Poster Abstract: Time Attacks using Kernel Vulnerabilities
Muhammad Abdullah Soomro, Adeel Nasrullah, Fatima Muhammad Anwar
TL;DR
The paper addresses vulnerabilities in system time security by focusing on kernel-level time manipulation attacks. It formalizes two primary vectors—privilege escalation and code injection—and categorizes attack strategies into constant, incremental, and randomized delays within a practical threat model. Using LD_PRELOAD for dynamic library injection, bpftrace for kernel-timekeeping modifications, and ptrace-based code injection, the authors demonstrate tangible distortions to perceived time. Evaluation shows small overheads in some scenarios, such as about 1 millisecond delay, and substantial latency growth—up to approximately six times—under certain attack modes, highlighting stealthiness and disruptive potential. The work argues for treating time security as a core component of system integrity and motivates development of lightweight mitigations for time-sensitive applications.
Abstract
Timekeeping is a fundamental component of modern computing; however, the security of system time remains an overlooked attack surface, leaving critical systems vulnerable to manipulation.