Study on the Distribution of Networked Devices’ Clock Skew

Full Text (PDF, 220KB), PP.1-9

Views: 0 Downloads: 0

Author(s)

Jiao Chengbo 1 Zheng Hui 2

1. Information Engineering University, Zhengzhou, Henan, China

2. Southwestern Institute of Electronics and Telecommunication, Chengdu, Sichuan, China

* Corresponding author.

DOI: https://doi.org/10.5815/ijwmt.2011.04.01

Received: 2 May 2011 / Revised: 7 Jun. 2011 / Accepted: 13 Jul. 2011 / Published: 15 Aug. 2011

Index Terms

Clock Skew, Distribution, Internet, Noise, Conflict Probability

Abstract

Clock skews of devices on the Internet are viewed as one way delay noise, but their distribution is unknown. We explore the distribution of clock skews to see the conflict probability. In this paper, we introduce an accurate clock skew estimation algorithm to filter inaccurate clock skew estimation by comparing the results between linear programming method and least square fitting. Delay jitter and other noises affect the estimation result. When the difference of two methods is large, the estimation result is unstable and inaccurate, so the estimation result should be dropped. Based on this algorithm, we use traces of real Internet measurements to collect 1825 accurate clock skews of different devices to establish a fingerprint database. Furthermore, we show the distribution of clock skews and comparing conflict probability with different number of devices. The distribution shows that clock skews are diverse, and most of clock skews are in the region of [-100, 100] PPM. The results indicate that when the number of devices is small (<5), clock skews won’t be conflict with each other, so clock skews are good tools to detect faked devices or NAT; When the number of devices increases, the conflict probability increases linearly, so clock skews of different devices can not distinguish each devices effectively.

Cite This Paper

Jiao Chengbo, Zheng Hui,"Study on the Distribution of Networked Devices’ Clock Skew", IJWMT, vol.1, no.4, pp.1-9, 2011. DOI: 10.5815/ijwmt.2011.04.01 

Reference

[1] T. Konoho, A. Broido, and K. Claffy. Remote physical device fingerprinting. In Proceedings of IEEE Symposium on Security and Privacy, Oakland, California, May 2005.

[2] J. Suman, K. Sneha. On fast and accurate detection of unauthorized wireless access points using clock skews. In the ACM Sigmobile International Conference on Mobile Computing and Networking, San Francisco, California, USA ,2008.

[3] F. RUSS. A statistical approach to remote physical device fingerprinting. In Proc. of the military communications conference, Orlando, USA, October 2007.

[4] S. Murdoch,Hot or Not: Revealing Hidden Service by their clock skew. In Proc of the 13th ACM Conference on Computer and Communications Security. Alexandra, VA, USA, 2006.

[5] S. B. Moon, P Skelly.; Towsley, D. Estimation and removal of clock skew from network delay measurements. In Proc of the INFOCOM, New York, USA, March 1999.

[6] V. Paxson, Measurements and Analysis of End-to-End Internet Dynamics, Ph. D. thesis, University of California, Berkeley, 1997.

[7] V. Paxson, ‘On calibrating measurements of packet transit times’, in Proceedings of SIGMETRICS’98, Madison, Wisconsin, June, 1998.

[8] D. Mills. Network time protocol (Version 3) specification, implementation and analysis. RFC 1305. March 1992.