PTP Flood: ataque cibernético de DoS em cliente PTP

  • Diego W. M. Piffaretti IME
  • Gabriela Moutinho de Souza Dias IME
  • Anderson F. Pereira dos Santos IME / Venturus Centro de Inovação Tecnologica

Resumo


Este artigo investiga a vulnerabilidade do Precision Time Protocol (PTP) a ataques de replay, mesmo com o recurso TLV habilitado, resultando em uma negação de serviço, um ataque que chamamos de "PTP flood". O ataque sobrecarrega o dispositivo alvo com a retransmissão contínua de pacotes, tornando-o incapaz de processar solicitações legítimas. O artigo também traz uma análise do comportamento do consumo de memória durante o ataque e ressalta a identificação e a prevenção desses ataques para garantir a integridade e a disponibilidade dos sistemas de rede.

Referências

1588-2019, I. S. (2020). Ieee standard for a precision clock synchronization protocol for networked measurement and control systems. IEEE Std 1588-2019 (Revision of IEEE Std 1588-2008), pages 1–499.

Alghamd, W. and Schukat, M. (2020). A detection model against precision time protocol attacks. pages 1–3.

Alghamdi, W. (2021). An analysis of internal attacks on ptp-based time synchronization networks.

Alghamdi, W. and Schukat, M. (2020a). Cyber attacks on precision time protocol networks—a case study. Electronics, 9(9).

Alghamdi, W. and Schukat, M. (2020b). Practical implementation of apts on ptp time synchronisation networks. pages 1–5.

Alghamdi, W. and Schukat, M. (2020c). Slave clock responses to precision time protocol attacks: A case study. pages 1–4.

Alghamdi, W. and Schukat, M. (2021). Precision time protocol attack strategies and their resistance to existing security extensions. Cybersecurity, 4(1):12.

Alghamdi, W. and Schukat, M. (2022). A security enhancement of the precision time protocol using a trusted supervisor node. Sensors, 22(10).

Berardi, D., Tippenhauer, N. O., Melis, A., Prandini, M., and Callegati, F. (2023). Time sensitive networking security: issues of precision time protocol and its implementation. Cybersecurity, 6(1):8.

DeCusatis, C., Lynch, R. M., Kluge, W., Houston, J., Wojciak, P. A., and Guendert, S. (2020). Impact of cyberattacks on precision time protocol. IEEE Transactions on Instrumentation and Measurement, 69(5):2172–2181.

Fotouhi, M., Buscemi, A., Jomrich, F., Koebel, C., and Engel, T. (2023). Evaluation of ptp security controls on gptp.

GOV.BR (2023). Segurança de infraestruturas críticas.

Howard (2023). Ntp vs. ptp—which is right for your application?

Itkin, E. and Wool, A. (2020). A security analysis and revised security extension for the precision time protocol. IEEE Transactions on Dependable and Secure Computing, 17(1):22–34.

Jahan, Z. (2023). Colonial pipeline hack explained: Everything you need to know. Acesso em: 14 de Abril de 2024.

Loveless, Jacob and Stoikov, Sasha and Waeber, Rolf (2013). Online algorithms in high-frequency trading. the challenges faced by competing hft algorithms.

Meinberg. Meinberg protocol simulation remote control.

Meinberg. Ptp track hound.

Mizrahi, T. (2014). Security requirements of time protocols in packet switched networks.

Moradi, M. and Jahangir, A. H. (2021). A new delay attack detection algorithm for ptp network in power substation. International Journal of Electrical Power Energy Systems, 133:107226.

Moussa, B., Kassouf, M., Hadjidj, R., Debbabi, M., and Assi, C. (2020). An extension to the precision time protocol (ptp) to enable the detection of cyber attacks. IEEE Transactions on Industrial Informatics, 16(1):18–27.

Rezabek, F., Helm, M., Leonhardt, T., and Carle, G. (2023). Ptp security measures and their impact on synchronization accuracy. In Proceedings of the 18th International Conference on Network and Service Management, CNSM ’22, Laxenburg, AUT. International Federation for Information Processing.

Tidy, J. (2022). Bbbnewsbrasil. Acesso em: 25 de maio de 2023.
Publicado
16/09/2024
PIFFARETTI, Diego W. M.; DIAS, Gabriela Moutinho de Souza; SANTOS, Anderson F. Pereira dos. PTP Flood: ataque cibernético de DoS em cliente PTP. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 24. , 2024, São José dos Campos/SP. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2024 . p. 850-856. DOI: https://doi.org/10.5753/sbseg.2024.241763.