Did the Shark Eat the Watchdog in the NTP Pool? Deceiving the NTP Pool's Monitoring System
Metadata only
Date
2023Type
- Conference Paper
ETH Bibliography
yes
Altmetrics
Abstract
The NTP pool has become a critical infrastructure for modern Internet services and applications. With voluntarily joined thousands of timeservers, it supplies millions of distributed (heterogeneous) systems with time. While numerous efforts have been made to enhance NTP's accuracy, reliability, and security, unfortunately, the NTP pool attracts relatively little attention. In this paper, we provide a comprehensive analysis of NTP pool security, in particular the NTP pool monitoring system, which oversees the correctness and responsiveness of the participating servers. We first investigate strategic attacks that deceive the pool's health-check system to remove legitimate timeservers from the pool. Then, through empirical analysis using monitoring servers and timeservers injected into the pool, we demonstrate the feasibility of our approaches, show their effectiveness, and debate the implications. Finally, we discuss designing a new pool monitoring system to mitigate these attacks. Show more
Publication status
publishedBook title
Proceedings of the 32nd USENIX Security SymposiumPages / Article No.
Publisher
USENIX AssociationEvent
Organisational unit
03975 - Perrig, Adrian / Perrig, Adrian
More
Show all metadata
ETH Bibliography
yes
Altmetrics