Visible to the public Practical Implementation of APTs on PTP Time Synchronisation Networks

TitlePractical Implementation of APTs on PTP Time Synchronisation Networks
Publication TypeConference Paper
Year of Publication2020
AuthorsAlghamdi, W., Schukat, M.
Conference Name2020 31st Irish Signals and Systems Conference (ISSC)
Date Publishedjun
Keywordsadvanced persistent threat, advanced persistent threats, APT, Clocks, computer clocks, cyber-attacks, cyber-security, Degradation, delays, Human Behavior, IEEE 1588, Malware, Metrics, precision time protocol, programmable injector device, programmable Man-in-the-Middle, Protocols, PTP, PTP infrastructure components, PTP time synchronisation networks, pubcrawl, resilience, Resiliency, Scalability, security, security of data, synchronisation, Synchronization
AbstractThe Precision Time Protocol is essential for many time-sensitive and time-aware applications. However, it was never designed for security, and despite various approaches to harden this protocol against manipulation, it is still prone to cyber-attacks. Here Advanced Persistent Threats (APT) are of particular concern, as they may stealthily and over extended periods of time manipulate computer clocks that rely on the accurate functioning of this protocol. Simulating such attacks is difficult, as it requires firmware manipulation of network and PTP infrastructure components. Therefore, this paper proposes and demonstrates a programmable Man-in-the-Middle (pMitM) and a programmable injector (pInj) device that allow the implementation of a variety of attacks, enabling security researchers to quantify the impact of APTs on time synchronisation.
DOI10.1109/ISSC49989.2020.9180157
Citation Keyalghamdi_practical_2020