Secure clock synchronization under collusion attacks

摘要

Recently, the Secure Average Time Synchronization (SATS) protocol has been proposed and analyzed; this distributed clock synchronization protocol is capable of successfully tackling several attacks such as denial-of-service (DoS), message-delay, message duplication/repetition, and even a generic message manipulation. However, the collusion attack, in which neighboring malicious nodes may cooperate so as to strike stealthier attacks that are more difficult to handle, remains by and large an open problem. In the setup of SATS, we derive the fundamental asymptotic bounds in the number of malicious agents-as function of the benign ones-that can be efficiently handled without tampering accurate network-wide synchronization. Going a step further, we develop a risk model for collusions and use it to obtain even tighter bounds. In specific, we establish that SATS can handle `many' malicious nodes with high probability: an order of almost square-root of the benign ones for the case of no risk, and almost linear when the risk of collusion is accounted. Last but not least, we analyze and experimentally assess an interesting phenomenon: the presence of attackers may lead to a convergence speedup of SATS, since malicious nodes can be effectively constrained from the network, thus affecting the algebraic connectivity of the graph corresponding to the network topology. Numerical simulations verify the theoretical results, i.e., collusions are avoided when the number of malicious nodes is bounded by the asymptotic bounds and the algebraic connectivity increases due to incorporating `well behaved' malicious nodes.