Game theory applied to secure clock synchronization with IEEE 1588

Industrial applications usually have real-time requirements or high precision timing demands. For such applications, clock synchronization is one of the main assets that needs to be protected against malicious attacks. To provide sufficient accuracy for distributed time-critical applications, appropriate techniques for preventing or mitigating delay attacks that breach clock synchronization are needed. In this paper, we apply game theory to investigate possible strategies of an adversary, performing attacks targeting clock synchronization on the one hand and a network monitor, aiming to detect anomalies introduced by the adversary on the other. We investigate the interconnection of payoffs for both sides and propose the quarantine mode as a mitigation technique. Delay attacks with constant, linearly increasing, and randomly introduced delays are considered, and we show how the adversary strategy can be estimated by evaluating the detection coefficient, giving the network monitor the possibility to deploy appropriate protection techniques.

[1]  Kang B. Lee,et al.  Standard for a Precision Clock Synchronization Protocol for Networked Measurement and Control Systems , 2004 .

[2]  Albert Treytl,et al.  Validation and verification of IEEE 1588 Annex K , 2011, 2011 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control and Communication.

[3]  Michael Wooldridge,et al.  Does Game Theory Work? , 2012, IEEE Intelligent Systems.

[4]  Wilfried Elmenreich,et al.  Time-Triggered Fieldbus Networks State of the Art and Future Applications , 2008, 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC).

[5]  G. Gaderer,et al.  Traps and pitfalls in secure clock synchronization , 2007, 2007 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control and Communication.

[6]  Chase Qishi Wu,et al.  A Survey of Game Theory as Applied to Network Security , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[7]  M. Ullmann,et al.  Delay attacks — Implication on NTP and PTP time synchronization , 2009, 2009 International Symposium on Precision Clock Synchronization for Measurement, Control and Communication.

[8]  Janet M. Twomey,et al.  Validation and Verification , 1997 .

[9]  Hermann Kopetz,et al.  Clock Synchronization in Distributed Real-Time Systems , 1987, IEEE Transactions on Computers.

[10]  S.H. Lin,et al.  Diversity protections for digital radio-summary of ten-year experiments and studies , 1988, IEEE Communications Magazine.

[11]  Mats Björkman,et al.  Risk evaluation of an ARP poisoning attack on clock synchronization for industrial applications , 2016, 2016 IEEE International Conference on Industrial Technology (ICIT).

[12]  Mats Björkman,et al.  Protecting Clock Synchronization: Adversary Detection through Network Monitoring , 2016, J. Electr. Comput. Eng..

[13]  T. Basar,et al.  A game theoretic approach to decision and analysis in network intrusion detection , 2003, 42nd IEEE International Conference on Decision and Control (IEEE Cat. No.03CH37475).

[14]  T. Mizrahi A game theoretic analysis of delay attacks against time synchronization protocols , 2012, 2012 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control and Communication Proceedings.

[15]  Kang Lee,et al.  IEEE 1588 standard for a precision clock synchronization protocol for networked measurement and control systems , 2002, 2nd ISA/IEEE Sensors for Industry Conference,.