NTP Security by Delay-based Detection in Intelligent Defense Systems

Authors

  • A. E. Dinar Faculty of Sciences and Technology, Mustapha Stambouli University, Mascara (29000), Algeria. Laboratoire de Sciences et Techniques de l'Eau (LSTE), University of Mascara
  • S. Ghouali Faculty of Sciences and Technology, Mustapha Stambouli University, Mascara (29000), Algeria. STIC Laboratory, Univ Tlemcen, Algeria.
  • B. Merabet Faculty of Sciences and Technology, Mustapha Stambouli University, Mascara (29000), Algeria.

Keywords:

Attacks on Networks, Network Security, Network Time Protocol, Server Synchronization, Phyton,

Abstract

Nowadays, computer equipment has hardware or software clocks to which they refer to time stamp files, transactions and emails. The design of a quartz oscillator, such as clocks drift functions like ordinary watches that do not perfectly match. Therefore, it needs networked machines sharing common resources. For instance, UNIX makes command updates key files ensuring that files on which it depends exist and are up-to-date. Also, correlating log messages from several systems becomes very difficult if it does not occur at the same time. This paper focuses mainly on how to detect attacks, trying to predict attacks based on delays caused by this equipment. A server is configured using NTP protocol whose main target is to be implemented in UNIX system, to see how the NTP server is managed with the powerful package Chrony for Ubuntu. The examined results via Python reveal that clients neither will be nor able to make final decisions just after negotiating with servers in several attempts, before or after accepting their clock.

References

A. Calder, “A Business Guide to Information Security”, Library of Congress Cataloging-in-Publication Data, Creative Print and Design (Wales), Ebbw Vale Great Britain, 2005, pp. 8–13.

Arif, M.; Wang, G.; Geman, O.; Balas, V.E.; Tao, P.; Brezulianu, A.; Chen, J. SDN-based VANETs, Security Attacks, Applications, and Challenges. Appl. Sci. 2020, 10, 3217.

A. Mahmood, R. Exel, and T. Sauter, Delay and Jitter Characterization for Software-Based Clock Synchronization Over WLAN Using PTP, ieee transactions on industrial informatics, vol. 10, no. 2, MAY 2014.

S. S. Awad, "Analysis of accumulated timing-jitter in the time domain," in IEEE Transactions on Instrumentation and Measurement, vol. 47, no. 1, pp. 69-73, Feb. 1998, doi: 10.1109/19.728792.

K. Pappu, G. P. Reitsma and S. Bapat, "5.4 Frequency-locked-loop ring oscillator with 3ns peak-to-peak accumulated jitter in 1ms time window for high-resolution frequency counting," 2017 IEEE International Solid-State Circuits Conference (ISSCC), San Francisco, CA, 2017, pp. 92-93, doi: 10.1109/ISSCC.2017.7870276.

D.-W. Jee, Robust high-multiplication factor MDLL using IIR filterbased accumulated jitter reduction, IET digital library, Volume 54, Issue 12, 14 June 2018, p. 743–744 DOI: 10.1049/el.2018.1091.

Arif, M.; Wang, G.; Geman, O.; Balas, V.E.; Tao, P.; Brezulianu, A.; Chen, J. SDN-based VANETs, Security Attacks, Applications, and Challenges. Appl. Sci. 2020, 10, 3217.

K. Koning, H. Bos, C. Giuffrida, "Secure and Efficient Multi-Variant Execution Using Hardware-Assisted Process Virtualization," 2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Toulouse, 2016, pp. 431-442, doi: 10.1109/DSN.2016.46.

C.P. Lee, A.S. Uluagac, K.D. Fairbanks, J.A. Copeland, “The design of NetSecLab: a small competition-based network security lab,” IEEE Trans. Educ. 54(1), 2011, pp. 149–155.

Shirali-Shahreza, S., Ganjali, Y.: FleXam, “flexible sampling extension for monitoring and security applications in openow,” ACM SIGCOMM HotSDN’13 Workshop, 2013.

M. Abomhara and G. M. Køien, Cyber Security and the Internet of Things: Vulnerabilities, Threats, Intruders and Attacks, Journal of Cyber Security and Mobility Vol: 4 Issue: 1 Published In: January 2015, doi.org/10.13052/jcsm2245-1439.414.

A. Singh and K. Chatterjee, Cloud security issues and challenges: a survey, Journal of Network and Computer Applications, http://dx.doi.org/10.1016/j.jnca.2016.11.027.

X. Liu, M. Shahidehpour, Z. Li, X. Liu, Y. Cao and Z. Li, "Power System Risk Assessment in Cyber Attacks Considering the Role of Protection Systems," in IEEE Transactions on Smart Grid, vol. 8, no. 2, pp. 572-580, March 2017, doi: 10.1109/TSG.2016.2545683.

D. Puthal, X. Wu, N. Surya, R. Ranjan and J. Chen, "SEEN: A Selective Encryption Method to Ensure Confidentiality for Big Sensing Data Streams," in IEEE Transactions on Big Data, vol. 5, no. 3, pp. 379-392, 1 Sept. 2019, doi: 10.1109/TBDATA.2017.2702172.

A. M. Shabalin and E. A. Kaliberda, "The organization of arrangements set to ensure enterprise IPV6 network secure work by modern switching equipment tools (using the example of a network attack on a default gateway)," 2017 Dynamics of Systems, Mechanisms and Machines (Dynamics), Omsk, 2017, pp. 1-8, doi: 10.1109/Dynamics.2017.8239505.

J. Li, Z. Feng, Z. Feng and P. Zhang, "A survey of security issues in Cognitive Radio Networks," in China Communications, vol. 12, no. 3, pp. 132-150, Mar. 2015, doi: 10.1109/CC.2015.7084371.

M. Jain and H. Kandwal, "Notice of Violation of IEEE Publication Principles: A Survey on Complex Wormhole Attack in Wireless Ad Hoc Networks," 2009 International Conference on Advances in Computing, Control, and Telecommunication Technologies, Trivandrum, Kerala, 2009, pp. 555-558, doi: 10.1109/ACT.2009.141.

N. Skorin-Kapov, M. Furdek, S. Zsigmond and L. Wosinska, "Physical-layer security in evolving optical networks," in IEEE Communications Magazine, vol. 54, no. 8, pp. 110-117, August 2016, doi: 10.1109/MCOM.2016.7537185.

Zhang, G., Wang, T., Wang, G., Liu, A., & Jia, W. (2018). Detection of hidden data attacks combined fog computing and trust evaluation method in sensor-cloud system. Concurrency and Computation: Practice and Experience, e5109. doi:10.1002/cpe.5109

Alabady, S. A., Al-Turjman, F., & Din, S, “A Novel Security Model for Cooperative Virtual Networks in the IoT Era,” International Journal of Parallel Programming, 2018, doi:10.1007/s10766-018-0580-z

A. Pasumpon pandian, S. Smys, ddos attack detection in telecommunication network using machine learning, Journal of Ubiquitous Computing and Communication Technologies (UCCT) (2019) Vol.01/ No. 01 Pages: 33-44. doi.org/10.36548/jucct.2019.1.003.

N Ch Sriman Narayana Iyenger and Junath Naseer Ahamed, “A Review on Distributed Denial of Service (DDoS) Mitigation Techniques in Cloud Computing Environment,” International Journal of Security and its Applications, 2016.

Anandhakrishnan, T; Jaisakthi, S. M; Lohotsaurabh, Internet of Things in Agriculture-Survey, Journal of Computational and Theoretical Nanoscience, Volume 15, Numbers 6-7, June 2018, pp. 2405-2409(5),. doi.org/10.1166/jctn.2018.7478.

Gaurav Jain and Arti Jaiswal,“Security Issues and their Solution in Cloud Computing,” Concepts Journal of Applied Research, 2(3), 2018, pp. 1 - 6.

Shaireen Khan, Shadab Hasan, Shashank Singh, Sumera Zafar and Shobhit Joshi, “Cloud computing: security issues and security standards,” International Journal of Engineering and Management Research, Special Issue (ACEIT - 2018), pp.31-36.

Kawamura, T., Fukushi, M., Hirano, Y., Fujita, Y., & Hamamoto, Y, “A Network-Based Event Detection Module Using NTP for Cyber Attacks on IoT,” Sixth International Symposium on Computing and Networking Workshops (CANDARW), 2018, doi:10.1109/candarw.2018.00025.

Mobasher, B., Cooley, R., & Srivastava, J. (2000). Automatic personalization based on Web usage mining. Communications of the ACM, 43(8), 142–151. doi:10.1145/345124.345169.

IEEE Std 1588, “IEEE Standard for a precision Clock Synchronization Protocol for Networked Measurement and Control Systems,” IEEE1588-2008standard,2008.

LI X ZH. “Research on the Network Time Synchronization System Based on IEEE1588,” National Time Service Center, Chinese Academy of Sciences,2011.

J. Zhao K J, Zhang AI Mning D Y,”Implementation of network time server system based on NTP,” Electronic Test, 2008 (7), pp.13-16.

M. Felser, "Real-Time Ethernet-Industry Prospective," in Proceedings of the IEEE, vol. 93, no. 6, pp. 1118-1129, June 2005, doi: 10.1109/JPROC.2005.849720.

A.E. Dinar, B. Merabet, S. Ghouali (2021) NTP Server Clock Adjustment with Chrony. In: Mandal J., Mukhopadhyay S., Roy A. (eds) Applications of Internet of Things. Lecture Notes in Networks and Systems, vol 137. Springer. doi.org/10.1007/978-981-15-6198- 6_16.

Fang, Y., Hu, J., Liu, W., Shao, Q., Qi, J., & Peng, Y. (2019). Smooth and time-optimal S-curve trajectory planning for automated robots and machines. Mechanism and Machine Theory, 137, 127– 153. doi:10.1016/j.mechmachtheory.2019.03.019.

Niazkhani, Z., Pirnejad, H., van der Sijs, H., & Aarts, J. (2011). Evaluating the medication process in the context of CPOE use: The significance of working around the system. International Journal of Medical Informatics, 80(7), 490–506.

José Miguel Jiménez López, Distributed control systems based on high accurate timing synchronization, Thesis/dissertation At Universidad de Granada ( Spain ) in 2019.

David L. Mills, “Internet Time Synchronization: The Network Time Protocol,” IEEE Transactions on Communications, Vol. 39, No. 10, Oct 1991.

M. Lombardi, J. Levine, J. Lopez, F. Jimenez, J. Bernard, M. Gertsvolf, et al., "International Comparisons of Network Time Protocol Servers," Proceedings of the Precise Time and Time Interval Systems and Applications Meeting, 1-4 December, 2014, Boston, Massachusetts, pp. 57-66.

S. Sommars,“Challenges in Time Transfer Using the Network Time Protocol (NTP),” Proceedings of the Precise Time and Time Interval Systems and Applications Meeting, 30 January–2 February, 2017, Monterey, California, pp.271-290.

K. Vijayalayan and D. Veitch,"Rot at the roots? Examining public timing infrastructure," Proceedings of the 35th Annual IEEE International Conference on Computer Communications, 10-14 April, 2016, San Francisco, California, pp.1-9.

Matsakis D.,“ Time and Frequency Activities at the U.S. Naval Observatory,” Frequency Control Symposium and Exposition, 2005. Proceedings of the IEEE International, pp. 271-224.

R. B. Warrington, P. T. H. Fisk, M. J. Wouters, M. A. Lawn, J. S. Thorn, S. Quigg, A. Gajaweera and S. J. Park,“Time and Frequency Activities at the National Measurement Institute, Australia,” Frequency Control Symposium and Exposition. Proceedings of the 2005 IEEE International, 2005, pp. 231-234.

Rytilahti, T., Tatang, D., Kopper, J., & Holz, T,”Masters of Time: An Overview of the NTP Ecosystem. 2018 IEEE European Symposium on Security and Privacy (EuroS&P). doi:10.1109/eurosp.2018.00017.

D.L.Mills,U. Delaware,J. Martin,J. Burbank,W. Kasch, “RFC4330 - SNTPv4, Network Time Protocol Version 4: Protocol and Algorithms Specification,” 2010, pp.1-110.

Clinton D. (2016) Topic 108: Essential System Services. In: Practical LPIC-1 Linux Certification Study Guide. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-2358-1_8.

https://www.thegeekdiary.com/what-is-the-refid-in-ntpq-p-output/

https://chrony.tuxfamily.org (Last updated 2019-05-14 13:21:31).

H. Cui and F. Li, "ANDES: A Python-Based Cyber-Physical Power System Simulation Tool," 2018 North American Power Symposium (NAPS), Fargo, ND, 2018, pp. 1-6, doi: 10.1109/NAPS.2018.8600596.

T. Bruscato, L.; Heimfarth, T.; P. de Freitas, E. Enhancing Time Synchronization Support in Wireless Sensor Networks. Sensors 2017, 17, 2956.

G. O. Troiano, H. S. Ferreira, F. C. L. Trindade and L. F. Ochoa, "Cosimulator of power and communication networks using OpenDSS and OMNeT++," 2016 IEEE Innovative Smart Grid Technologies - Asia (ISGT-Asia), Melbourne, VIC, 2016, pp. 1094-1099, doi: 10.1109/ISGT-Asia.2016.7796538.

S. Thulasidasan, L. Kroc and S. Eidenbenz, "Developing parallel, discrete event simulations in Python - first results and user experiences with the SimX library," 2014 4th International Conference On Simulation And Modeling Methodologies, Technologies And Applications (SIMULTECH), Vienna, Austria, 2014, pp. 188-194, doi: 10.5220/0005042701880194.

Van Vliet, M., Liljeström, M., Aro, S., Salmelin, R., & Kujala, J. (2018). Analysis of Functional Connectivity and Oscillatory Power Using DICS: From Raw MEG Data to Group-Level Statistics in Python. Frontiers in Neuroscience, 12. doi:10.3389/fnins.2018.00586

J. Schmitz, C. von Lengerke, N. Airee, A. Behboodi and R. Mathar, "A Deep Learning Wireless Transceiver with Fully Learned Modulation and Synchronization," 2019 IEEE International Conference on Communications Workshops (ICC Workshops), Shanghai, China, 2019, pp. 1-6, doi: 10.1109/ICCW.2019.8757051.

Viejo, J., Juan-Chico, J., Bellido, M. J., Ruiz-de-Clavijo, P., Guerrero, D., Ostua, E., & Cano, G. (2019). High-Performance Time Server Core for FPGA System-on-Chip. Electronics, 8(5), 528. doi: 10. 3390 / electronics8050528.

Downloads

Published

2021-03-31

How to Cite

Dinar, A. E., Ghouali, S., & Merabet, B. (2021). NTP Security by Delay-based Detection in Intelligent Defense Systems. Journal of Telecommunication, Electronic and Computer Engineering (JTEC), 13(1), 17–26. Retrieved from https://jtec.utem.edu.my/jtec/article/view/5719