Pub Date : 2022-03-22DOI: 10.13052/jcsm2245-1439.1123
Kevin Lamshöft, Jonas Hielscher, Christian Krätzer, J. Dittmann
Synchronized clocks are vital for most communication scenarios in networks of Information Technology (IT) and Operational Technology (OT). The process of time synchronisation requires transmission of high-precision timestamps often originating from external sources. In this paper, we analyze how time synchronization protocols impose a threat by being leveraged as carrier for network covert channels.�This paper is an extended version version of our open-access paper [15] in which we performed an in-depth analysis of the Network Time Protocol (NTP) in regards to covert channels. In this extended version, we broaden the view and take a look and time synchronisation in a more general way as we provide two comprehensive threat scenarios regarding covert channels and discuss the applicability of such covert channels to another time synchronisation protocol, namely the Precision Time Protocol, PTP. While the Network Time Protocol (NTP) is the most prevalent protocol for synchronizing clocks in IT networks, the Precision Time Protocol (PTP) is mostly found in networks of Industrial Control Systems (ICS) due to higher demands regarding accuracy and resolution. To illustrate the threat of covert channels in such protocols we describe two threat scenarios, one for the Network Time Protocol and one for the Precision Time Protocol. For NTP we perform a systematic in-depth analysis of covert channels. Our analysis results in the identification of 49 covert channels, by applying a covert channel pattern-based taxonomy. The summary and comparison based on nine selected key attributes show that NTP proofs itself as a plausible carrier for covert channels. The analysis results are evaluated in regards to common behavior of NTP implementations in six major operating systems. Two channels are selected and implemented to be evaluated in network test-beds. By hiding encrypted high entropy data in a high entropy field of NTP we show in our first assessment that practically undetectable channels can be implemented in NTP, motivating the required further research. In our evaluation, we analyze 40,000 NTP server responses from public NTP server providers and discuss potential countermeasures. Finally, we discuss the relevance, applicability and resulting threat of these findings for the Precision Time Protocol.
{"title":"The Threat of Covert Channels in Network Time Synchronisation Protocols","authors":"Kevin Lamshöft, Jonas Hielscher, Christian Krätzer, J. Dittmann","doi":"10.13052/jcsm2245-1439.1123","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1123","url":null,"abstract":"Synchronized clocks are vital for most communication scenarios in networks of Information Technology (IT) and Operational Technology (OT). The process of time synchronisation requires transmission of high-precision timestamps often originating from external sources. In this paper, we analyze how time synchronization protocols impose a threat by being leveraged as carrier for network covert channels.\u0000This paper is an extended version version of our open-access paper [15] in which we performed an in-depth analysis of the Network Time Protocol (NTP) in regards to covert channels. In this extended version, we broaden the view and take a look and time synchronisation in a more general way as we provide two comprehensive threat scenarios regarding covert channels and discuss the applicability of such covert channels to another time synchronisation protocol, namely the Precision Time Protocol, PTP. While the Network Time Protocol (NTP) is the most prevalent protocol for synchronizing clocks in IT networks, the Precision Time Protocol (PTP) is mostly found in networks of Industrial Control Systems (ICS) due to higher demands regarding accuracy and resolution. To illustrate the threat of covert channels in such protocols we describe two threat scenarios, one for the Network Time Protocol and one for the Precision Time Protocol. For NTP we perform a systematic in-depth analysis of covert channels. Our analysis results in the identification of 49 covert channels, by applying a covert channel pattern-based taxonomy. The summary and comparison based on nine selected key attributes show that NTP proofs itself as a plausible carrier for covert channels. The analysis results are evaluated in regards to common behavior of NTP implementations in six major operating systems. Two channels are selected and implemented to be evaluated in network test-beds. By hiding encrypted high entropy data in a high entropy field of NTP we show in our first assessment that practically undetectable channels can be implemented in NTP, motivating the required further research. In our evaluation, we analyze 40,000 NTP server responses from public NTP server providers and discuss potential countermeasures. Finally, we discuss the relevance, applicability and resulting threat of these findings for the Precision Time Protocol.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":" ","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42332656","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Research on Known Vulnerability Detection Method Based on Firmware Analysis","authors":"Wenjing Wang, Tengteng Zhao, Xiaolong Li, Lei Huang, Wei Zhang, Hui Guo","doi":"10.32604/jcs.2022.026816","DOIUrl":"https://doi.org/10.32604/jcs.2022.026816","url":null,"abstract":"","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90726236","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-01-01DOI: 10.32604/jcs.2022.028265
Yabin Xu, Lu Qin, Xiaowei Xu
{"title":"Research on the Method of Implementing Named Data Network Interconnection Based on IP Network","authors":"Yabin Xu, Lu Qin, Xiaowei Xu","doi":"10.32604/jcs.2022.028265","DOIUrl":"https://doi.org/10.32604/jcs.2022.028265","url":null,"abstract":"","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"68 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90266454","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-01-01DOI: 10.32604/jcs.2023.041707
Arkan Kh Shakr Sabonchi, Zainab Hasim Obaid
{"title":"Ensuring Information Security in Smart Door Lock Systems Using the Cuckoo Search Algorithm","authors":"Arkan Kh Shakr Sabonchi, Zainab Hasim Obaid","doi":"10.32604/jcs.2023.041707","DOIUrl":"https://doi.org/10.32604/jcs.2023.041707","url":null,"abstract":"","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"41 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85123263","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-01-01DOI: 10.32604/jcs.2022.033436
Y. Sarada Devi, M. Roopa
{"title":"An Adaptive BWO Algorithm with RSA for Anomaly Detection in VANETs","authors":"Y. Sarada Devi, M. Roopa","doi":"10.32604/jcs.2022.033436","DOIUrl":"https://doi.org/10.32604/jcs.2022.033436","url":null,"abstract":"","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"34 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88558943","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-01-01DOI: 10.32604/jcs.2022.027693
Meng-Wei Zhang, Xiubo Chen, Haseeb Ahmad, Gang Xu, Yixian Yang
{"title":"A Certificateless Homomorphic Encryption Scheme for Protecting Transaction Data Privacy of Post-Quantum Blockchain","authors":"Meng-Wei Zhang, Xiubo Chen, Haseeb Ahmad, Gang Xu, Yixian Yang","doi":"10.32604/jcs.2022.027693","DOIUrl":"https://doi.org/10.32604/jcs.2022.027693","url":null,"abstract":"","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87629805","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-01-01DOI: 10.32604/jcs.2022.027524
Yichiet Aun, Yen-Min Jasmina Khaw, Ming-Lee Gan, V. Ponnusamy
{"title":"Adaptive Polling Rate for SNMP for Detecting Elusive DDOS","authors":"Yichiet Aun, Yen-Min Jasmina Khaw, Ming-Lee Gan, V. Ponnusamy","doi":"10.32604/jcs.2022.027524","DOIUrl":"https://doi.org/10.32604/jcs.2022.027524","url":null,"abstract":"","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"8 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82001582","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-01-01DOI: 10.32604/jcs.2022.029451
Kai-bo Zhang, Zhao Qiu, GengQuan Xie, Jia-Xian Lin, Tingting Zhang, Yingsheng Lian, Tao Chen, Yunlong He, Yu Yang
{"title":"Application and Challenge of Blockchain Technology in Medical Field","authors":"Kai-bo Zhang, Zhao Qiu, GengQuan Xie, Jia-Xian Lin, Tingting Zhang, Yingsheng Lian, Tao Chen, Yunlong He, Yu Yang","doi":"10.32604/jcs.2022.029451","DOIUrl":"https://doi.org/10.32604/jcs.2022.029451","url":null,"abstract":"","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"15 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83450903","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-01-01DOI: 10.32604/jcs.2022.035446
A. S. Yusuf, A. Q. Ayinde
{"title":"Cybersecurity Plan for a Healthcare Cloud-Based Solutions","authors":"A. S. Yusuf, A. Q. Ayinde","doi":"10.32604/jcs.2022.035446","DOIUrl":"https://doi.org/10.32604/jcs.2022.035446","url":null,"abstract":"","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"50 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74023396","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: