随着时间同步技术在铁路领域的发展,能够实时地保证时间同步协议NTP的安全运行变得至关重要.由于NTP协议自身具备一定的安全缺陷,因此,对NTP协议的安全机制进行分析十分必要.考虑到NTP协议的无连接特性,使用有色Petri网建立其在正常工作模式下的有色Petri网模型,并分析协议在进行时间同步过程中存在的漏洞.构建入侵者成功入侵协议所需要的知识集和入侵者在入侵过程中能够获取的知识集,并使用有色Petri网对NTP协议受到入侵的过程进行建模.通过逆向状态分析方法,对NTP协议进入不安全状态的可达性进行分析,使用CPNTools软件对分析结果进行仿真验证.结果表明,NTP协议的服务器身份验证过程是不安全的.%With the development of time synchronization technology in the railway field , it is extremely impor-tant to ensure the safe operation of Network Time Protocol(NTP) in real time .Since NTP contains security defects itself ,it is necessary to analyze the security mechanism of the NTP protocol .Firstly ,taking the con-nectionless nature of NTP protocol into consideration , the Colored Petri Nets (CPN ) were used to establish CPN model of NTP under the normal working mode to analyze the loopholes and vulnerabilities during the time synchronization .Then ,the knowledge sets required by the intruder to successfully attack the protocol and the knowledge sets that an intruder can acquire during an attack were set up . The CPN were used to model the at-tack process of NTP protocol . Furthermore , through the reversed state analysis , the accessibility of NTP protocol into insecure state was analyzed .Finally ,the analysis results were verified through CPNTools simu-lation . The results show that it is unsafe for N T P during its process of server authentication .
展开▼
