Study of Methods and Techniques for Manipulating the Time Synchronization Component of NTP Servers in Computer Networks

Abstract

Abstract In computer networks as well as in many other domains, time synchronization is carried out by some dedicated devices called time servers that uses network protocols, such as NTP (Network Time Protocol), PTP (Precision Time Protocol) or SNTP (Simple Network Time Protocol). Many domains and applications, such as, computer networks, security protocols, telecommunications, network services, and many others, depend on accurate time synchronization. According to the CVE (Common Vulnerabilities and Exposures) databases, between 2001-2022, more than 150 time synchronization protocols vulnerabilities have been reported. One of the most dangerous threats is the manipulation of the time synchronization information. Thus, the existence of such a vulnerability can generate serious security problems. Considering these aspects, in this article we aim to use some methods and techniques for the manipulation of the time component and use them to test some synchronization systems. This will require real-life scenarios of the use of time synchronization systems in which some methods and techniques are applied to exploit their vulnerabilities. Following these scenarios, we will be able to assess the risk to which these systems are exposed.