skip to main content
research-article

A Case for Feedforward Control with Feedback Trim to Mitigate Time Transfer Attacks

Published: 18 May 2020 Publication History

Abstract

We propose a new clock synchronization architecture for systems under time transfer attacks. Facilitated by a feedforward control with feedback trim--based clock adjustment, coupled with packet filtering and frequency shaping techniques, our proposed architecture bounds the clock errors in the presence of a powerful network attacker capable of attacking packets between a master and a client. A key advantage is consistent measurements, timely coordination, and synchronized actuation in distributed systems. In contrast, current time synchronization architectures behave poorly under attacks due to assumptions that the network is benign and delays are symmetric. The usage of feedback controllers aggravates poor performance. We provide an architecture that is indifferent to delays and eases the integration to traditional protocols. We implement a delay attack--resistant precision time protocol and validate the results on a hardware-supported testbed.

References

[1]
2009. Best Practices for IEEE 1588/ PTP Network Deployment. Retrieved from https://www.microsemi.com/document-portal/doc_view/133167-best-practices-for-ieee-1588-ptp-network-deployment.
[2]
European Southern Observatory. 2017. Taking the first picture of a black hole (2017). https://www.eso.org/public/usa/outreach/first-picture-of-a-black-hole/blog/.
[3]
Beaglebone Black. Retrieved from https://beagleboard.org/black.
[4]
IEEE 1588 Compliant Moxa Switch. Retrieved from https://store.moxa.com/a/cat/industrial-ethernet/ethernet-switches/managed.
[5]
IEEE Standard 1003.1, 2004. Retrieved from http://pubs.opengroup.org/onlinepubs/009695399/functions/clock.html.
[6]
The Linux PTP Project. Retrieved from http://linuxptp.sourceforge.net.
[7]
David W. Allan and Marc Abbott Weiss. 1980. Accurate time and frequency transfer during common-view of a GPS satellite. In Proceedings of the 34th Annual Symposium on Frequency Control. IEEE, 334--346.
[8]
Robert Annessi, Joachim Fabini, and Tanja Zseby. 2017. It’s about time: Securing broadcast time synchronization with data origin authentication. In Proceedings of the 26th International Conference on Computer Communication and Networks (ICCCN’17). IEEE, 1--11.
[9]
Robert Annessi, Joachim Fabini, and Tanja Zseby. 2017. SecureTime: Secure multicast time synchronization. arXiv preprint arXiv:1705.10669 (2017).
[10]
Fatima Anwar, Sandeep D’souza, Andrew Symington, Adwait Dongare, Ragunathan Rajkumar, Anthony Rowe, and Mani Srivastava. 2016. Timeline: An operating system abstraction for time-aware applications. In Proceedings of the Real-Time Systems Symposium (RTSS’16). IEEE, 191--202.
[11]
Fatima M. Anwar, Amr Alanwar, and Mani B. Srivastava. 2018. OpenClock: A testbed for clock synchronization research. In 2018 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control, and Communication (ISPCS). IEEE, 1--6.
[12]
Gildas Avoine, Xavier Bultel, Sébastien Gambs, David Gerault, Pascal Lafourcade, Cristina Onete, and Jean-Marc Robert. 2017. A terrorist-fraud resistant and extractor-free anonymous distance-bounding protocol. In Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security. ACM, 800--814.
[13]
Andrew Baumann, Marcus Peinado, and Galen Hunt. 2015. Shielding applications from an untrusted cloud with haven. ACM Trans. Comput. Syst. 33, 3 (2015), 8.
[14]
Timothy Broomhead, Julien Ridoux, and Darryl Veitch. 2009. Counter availability and characteristics for feed-forward based synchronization. In International Symposium on Precision Clock Synchronization for Measurement, Control and Communication (ISPCS’09). IEEE, 1--6.
[15]
Nirupama Bulusu, John Heidemann, and Deborah Estrin. 2000. GPS-less low-cost outdoor localization for very small devices. IEEE Pers. Commun. 7, 5 (2000), 28--34.
[16]
Chen Chen, Himanshu Raj, Stefan Saroiu, and Alec Wolman. 2014. cTPM: A cloud TPM for cross-device trusted applications. In Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (NSDI’14). 187--201.
[17]
Guoqiang Jerry Chen, Janet L. Wiener, Shridhar Iyer, Anshul Jaiswal, Ran Lei, Nikhil Simha, Wei Wang, Kevin Wilfong, Tim Williamson, and Serhat Yilmaz. 2016. Realtime data processing at facebook. In Proceedings of the 2016 International Conference on Management of Data. ACM, 1087--1098.
[18]
Sanchuan Chen, Xiaokuan Zhang, Michael K. Reiter, and Yinqian Zhang. 2017. Detecting privileged side-channel attacks in shielded execution with Déjá Vu. In Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security. ACM, 7--18.
[19]
Omer Deutsch, Neta Rozen Schiff, Danny Dolev, and Michael Schapira. 2018. Preventing (network) time travel with chronos. In Proceedings of the Network and Distributed Systems Security Symposium (NDSS’18).
[20]
John C. Eidson and John Tengdin. 2003. IEEE 1588 standard for a precision clock synchronization protocol for networked measurement and control systems and applications to the power industry. In Proceedings of the Distributech Conference. 4--6.
[21]
Yilong Geng, Shiyu Liu, Zi Yin, Ashish Naik, Balaji Prabhakar, Mendel Rosenblum, and Amin Vahdat. 2018. Exploiting a natural network effect for scalable, fine-grained clock synchronization. In Proceedings of the 15th USENIX Symposium on Networked Systems Design and Implementation (NSDI’18). USENIX Association.
[22]
Gerhard P. Hancke and Markus G. Kuhn. 2008. Attacks on time-of-flight distance bounding channels. In Proceedings of the 1st ACM Conference on Wireless Network Security. ACM, 194--202.
[23]
Mohammad Kamrul Hasan, Rashid Abdelhaleem Saeed, Aisha-Hassan Abdalla, Shayla Islam, Omer Mahmoud, Othman Khalifah, Shihab A. Hameed, and Ahmad Fadzil Ismail. 2011. An investigation of femtocell network synchronization. In Proceedings of the IEEE Conference on Open Systems (ICOS’11). IEEE, 196--201.
[24]
intel sgx. 2016. Intel(R) Software Guard Extensions Software Developer Manual. Retieved from https://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-vol-3d-part-4-manual.pdf.
[25]
Eyal Itkin and Avishai Wool. 2017. A security analysis and revised security extension for the precision time protocol. IEEE Trans. Depend. Secure Comput. 17, 1 (2017), 22--34.
[26]
Anantha K. Karthik and Rick S. Blum. 2018. Estimation theory-based robust phase offset determination in presence of possible path asymmetries. IEEE Trans. Commun. 66, 4 (2018), 1624--1635.
[27]
Andrew J. Kerns, Daniel P. Shepard, Jahshan A. Bhatti, and Todd E. Humphreys. 2014. Unmanned aircraft capture and control via GPS spoofing. J. Field Robot. 31, 4 (2014), 617--636.
[28]
J. Eidson and K. Lee. 2002. IEEE standard for a precision clock synchronization protocol for networked measurement and control systems. In 2nd ISA/IEEE Sensors for Industry Conference. IEEE, 98--105.
[29]
Yang Li, Rui Tan, and David K. Y. Yau. 2017. Natural timestamping using powerline electromagnetic radiation. In Proceedings of the 16th ACM/IEEE International Conference on Information Processing in Sensor Networks. ACM, 55--66.
[30]
Martin Lukac, Paul Davis, Robert Clayton, and Deborah Estrin. 2009. Recovering temporal integrity with data driven time synchronization. In Proceedings of the 2009 International Conference on Information Processing in Sensor Networks. IEEE Computer Society, 61--72.
[31]
Aanchal Malhotra, Matthew Van Gundy, Mayank Varia, Haydn Kennedy, Jonathan Gardner, and Sharon Goldberg. 2017. The security of NTP's datagram protocol. In Proceedings of the International Conference on Financial Cryptography and Data Security. Springer, 405--423.
[32]
David L. Mills. 1991. Internet time synchronization: The network time protocol. IEEE Trans. Commun. 39, 10 (1991).
[33]
Tal Mizrahi. 2012. Slave diversity: Using multiple paths to improve the accuracy of clock synchronization protocols. In Proceedings of the International IEEE Symposium on Precision Clock Synchronization for Measurement Control and Communication (ISPCS’12). IEEE, 1--6.
[34]
Tal Mizrahi. 2014. Security Requirements of Time Protocols in Packet Switched Networks. Technical Report.
[35]
Bassam Moussa, Mourad Debbabi, and Chadi Assi. 2016. A detection and mitigation model for PTP delay attack in an IEC 61850 substation. IEEE Transactions on Smart Grid 9, 5 (2016), 3954--3965.
[36]
Lakshay Narula and Todd Humphreys. 2018. Requirements for secure clock synchronization. IEEE J. Select. Top. Signal Process. 12, 4 (2018), 749--762.
[37]
Mark L. Psiaki and Todd E. Humphreys. 2016. GNSS spoofing and detection. Proc. IEEE 104, 6 (2016), 1258--1270.
[38]
Dima Rabadi, Rui Tan, David K. Y. Yau, and Sreejaya Viswanathan. 2017. Taming asymmetric network delays for clock synchronization using power grid voltage. In Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security. ACM, 874--886.
[39]
Himanshu Raj, Stefan Saroiu, Alec Wolman, Ronald Aigner, Jeremiah Cox, Paul England, Chris Fenner, Kinshuman Kinshumann, Jork Loeser, Dennis Mattoon, et al. 2016. fTPM: A software-only implementation of a TPM chip. In Proceedings of the USENIX Security Symposium. 841--856.
[40]
Julien Ridoux, Darryl Veitch, and Timothy Broomhead. 2012. The case for feed-forward clock synchronization. IEEE/ACM Trans. Netw. 20, 1 (2012), 231--242.
[41]
Daniel P. Shepard, Jahshan A. Bhatti, Todd E. Humphreys, and Aaron A. Fansler. 2012. Evaluation of smart grid and civilian UAV vulnerability to GPS spoofing attacks. In Proceedings of the ION GNSS Meeting, Vol. 3. 3591--3605.
[42]
Dave Singelee and Bart Preneel. 2005. Location verification using secure distance bounding protocols. In Proceedings of the IEEE International Conference on Mobile Adhoc and Sensor Systems Conference, 2005. IEEE, 7--pp.
[43]
Kun Sun, Peng Ning, and Cliff Wang. 2006. TinySeRSync: Secure and resilient time synchronization in wireless sensor networks. In Proceedings of the 13th ACM Conference on Computer and Communications Security. ACM, 264--277.
[44]
Adrian Tang, Simha Sethumadhavan, and Salvatore Stolfo. 2017. CLKSCREW: Exposing the perils of security-oblivious energy management. In Proceedings of the 26th USENIX Security Symposium.
[45]
Markus Ullmann and Matthias Vögeler. 2009. Delay attacks—Implication on NTP and PTP time synchronization. In Proceedings of the International Symposium on Precision Clock Synchronization for Measurement, Control and Communication (ISPCS’09). IEEE, 1--6.
[46]
Peter Volgyesi, Abhishek Dubey, Timothy Krentz, Istvan Madari, Mary Metelko, and Gabor Karsai. 2017. Time synchronization services for low-cost fog computing applications. In Proceedings of the 28th International Symposium on Rapid System Prototyping: Shortening the Path from Specification to Prototype. ACM, 57--63.
[47]
Qingyu Yang, Dou An, and Wei Yu. 2013. On time desynchronization attack against IEEE 1588 protocol in power grid systems. In Proceedings of the IEEE Energytech 2013. IEEE, 1--5.

Cited By

View all
  • (2024)Stealthy and Practical Multi-modal Attacks on Mixed Reality Tracking2024 IEEE International Conference on Artificial Intelligence and eXtended and Virtual Reality (AIxVR)10.1109/AIxVR59861.2024.00010(11-20)Online publication date: 17-Jan-2024

Index Terms

  1. A Case for Feedforward Control with Feedback Trim to Mitigate Time Transfer Attacks

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Transactions on Privacy and Security
      ACM Transactions on Privacy and Security  Volume 23, Issue 2
      May 2020
      149 pages
      ISSN:2471-2566
      EISSN:2471-2574
      DOI:10.1145/3394723
      Issue’s Table of Contents
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 18 May 2020
      Online AM: 07 May 2020
      Accepted: 01 February 2020
      Revised: 01 October 2019
      Received: 01 January 2019
      Published in TOPS Volume 23, Issue 2

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. Feedback control
      2. precision time protocol
      3. two-way time transfer

      Qualifiers

      • Research-article
      • Research
      • Refereed

      Funding Sources

      • CONIX Research Center, one of six centers in JUMP, a Semiconductor Research Corporation (SRC)
      • National Science Foundation (NSF)

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)11
      • Downloads (Last 6 weeks)0
      Reflects downloads up to 22 Feb 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2024)Stealthy and Practical Multi-modal Attacks on Mixed Reality Tracking2024 IEEE International Conference on Artificial Intelligence and eXtended and Virtual Reality (AIxVR)10.1109/AIxVR59861.2024.00010(11-20)Online publication date: 17-Jan-2024

      View Options

      Login options

      Full Access

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      HTML Format

      View this article in HTML Format.

      HTML Format

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media