been shared
Deep Dive into NTP Pool's Popularity and Mapping
Time synchronization is of paramount importance on the Internet, with the Network Time Protocol (NTP) serving as the primary synchronization protocol. The NTP Pool, a volunteer-driven initiative launched two decades ago, facilitates connections between clients and NTP servers. Our analysis of root DNS queries reveals that the NTP Pool has consistently been the most popular time service. We further investigate the DNS component (GeoDNS) of the NTP Pool, which is responsible for mapping clients to servers. Our findings indicate that the current algorithm is heavily skewed, leading to the emergence of time monopolies for entire countries. For instance, clients in the US are served by 551 NTP servers, while clients in Cameroon and Nigeria are served by only one and two servers, respectively, out of the 4k+ servers available in the NTP Pool. We examine the underlying assumption behind GeoDNS for these mappings and discover that time servers located far away can still provide accurate clock time information to clients. We have shared our findings with the NTP Pool operators, who acknowledge them and plan to revise their algorithm to enhance security.</p