Security Analysis on Railway Network Time Protocol Based on Colored Petri Nets

被引：0

作者：

Zhang Y. ^{[1
]}

Zhang H. ^{[1
]}

Wang H. ^{[1
]}

机构：

[1] School of Automation and Electrical Engineering, Lanzhou Jiaotong University, Lanzhou

来源：

Tiedao Xuebao/Journal of the China Railway Society | 2017年 / 39卷 / 10期

关键词：

Colored Petri nets; Intrusion; Loopholes; NTP; Reversed state analysis;

D O I：

10.3969/j.issn.1001-8360.2017.10.011

中图分类号：

学科分类号：

摘要：

With the development of time synchronization technology in the railway field, it is extremely important to ensure the safe operation of Network Time Protocol(NTP) in real time. Since NTP contains security defects itself, it is necessary to analyze the security mechanism of the NTP protocol. Firstly, taking the connectionless nature of NTP protocol into consideration, the Colored Petri Nets(CPN) were used to establish CPN model of NTP under the normal working mode to analyze the loopholes and vulnerabilities during the time synchronization. Then, the knowledge sets required by the intruder to successfully attack the protocol and the knowledge sets that an intruder can acquire during an attack were set up. The CPN were used to model the attack process of NTP protocol. Furthermore, through the reversed state analysis, the accessibility of NTP protocol into insecure state was analyzed. Finally, the analysis results were verified through CPNTools simulation. The results show that it is unsafe for NTP during its process of server authentication. © 2017, Editorial Office of Journal of the China Railway Society. All right reserved.

引用

页码：82 / 88

页数：6

共 8 条

[1] Lu H., The Research for Development of Railway Time Synchronization Network, Railway Signalling & Communication Engineering, 48, 8, pp. 54-58, (2012)
[2] Bekeneva Y., Shipilov N., Borisenko K., Simulation of DDoS-attacks and Protection Mechanisms Against Them, IEEE Faculty of Computer Science and Technology, 48, 8, pp. 49-55, (2015)
[3] Mills D., Dalaware U., Haberman B., Network Time Protocol Version 4:Autokey Specification, (2010)
[4] Mills D., Dalaware U., Martin J., Network Time Protocol Version 4:Protocol and Algorithms Specification, (2010)
[5] Jensen K., Kristensen L., Wells L., Colored Petri Nets and CPN Tools for Modelling and Validation of Concurrent Systems, International Journal on Software Tools for Technology Transfer, 9, 3-4, pp. 213-254, (2007)
[6] Zhang Y., Wang F., Zhang S., Et al., Dependability Assessment of Railway Time Synchronization Network Based on Fuzzy Bayesian Network, Journal of the China Railway Society, 37, 5, pp. 57-63, (2015)
[7] Muratu T., Petri Nets:Properties, Analysis and Application, Proceedings of the IEEE, 77, 4, pp. 541-580, (1989)
[8] Li D., Wang G., Yang C., Et al., NTP/IEEE1588-based Time Synchronization System in Seafloor Observatory Network, Journal of Zhejiang University:Engineering Science, 48, 1, pp. 1-7, (2014)

← 1 →