Abstract
The NTP pool has become a critical infrastructure for modern Internet services and applications. With voluntarily joined thousands of timeservers, it supplies millions of distributed (heterogeneous) systems with time. While numerous efforts have been made to enhance NTP's accuracy, reliability, and security, unfortunately, the NTP pool attracts relatively little attention. In this paper, we provide a comprehensive analysis of NTP pool security, in particular the NTP pool monitoring system, which oversees the correctness and responsiveness of the participating servers. We first investigate strategic attacks that deceive the pool's health-check system to remove legitimate timeservers from the pool. Then, through empirical analysis using monitoring servers and timeservers injected into the pool, we demonstrate the feasibility of our approaches, show their effectiveness, and debate the implications. Finally, we discuss designing a new pool monitoring system to mitigate these attacks.
Original language | English |
---|---|
Title of host publication | 32nd USENIX Security Symposium, USENIX Security 2023 |
Publisher | USENIX Association |
Pages | 6151-6166 |
Number of pages | 16 |
ISBN (Electronic) | 9781713879497 |
Publication status | Published - 2023 |
Event | 32nd USENIX Security Symposium, USENIX Security 2023 - Anaheim, United States Duration: 2023 Aug 9 → 2023 Aug 11 |
Publication series
Name | 32nd USENIX Security Symposium, USENIX Security 2023 |
---|---|
Volume | 9 |
Conference
Conference | 32nd USENIX Security Symposium, USENIX Security 2023 |
---|---|
Country/Territory | United States |
City | Anaheim |
Period | 23/8/9 → 23/8/11 |
Bibliographical note
Publisher Copyright:© 2023 32nd USENIX Security Symposium, USENIX Security 2023. All rights reserved.
ASJC Scopus subject areas
- Computer Networks and Communications
- Information Systems
- Safety, Risk, Reliability and Quality