Complex Paths and Derelict Sentinels - Software Engineering Underpinnings of NTP Vulnerabilities
Offered By: IEEE via YouTube
Course Description
Overview
Explore the software engineering underpinnings of recent Network Time Protocol (NTP) vulnerabilities in this IEEE conference talk. Delve into the complex paths and derelict sentinels that have led to security issues in the de facto standard for synchronizing computer clocks on the Internet. Examine how specific software engineering choices may have caused or obscured these vulnerabilities. Review several recent cases where attackers could arbitrarily control remote system clocks using NTP. Cover NTP basics, packet consistency checks, ephemeral associations, and spoofing. Gain insights into improving the security of time synchronization protocols and implementations.
Syllabus
Intro
NTP basics
Packet consistency checks
Ephemeral associations
Spoofing
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
Unlocking Information Security II: An Internet PerspectiveTel Aviv University via edX Cybersecurity Capstone: Breach Response Case Studies
IBM via Coursera Complete Ethical Hacking Bootcamp
Udemy Cyber Security Advanced Persistent Threat Defender Preview
Udemy Performing Threat Modeling with the PASTA Methodology
Pluralsight