Conference ProceedingsOPEN ACCESS

Attacking the Network Time Protocol

23rd Annual Network and Distributed System Security Symposium, NDSS 2016 (2016)
DOI: 10.14722/ndss.2016.23090
56Citations
Citations of this article
144Readers
Mendeley users who have this article in their library.
Get full text

Abstract

We explore the risk that network attackers can exploit unauthenticated Network Time Protocol (NTP) traffic to alter the time on client systems. We first discuss how an onpath attacker, that hijacks traffic to an NTP server, can quickly shift time on the server’s clients. Then, we present an extremely low-rate (single packet) denial-of-service attack that an off-path attacker, located anywhere on the network, can use to disable NTP clock synchronization on a client. Next, we show how an off-path attacker can exploit IPv4 packet fragmentation to dramatically shift time on a client. We discuss the implications of these attacks on other core Internet protocols, quantify their attack surface using Internet measurements, and suggest a few simple countermeasures that can improve the security of NTP.

Cite

CITATION STYLE

APA

Malhotra, A., Cohen, I. E., Brakke, E., & Goldberg, S. (2016). Attacking the Network Time Protocol. In 23rd Annual Network and Distributed System Security Symposium, NDSS 2016. The Internet Society. https://doi.org/10.14722/ndss.2016.23090

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free