| Time-space reference is the basis of surveying and mapping and navigation.Network time reference is one of the main forms of modern time reference,and network time synchronization is the key link in the establishment and maintenance of network time reference.Attacks on time synchronization which has become one of the main modes of time warfare can originate faulty system time,failure system synchronization state,and adversely affect the overall application system functions.In the worst case,the system will break down.The anti-attack ability of network time synchronization will have a direct impact on the security of network time reference and national defense,military and important national infrastructure based on this.Judging from the newly released NTP/PTP security mechanisms,there are still several obvious weaknesses in suppression of malicious attacks,especially delay attack,timestamp tampering attack and time source spoofing attack which will cause“time spoofing”.Therefore,researching on the theory,method and technology of network time synchronization and establishing security mechanisms with stronger anti-interference and anti-attack capability have become a new and important research direction in the field of time security.Polar code technology,the latest achievements in the field of information theory and coding,was proposed to be used into the field of network time synchronization security by this paper for the first time,and a series of security algorithms are designed to resolve the problems of availably conquering the delay attack,timestamp tampering attack and time source spoofing attack.The main work and innovation points of this paper are summarized as follows:(1)Delay attack and timestamp tampering attack suppression basic algorithm based on polar coding is proposed.In this algorithm,channel polarization characteristic caused by polar coding is utilized to construct the secure bit channels for timestamps exchange between two legal terminals to deal with the timestamp tampering attack as well as identify the received time synchronization packet which is delayed by an attacker to overcome the delay attack,which breaks through the limitations of security,effectiveness and complexity of the current NTP/PTP security mechanisms based on cryptography in terms of time delay attack and time stamp tamper attack suppression.Since the algorithm is only related to the physical layer,namely the generation method of communication signal is changed,the current NTP/PTP security mechanisms can be compatible.Besides,the low computation complexity of this strategy minimizes the impact on synchronization accuracy.Simulation results show that the abilities of the proposed security algorithm to overcome the two attacks can be achieved with the bit error rate of the attacker to recover the timestamps being about 0.5 which means that the attacker could not extract any valid information from the recovered timestamp data and the successful detection probability of the legitimate receiver to detect the packets suffering delay attack being 100%as long as the performance difference between the main channel and the illegal wiretap channels reaches a certain degree(at the situation of the code rate being 0.5,the transition probability difference of BSC channel needs to be greater than or equal to 0.1;the erasure probability difference of BEC channel needs to be greater than or equal to 0.44;the SNR difference of AWGN channel needs to be greater than or equal to 3.9db).Otherwise,the probability of correct detection for the delay attack will decrease to zero rapidly.(2)Delay attack and timestamp tampering attack suppression algorithm under arbitrary channel environment is proposed.Rely on the algorithm,the security problem existing in the basic algorithm can be effectively solved,which caused by the fact that the quality of the illegal channel is close to that of the legal main channel and the secret bit channels cannot be constructed or the number of which cannot meet the actual demand.In this algorithm,OFDM modulation is introduced on the basis of polar coding.Through artificially controlled frequency selectivity of the transmission channel,the channel quality difference between the legal main channel and the illegal wiretap channel is constructed.The advantages of basic algorithm are maintained and its limitations of working scenarios is broken through by the algorithm,that is the security of basic algorithm can be effectively extended to the scenarios where the performance of the illegal wiretap channel is close to or better than that of the legal main channel.Simulation results show that with the algorithm the bit error rate of the attacker to recover the timestamps is about 0.5 which means that the attacker could not extract any valid information from the recovered timestamp data and the successful detection probability of the legitimate receiver to detect the packets suffering delay attack can reach 100%under any channel scenarios.(3)Physical layer identity authentication algorithm based on Polar coding,namely network time synchronization physical layer security algorithm based on Polar coding is proposed.In this algorithm,physical layer identity authentication algorithm and relating security management mechanism based on Polar coding and MP-4-WFRFT transform are designed,which make the legitimate receiver has the capability of physical layer identity authentication,time delay attack and timestamp tampering attack suppression without significantly increasing the computational complexity,and enhances the security of the system in broadcast mode.This algorithm can be seen as the final result of design of the physical layer security algorithm.Simulation results show that using this algorithm constellation patterns recovered by all kinds of attackers are expressed as quasi-Gaussian noise,and the successful detection probability of the legitimate receiver to detect the packets suffering time source spoofing attack or the other two typical time attacks can reach 100%.(4)The NTP network time synchronization security experimental verification platform is designed and constructed.The platform is constructed based on the network simulation software of OMNe T++and INET Framework,and on which the NTP network time synchronization system under client server working mode is realized.The platform can work in attack scenario or non-attack scenario,security mode or non-security mode,and a physical layer interface is provided for the link simulation results of the physical layer security algorithm proposed in this paper.So,the functional verification of the security algorithm at the level of system simulation,as well as the evaluation of its influence on the accuracy of time synchronization can be carried out,and the experimental results provide preliminary references for evaluating the actual performance of the security algorithm.The experimental results show that by means of the physical layer security algorithm proposed in this paper,the successful detection probability of the legitimate receiver to detect the time synchronization messages suffering time source spoofing attack,timestamp tampering attack or delay attack can reach 100%.The influence of algorithm processing delay on the accuracy of NTP terminal time synchronization is in the order of picosecond(10-12s). |
PDF Full Text Request