Did the Shark Eat the Watchdog in the NTP Pool? Deceiving the NTP Pool's Monitoring System

Jonghoon Kwon, Jeonggyu Song, Junbeom Hur, Adrian Perrig

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

The NTP pool has become a critical infrastructure for modern Internet services and applications. With voluntarily joined thousands of timeservers, it supplies millions of distributed (heterogeneous) systems with time. While numerous efforts have been made to enhance NTP's accuracy, reliability, and security, unfortunately, the NTP pool attracts relatively little attention. In this paper, we provide a comprehensive analysis of NTP pool security, in particular the NTP pool monitoring system, which oversees the correctness and responsiveness of the participating servers. We first investigate strategic attacks that deceive the pool's health-check system to remove legitimate timeservers from the pool. Then, through empirical analysis using monitoring servers and timeservers injected into the pool, we demonstrate the feasibility of our approaches, show their effectiveness, and debate the implications. Finally, we discuss designing a new pool monitoring system to mitigate these attacks.

Original languageEnglish
Title of host publication32nd USENIX Security Symposium, USENIX Security 2023
PublisherUSENIX Association
Pages6151-6166
Number of pages16
ISBN (Electronic)9781713879497
Publication statusPublished - 2023
Event32nd USENIX Security Symposium, USENIX Security 2023 - Anaheim, United States
Duration: 2023 Aug 92023 Aug 11

Publication series

Name32nd USENIX Security Symposium, USENIX Security 2023
Volume9

Conference

Conference32nd USENIX Security Symposium, USENIX Security 2023
Country/TerritoryUnited States
CityAnaheim
Period23/8/923/8/11

Bibliographical note

Publisher Copyright:
© 2023 32nd USENIX Security Symposium, USENIX Security 2023. All rights reserved.

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Did the Shark Eat the Watchdog in the NTP Pool? Deceiving the NTP Pool's Monitoring System'. Together they form a unique fingerprint.

Cite this