[Busec] Fwd: [busec] Aanchal Malhotra (Wed 9.45am)
goldbe at cs.bu.edu
Tue Feb 16 18:12:51 EST 2016
We look forward to seeing you tomorrow at 9:45am for Aanchal Malhotra's
talk about the security of the Network Time Protocol (NTP). Followed by
lunch in the lab at 11:30-ish.
BUsec Calendar: http://www.bu.edu/cs/busec/
BUsec Mailing list: http://cs-mailman.bu.edu/mailman/listinfo/busec
The busec seminar gratefully acknowledges the support of BU's Center for
Reliable Information Systems and Cyber Security (RISCS).
Title: Attacking the Network Time Protocol. (Practice Talk)
Speaker: Aanchal Malhotra (BU)
Room: MCS180 (Hariri) at 111 Cummington St, Boston MA 02215
Time: Wednesday Feb 15, 2015, 9:45AM
Abstract: We explore the risk that network attackers can exploit
unauthenticated Network Time Protocol (NTP) traffic to alter the time on
client systems. We first discuss how an on- path attacker, that hijacks
traffic to an NTP server, can quickly shift time on the server’s clients.
Then, we present a extremely low-rate (single packet) denial-of-service
attack that an off-path attacker, located anywhere on the network, can use
to disable NTP clock synchronization on a client. Next, we show how an
off-path attacker can exploit IPv4 packet fragmentation to shift time on a
client. We discuss the implications on these attacks on other core Internet
protocols, quantify their attack surface using Internet measurements, and
suggest a few simple countermeasures that can improve the security of NTP.
Joint work with Isaac Cohen, Erik Brakke, Sharon Goldberg to appear at
Speaker: Omer Paneth (BU)
Room: MCS148 at 111 Cummington St, Boston MA 02215
Time: Wednesday March 2, 2015, 9:45AM
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Busec