Usage Analysis of the NIST Internet Time Service

Jeff A. Sherman, Judah Levine
2016 Journal of Research of the National Institute of Standards and Technology  
The Internet Time Service (ITS) at the National Institute of Standards and Technology (NIST) currently receives over 16 billion time requests per day. ITS servers derive their system time from the NIST atomic-referenced time scale and distribute it freely to the public. Here we explore ITS usage patterns discovered by analysis of inbound network traffic. For example, over a period of four weeks, just two of the ≈ 20 ITS servers received requests from 316 million unique Internet Protocol (IPv4)
more » ... et Protocol (IPv4) addresses, which is at least 8.5 % of the entire Internet. We offer recommendations for networked device/software manufacturers, and providers and consumers of network time services. Overview Among national metrological institutes, NIST operates the largest ensemble of time-serving computers (timesevers) on the public Internet [1] . The approximately twenty [2] servers' system clocks are synchronized to a time scale governed by atomic clocks and primary frequency standards [3], the laboratory's realization of Coordinated Universal Time, UTC(NIST). The timeservers are geographically diverse, operate with independent synchronization links, and provide a source of time independent of Global Navigation Satellite Systems such as the Global Positioning System (GPS) [4] . Historically, traffic to the ITS has grown exponentially and now (at time of writing) exceeds 1.6 × 10 10 requests daily (see Fig. 1 ). Applications and demand for accurate network time transfer include securities trading [5], distributed databases [6], and realtime cyber-physical systems [7] [8] [9] . Generally, while information security applications do not yet require UTC at high resolution, they do rely on time accuracy and network integrity [10] . For these reasons, trusted, highly available primary sources of network time like the ITS are vital public resources. Industry forecasts predict even more classes of appliances will become networked (i.e., Internet of Things [11]), implying further significant growth potential in demand for network time. Therefore, it is important to understand ITS usage patterns in order to optimally use and provision ITS resources. Since background information about network time transfer and the ITS [12] is available elsewhere, we cover only relevant details in Sec. 2. Thus far, the only published ITS usage statistics are daily request totals. In this work, we explore usage patterns in finer detail. In Sec. 3 we present new findings including temporal patterns in request rate, and estimates of the number, character, and behavior of unique clients. Given the large request rate (averaging over 28,000/s on one server), and the delay-sensitive nature of the Volume 121 (2016) Journal of Research of the National Institute of Standards and Technology 34 Fig . 1 . a) Daily request rate (averaged weekly) to NIST's Internet Time Service over nearly two decades of operation. The growth is not well described by a single exponential rate. A red-dashed line illustrates a doubling interval of 3.4 years, obtained by a leastsquares fit over the most recent 3000 days. b) On a logarithmic scale, we separately plot Network Time Protocol (blue) and other protocol (DAYTIME, TIME; red) request rates. application, the information capture process had to be fast, non-blocking, and stable; a description of methodology follows in Sec. 4. In Sec. 5 we make data-driven recommendations to consumers and providers of network time, and note how the same technology used in this study can be leveraged to help mitigate abusive traffic loads.
doi:10.6028/jres.121.003 fatcat:gkt5pa5lpjffnm4u7l4yj24fyq