GPS World

Tag: denial of service

  • Microsemi publishes application note on NTP Reflector

    Microsemi publishes application note on NTP Reflector

    Microsemi has published a new application note on its Security Hardened SyncServer NTP Reflector.

    The NTP (Network Time Protocol) Reflector is a fast, accurate NTP server. It features denial of service resilience, monitoring and notification functions.

    Characteristics include 100 percent hardware NTP time-stamping for accuracy and high performance; NTP packet monitoring for DoS detection; bandwidth limiting and packet filtering for CPU protection; and alarming if NTP loading is above expected levels.

    To help users better understand the advantages of Microsemi’s NTP Reflector and packet limiting/monitoring technology, the company explains the underlying technology and its security benefits in the new application note, available for download.

    Key Characteristics

    • 100 percent hardware NTP timestamping for accuracy and high performance
    • NTP Packet monitoring for DoS detection
    • Bandwidth limiting and packet filtering for CPU protection
    • Alarming if NTP loading is above expected levels.

    The NTP Reflector is one of the many differentiating features of Microsemi’s new SyncServer S600 series network time servers.

    The reflector is a real-time, hardware-based NTP packet identification and time-stamping engine uniquely designed to protect the SyncServer CPU from excessive network traffic denial of service  attacks and notify the operator if NTP traffic is above expected levels.

    The innovative technology enables extremely high-bandwidth, high-accuracy, high-reliability and security-hardened NTP operations.

  • GNSS Research: Summary of STRIKE3’s first year

    Example of unusual detected signal type likely to have an impact on GNSS performance. (Figures courtesy of Nottingham Scientific Ltd.)

    Presented at the European Navigation Conference, Switzerland, May 2017

    This paper summarizes major findings from the first year of monitoring by the International Knowledge Exchange, Experimentation and Exploitation (STRIKE3), a new European initiative to support the increasing use of GNSS within safety, security, governmental and regulated applications and addressing concerns about GNSS denial of service attacks. STRIKE3 monitors the international GNSS threat scene to capture the scale and dynamics of the problem and works with international GNSS partners to develop, negotiate, promote and implement standards for threat reporting and receiver testing through an international GNSS interference monitoring network.

    European economies are now dependent on uninterrupted access to GNSS services. At the same time, GNSS vulnerabilities are being exposed, and threats to denial of GNSS service are increasing. We must ensure that there is a common standard for GNSS threat monitoring and reporting, and a global standard for assessing the performance of GNSS receivers and applications under threat. This will ensure the dominance of GNSS as the backbone to our positioning, navigation and timing needs.

    STRIKE3 has built a network of more than 20 interference monitoring sites in 14 countries. This enables STRIKE3 to assess the incidence of deliberate jamming versus unintentional interference to be estimated, as well as comparisons of the most common types of interference at different types of location. Detailed data about the interference signals is collected and used in the creation of test standards. Common signal types as well as unusual ones that are likely to have a major impact on GNSS performance are extracted from the database and added to a test methodology. These will be used to test different types of receivers to better understand impact and help improve mitigation, finally leading to an international test specification.

  • Spirent’s new wireless test solution optimized for IoT devices

    Spirent Communications is now offering the Elevate IoT Device Test Solution, a new cellular test solution designed to support a wide range of testing areas applicable to Internet of Things (IoT) applications, including end-to-end cloud server connectivity, security vulnerability assessment and battery-life measurement.

    The announcement was made at Mobile World Congress, which is taking place Feb. 27 to March 2 in Barcelona, Spain.

    The compact and flexible device test solution, available via the Spirent Elevate platform, addresses critical areas that are affected when designing 3G, LTE, and upcoming narrowband wireless technologies into IoT devices.

    Innovative IoT developers are emerging worldwide with many of their applications reliant on communicating via a cellular network. Cellular deployment has several benefits including higher guaranteed service quality, more robust air interface security, and broader coverage availability. Yet designing IoT devices can present a myriad of complex challenges, especially when cellular connectivity enters the equation.

    Testing on a live network has several limitations: data traffic is not visible between the device and cloud server; the appropriate live network may not be deployed where the development takes place; and there is no ability to control network settings such as power levels.

    Spirent Elevate provides easy access to a controllable, lab-based testing environment, allowing developers to explore the special challenges a cellular network presents in a repeatable manner.

    A number of recent events, including widespread Distributed Denial of Service (DDoS) attacks, has illustrated the very real exposure of IoT device security, highlighting the immediate need for developers to ensure devices are protected from known baseline vulnerabilities.

    The Elevate IoT test solution facilitates access to Spirent SecurityLabs services, including dedicated teams of experienced security professionals offering comprehensive scanning, penetration testing and monitoring services for embedded devices.

    Many IoT devices require operation in hard-to-reach places for extremely long periods of time while in potentially unforgiving environments, making it imperative that batteries perform as expected under variable conditions. The Elevate IoT Device Test Solution allows developers to accurately determine predictable battery life in real-world conditions with actual usage profiles.

    “The Internet of Things is here to stay — it represents a cultural and technology revolution, and has serious implications for security,” said Jeff Wilson, research director and advisor, cybersecurity technology, at analyst firm IHS. “The post-IoT threat landscape is complicated, and the consequences of attacks are increasingly severe. If a device is compromised, it can either fail to work itself, or introduce threats into a wider network, or both; the Mirai and LizardStresser IoT botnets used to launch DDoS attacks were just the tip of an enormous iceberg. Successfully managing connectivity, technology and risk will be vital to IoT implementations from this point forward.”

    Spirent’s IoT Device Test Solution is an integrated suite of tools centered in a compact network emulator that brings a repeatable cellular test bed into any hardware or software lab, providing the ability to replicate service providers’ wireless networks in a portable desktop system.

    When used as part of an expanded Spirent solution that can simulate multiple types and levels of security attacks, the system allows users to accurately understand how a device will hold up against each one and what factors may be impacted.

    Emulating as many conditions as possible helps developers understand exactly how devices, including factors such as battery life, may be impacted in the real world.

    “For IoT developers, many of them new to cellular technology, it can be dauntingly complex to navigate new technologies, manage power performance challenges, and care for imminent cybersecurity threats,” said Saul Einbinder, vice president of new venture development at Spirent Communications. “Our aspiration is to help developers, operators, and service providers optimize their IoT solutions and get to market faster, while also staying considerate of the budget constraints of IoT device realization.”