SoK: State of the time: On Trustworthiness of Digital Clocks

• URL: http://arxiv.org/abs/2502.09837v1
• Date: Fri, 14 Feb 2025 00:37:02 GMT
• Title: SoK: State of the time: On Trustworthiness of Digital Clocks
• Authors: Adeel Nasrullah, Fatima M. Anwar,
• Abstract summary: We aim to obtain a holistic understanding of the issues that make the timing stacks vulnerable to adversarial manipulations. In doing so, we discover new attack surfaces, i.e., physical timing components and on-device timekeeping. We show that the emerging trusted timing architectures are flawed and risk compromising wider system security.
• Score: 1.4502611532302039
• License:
• Abstract: Despite the critical role of timing infrastructure in enabling essential services, from public key infrastructure and smart grids to autonomous navigation and high-frequency trading, modern timing stacks remain highly vulnerable to malicious attacks. These threats emerge due to several reasons, including inadequate security mechanisms, the timing architectures unique vulnerability to delays, and implementation issues. In this paper, we aim to obtain a holistic understanding of the issues that make the timing stacks vulnerable to adversarial manipulations, what the challenges are in securing them, and what solutions can be borrowed from the research community to address them. To this end, we perform a systematic analysis of the security vulnerabilities of the timing stack. In doing so, we discover new attack surfaces, i.e., physical timing components and on-device timekeeping, which are often overlooked by existing research that predominantly studies the security of time synchronization protocols. We also show that the emerging trusted timing architectures are flawed and risk compromising wider system security, and propose an alternative design using hardware-software co-design.

Related papers

• Autonomous Identity-Based Threat Segmentation in Zero Trust Architectures [4.169915659794567]
  Zero Trust Architectures (ZTA) fundamentally redefine network security by adopting a "trust nothing, verify everything" approach. This research applies the proposed AI-driven, autonomous, identity-based threat segmentation in ZTA.
  arXiv  Detail & Related papers  (2025-01-10T15:35:02Z)
• Modern Hardware Security: A Review of Attacks and Countermeasures [1.7265013728931]
  In this paper, we review the current state of vulnerabilities and mitigation strategies in contemporary computing systems. We discuss cache side-channel attacks (including Spectre and Meltdown), power side-channel attacks (such as Simple Power Analysis), and advanced techniques like Voltage Glitching and Electromagnetic Analysis. The paper concludes with an analysis of the RISC-V architecture's unique security challenges.
  arXiv  Detail & Related papers  (2025-01-08T10:14:19Z)
• Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
  We propose Authenticated Cyclic Redundancy Integrity Check (ACRIC) ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic. We show that ACRIC offers robust security with minimal transmission overhead ( 1 ms)
  arXiv  Detail & Related papers  (2024-11-21T18:26:05Z)
• Confronting the Reproducibility Crisis: A Case Study of Challenges in Cybersecurity AI [0.0]
  A key area in AI-based cybersecurity focuses on defending deep neural networks against malicious perturbations. We attempt to validate results from prior work on certified robustness using the VeriGauge toolkit. Our findings underscore the urgent need for standardized methodologies, containerization, and comprehensive documentation.
  arXiv  Detail & Related papers  (2024-05-29T04:37:19Z)
• SoK: A Defense-Oriented Evaluation of Software Supply Chain Security [3.165193382160046]
  We argue that the next stage of software supply chain security research and development will benefit greatly from a defense-oriented approach. This paper introduces the AStRA model, a framework for representing fundamental software supply chain elements and their causal relationships.
  arXiv  Detail & Related papers  (2024-05-23T18:53:48Z)
• Rethinking the Vulnerabilities of Face Recognition Systems:From a Practical Perspective [53.24281798458074]
  Face Recognition Systems (FRS) have increasingly integrated into critical applications, including surveillance and user authentication. Recent studies have revealed vulnerabilities in FRS to adversarial (e.g., adversarial patch attacks) and backdoor attacks (e.g., training data poisoning)
  arXiv  Detail & Related papers  (2024-05-21T13:34:23Z)
• Attention-Based Real-Time Defenses for Physical Adversarial Attacks in Vision Applications [58.06882713631082]
  Deep neural networks exhibit excellent performance in computer vision tasks, but their vulnerability to real-world adversarial attacks raises serious security concerns. This paper proposes an efficient attention-based defense mechanism that exploits adversarial channel-attention to quickly identify and track malicious objects in shallow network layers. It also introduces an efficient multi-frame defense framework, validating its efficacy through extensive experiments aimed at evaluating both defense performance and computational cost.
  arXiv  Detail & Related papers  (2023-11-19T00:47:17Z)
• Empirical Analysis of Software Vulnerabilities Causing Timing Side Channels [2.0794749869068005]
  This study examines the timing attack-related vulnerabilities in non-cryptographic software. We found that a majority of the timing attack-related vulnerabilities were introduced due to not following known secure coding practices. The findings of this study are expected to help the software security community gain evidence-based information about the nature and causes of the vulnerabilities related to timing attacks.
  arXiv  Detail & Related papers  (2023-08-23T01:38:03Z)
• Leveraging Traceability to Integrate Safety Analysis Artifacts into the Software Development Process [51.42800587382228]
  Safety assurance cases (SACs) can be challenging to maintain during system evolution. We propose a solution that leverages software traceability to connect relevant system artifacts to safety analysis models. We elicit design rationales for system changes to help safety stakeholders analyze the impact of system changes on safety.
  arXiv  Detail & Related papers  (2023-07-14T16:03:27Z)
• Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
  Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance. We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems. We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
  arXiv  Detail & Related papers  (2020-10-19T13:09:31Z)
• Enhanced Adversarial Strategically-Timed Attacks against Deep Reinforcement Learning [91.13113161754022]
  We introduce timing-based adversarial strategies against a DRL-based navigation system by jamming in physical noise patterns on the selected time frames. Our experimental results show that the adversarial timing attacks can lead to a significant performance drop.
  arXiv  Detail & Related papers  (2020-02-20T21:39:25Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.