Chang-Qing Gong,Ya-Hui Yang

DOI: https://doi.org/10.1007/978-3-642-23214-5_43

2011-01-01

Abstract:U.S. NASA, European ESA, Japanese NASDA and other institutions all have adopted the CCSDS as space communication standards; CCSDS has shown the latest technological developments in space communication system. This paper analyzed security threats in space communications system. The TC data protection methods were summarized firstly, then the performance of several encryption algorithms used in TC protocol was compared. SCPS-SP protocol and SCPS-SP data security process were introduced also. At last, an interoperation method between SCPS-SP and IPSec will be put forward.

Chen Hong

DOI: https://doi.org/10.1088/1742-6596/1650/3/032040

2020-10-01

Journal of Physics: Conference Series

Abstract:Abstract In view of the shortcomings of the CCSDS-TC protocol key update mechanism, this paper proposes a satellite-ground key update scheme suitable for space communication. This article analyzes the encryption and authentication methods of the CCSDS-TC protocol, builds a satellite communication protocol simulation platform on OPNET, and implements the proposed satellite-ground key update scheme, encryption and authentication methods. The simulation test of the dynamic update of satellite-ground key and the simulation results of data security transmission denote that the proposed satellite-ground key update scheme in this paper has good security, scalability and low resource consumption, and can provide a secret key parameter which reveals important practical value.

Zang Li,Wenyuan Xu,Robert D. Miller,Wade Trappe

DOI: https://doi.org/10.1145/1161289.1161297

2006-01-01

Abstract:Although conventional cryptographic security mechanisms are essential to the overall problem of securing wireless networks, these techniques do not directly leverage the unique properties of the wireless domain to address security threats. The properties of the wireless medium are a powerful source of domain-specific information that can complement and enhance traditional security mechanisms. In this paper, we propose to utilize the fact that the radio channel decorre-lates rapidly in space, time and frequency in order to to establish new forms of authentication and confidentiality that operate at the physical layer and can be used to facilitate cross-layer security paradigms. Specifically, for authentication services, we illustrate two channel probing techniques that can be used to verify the authenticity of a transmitter. Similarly, for confidentiality, we examine several strategies for establishing shared secrets/keys between two communicators using the wireless medium. These strategies range from extracting keys from channel state information, to utilizing the channel variability to secretly disseminate keys. We then validate the feasibility of using physical layer techniques for securing wireless systems by presenting results from experiments involving the USRP/GNURadio software defined radio platform.

Xiaojun Tong,Jie Liu,Zhu Wang,Miao Zhang,Jing Ma

DOI: https://doi.org/10.1002/dac.4841

2021-01-01

International Journal of Communication Systems

Abstract:The data link protocols proposed by the Consultative Committee for Space Data Systems (CCSDS) is widely used in space missions. However, the current space key management schemes are inefficient in scalability, security, and key update. In this work, a threshold‐based spatial key management scheme is proposed and applied to the CCSDS telecommunication control (TC) protocol to ensure the security of spatial networks. The threshold‐based key management algorithm using LDPC code is designed to generate, distribute, update, and deactivate the master key. The bilinear pairing cryptosystem is used to protect the group key and provide authentication. The security and performance of the proposed scheme are analyzed. Furthermore, the network model, node model, and process model of CCSDS‐TC protocol based on the proposed scheme are constructed and simulated on OPNET platform. The result shows that the storage overhead of the proposed scheme is lower than the improved Shamir and ECC‐based key management schemes. Its computational overhead is approximately changeless, whereas the network scale is increasing. Furthermore, the proposed scheme only uses binary multiplication, which takes lower computation overhead. Therefore, the proposed scheme has higher security, scalability, and low resource consumption.

Sun Chao,Liu Yukun,Jiang Shouda

DOI: https://doi.org/10.1109/iih-msp.2008.221

2008-01-01

Abstract:This paper aims at the correspondence hidden dangerous problem in "man-in-the-loop" television guidance system data link, proposed a secure communication protocol base on general analysis of the principle and characteristic of current many kinds of cipher systems, which may apply in the "man-inthe-loop" television guidance data link. And the security and real time analysis of the proposed protocol has been carried out as well.

Yuan Gao,Hong Ao,Quan Zhou,Zenghui Feng,Weigui Zhou,Yi Li,Xiang-Yang Li

DOI: https://doi.org/10.1109/wispnet.2017.8300047

2017-01-01

Abstract:It has practical significance to carry out research on physical layer security in satellite communication under the condition that our country has paid high attention to technology research on integrated space-terrestrial network information security. This paper addresses multiservice satellite communication using physical layer security, proposes a novel design subject to different speed and data transfer rate demand among fixed, portable, vehicle, shipborne and airborne receivers. For fixed receivers, this paper proposes a resource optimization method of satellite communication using physical layer security subject to different data transfer rate demand in many receivers. For portable, vehicle and shipborne receivers at low speed, this paper uses mean physical layer secrecy capacity to characterize the secure performance of satellite communication using physical layer security. For airborne receivers at high speed, this paper analyzes the impact of the high-speed relative motion between the satellite and the receiver on channel model, which is combined with mean physical layer secrecy capacity to characterize the secure performance of satellite communication using physical layer security.

Guan Hannan,Yi Ping,Yu Minjie,Li Jianhua

DOI: https://doi.org/10.3969/j.issn.1000-0801.2013.07.019

2013-01-01

Abstract:The security mechanisms for terrestrial network are not appropriate for satellite communication due to the particularity of space environment.The state of the art in security for satellite communication systems was surveyed.Firstly,the security vulnerabilities of satellite communication systems were presented.Secondly,various possible threats and countermeasures were analyzed among physical layer,data link layer,network layer and transport layer.Particularly,representative solutions for survivability,anti-jamming,authentication and key management were illustrated,and a comparison and assessment of their merits and faults were made.Finally,the research was presented which was still worth to do in the future.

Hui Li,Hao Luo,Faxin Yu,Zheming Lu

DOI: https://doi.org/10.3969/j.issn.1004-4132.2010.03.001

2010-01-01

Abstract:In consultative committee for space data systems（CCSDS） file delivery protocol（CFDP） recommendation of reliable transmission,there are no detail transmission procedure and delay calculation of prompted negative acknowledge and asynchronous negative acknowledge models.CFDP is designed to provide data and storage management,story and forward,custody transfer and reliable end-to-end delivery over deep space characterized by huge latency,intermittent link,asymmetric bandwidth and big bit error rate（BER）.Four reliable transmission models are analyzed and an expected file-delivery time is calculated with different trans-mission rates,numbers and sizes of packet data units,BERs and frequencies of external events,etc.By comparison of four CFDP models,the requirement of BER for typical missions in deep space is obtained and rules of choosing CFDP models under different uplink state informations are given,which provides references for protocol models selection,utilization and modification.

YAN Fuchao,LIU Yiliang,HAN Shuai,MENG Weixiao

DOI: https://doi.org/10.11959/j.issn.1000-0801.2020263

2018-01-01

Abstract:As a typical application of wireless communications,the air-space-ground communications networks are facing serious wireless communications security issues due to its inherent broadcast nature and wide coverage.Especially in the field of military satellite communications,the requirement of secure communications security is even more crucial.How to realize the security of communications is a problem must be faced.A model for physical layer security communication in air-space-ground communication network was proposed which was a cooperative layer-direct connect mixed-to-ground physical layer secure communication model.Based on this model,the security of the system was further improved by studying the relay selection problem and the power distribution problem of satellite and relay,and an overall scheme to enhance the confidentiality of the communication network was also proposed.

Yuanyu Zhang,Yulong Shen,Hua Wang,Yanchun Zhang,Xiaohong Jiang

DOI: https://doi.org/10.1109/tsc.2015.2478453

IF: 11.019

2015-01-01

IEEE Transactions on Services Computing

Abstract:Service Oriented Computing (SOC) has initially developed for the Internet, but also identified as an appealing computing paradigm for developing applications in distributed wireless environments. The open nature of wireless medium may expose services to a variety of unauthorized third parties (eavesdroppers), resulting in insecure service interactions, while cooperative jamming is promising to provide a strong form of security. This paper focuses on security performance study of wireless communications for service interactions among different parties in SOC. More specifically, this paper establishes a theoretical framework for the study of eavesdropper-tolerance capability (i.e., the maximum number of eavesdroppers that can be tolerated) in a two-hop wireless network, where the cooperative jamming is adopted to ensure security defined by secrecy outage probability (SOP) and opportunistic relaying is adopted to guarantee reliability defined by transmission outage probability (TOP). For the concerned network, exact modeling for SOP and fine approximation for TOP are first conducted based on the Central Limit Theorem. With the help of SOP and TOP models and also the Stochastic Ordering Theory, the model for eavesdropper-tolerance capability analysis is then developed. Finally, extensive simulation and numerical results are provided to illustrate the efficiency of our theoretical framework as well as the eavesdropper-tolerance capability of the concerned network from adopting cooperative jamming and opportunistic relaying.

WANG Tao,CHEN Hong-chang,CHENG Guo-zhen

DOI: https://doi.org/10.11959/j.issn.1000-436x.2017221

2017-01-01

Abstract:Software-defined network (SDN) separated the traditional control plane from the data plane, formed a centralized controller, opened up the network programming interface, simplified network management, promoted network innovation and optimized network operation. However, SDN's "three-layer two-interface" architecture increased the net-work attack surface, resulting in many new security issues. The development, characteristics and working principle of SDN were first introduced, and the existing security problems from the application layer, the northbound interface, the control plane, the southbound interface, the data plane were summarized respectively. Secondly, the latest research progress and existing solutions were discussed. Finally, SDN current and future security challenges were summarized, and the future SDN security development direction was looked forward to.

Ruhai Wang,Bidhya L. Shrestha,Xuan Wu,Erin Tade,Tiaotiao Wang,Xinbing Wang

DOI: https://doi.org/10.1109/ICC.2008.366

2008-01-01

Abstract:The Consultative Committee for Space Data Systems (CCSDS) file delivery protocol, also known as CFDP, is a new standard protocol designed to meet a comprehensive set of file transfer requirements in space communications, especially for deep space missions. However, the performance of CFDP in cislunar space has not yet been evaluated, although the protocol has been particularly developed for deep space communications. In this work, we discuss an experimental investigation of the core file-delivery operation of unreliable CFDP in cislunar space communications. Presented is an experimental performance evaluation of unreliable CFDP operating with reliable transmission control protocol (TCP) and reliable CDFP operating with UDP over the simulated cislunar communication link with intermittent link connectivity.

Yafeng Zhan,Guanming Zeng,Xiaohan Pan

DOI: https://doi.org/10.23919/jcc.2022.09.006

2022-01-01

China Communications

Abstract:Satellite constellations are promising in enabling the global Internet. However, the increasing constellation size also complicates tracking, telemetry and command (TT&C) systems. Traditional ground-based and space-based approaches have encountered significant obstacles due to, e.g., the limited satellite visible arc and long transmission delay. Consider-ing the fast development of intersatellite communica-tions, synergy among multiple connected satellites can be exploited to facilitate TT&C system designs. This leads to networked TT&C, which requires much less predeployed infrastructures and even performs better than traditional TT&C systems. In this paper, we elaborate system characteristics of networked TT&C compared with traditional ground-based and space-based TT&C, and propose the unique security chal-lenges and opportunities for networked TT&C, which includes secure routing and trust mechanisms. Fur-thermore, since networked TT&C is a novel scenario with few relevant researches, we first investigate the current researches on secure routing and trust mecha-nisms for traditional terrestrial and satellite networks, and then accordingly deliver our security perspectives considering the system characteristics and security re-quirements of networked TT&C.

Vincent Lenders,Franklyn Sciberras,Martin Strohmeier,Johannes Willbold

DOI: https://doi.org/10.1109/AERO58975.2024.10521192

2024-03-02

Abstract:The security of satellite and space systems has become a pressing concern in recent years as various high-profile incidents involving satellite-based internet access have been observed in the context of the war in Ukraine. An increase in threat level is partly due to a) rapid advancements in affordable software-defined communications equipment, which have made it easier for attackers to gain communication capabilities with orbital assets and b) the increasing adoption of commercial off-the-shelf hardware and software components in spacecraft enhancing affordability and exposing potential vulnerabilities more easily. A recent study revealed that satellite software typically lacks sufficient protection against unauthorized access. However, it remains unclear how this inherent lack of security is critical to other satellites in orbit as no public work exists on cybersecurity reconnaissance. Hence, to date, identifying non-standard commands and assessing potential vulnerabilities are deemed challenging steps for attackers to perform.In light of this current state, this paper analyzes how attackers may conduct reconnaissance on satellites’ capabilities without targeting the ground segment. We develop strategies that attackers may employ to evaluate satellites’ capabilities using a satellite implementation that adheres to the ECSS-standardized Telecommand on top of a CCSDS protocol stack. Our considered strategies encompass enumeration methods to identify the subset of the standard implemented, including non-standardized functionalities. Additionally, we present strategies to analyze implementation-specific aspects of CCSDS’ Space Data Link Security (SDLS) Protocol, which serves as the primary security protocol within the CCSDS protocol family. Our strategies test the potential for timing side channels, fault-message-based enumeration, and payload length enumeration testing. To evaluate the effectiveness of our strategies, we apply them to a real-world satellite and measure their success rate.

Engineering,Political Science,Computer Science

Yi-Li Huang,Fang-Yie Leu,Ko-Chung Wei

DOI: https://doi.org/10.1016/j.mcm.2012.11.022

2013-09-01

Mathematical and Computer Modelling

Abstract:Recently, wireless networks, such as Wi-Fi and 3G, have been widely equipped and popularly used in the world. People holding smart devices can conveniently access the Internet services through modern wireless networks. However, when people are enjoying using wireless systems, network security has been a crucial challenge because wireless messages, encrypted or unencrypted, may be maliciously intercepted by hackers. After analyzing and/or decrypting the messages, hackers can illegally capture or steal important information, such as credit card numbers or usernames/passwords, carried in the messages. Currently, SSL and IPsec are utilized to protect the delivery of these types of information. However, each of the two security protocols has its own drawbacks both in their key exchange and message encryption/decryption processes. To solve these drawbacks, in this paper, we propose a secure communication system, named the Wireless Security System with Data Connection Core (WiSDC for short), which consists of two security schemes, including a symmetric key exchange process and a two-dimensional stream cipher mechanism. The former employs random numbers and the connection keys contained in the Data Connection Core (the DCC for short) to generate internal keys, through which the security level of the key exchange process can be enhanced. Here, the DCC is a set of random numbers created when the underlying user registers himself/herself with the wireless system being considered, and the random numbers are only known to the user and AAA server of the wireless system. The latter invokes two operators, including exclusive-or⊕ and binary adder +2 operators, and two Pseudo Random Number Sequences (PRNSs) to encrypt plaintext so as to well protect the ciphertext. The WiSDC also adopts a pseudo random number generator, which feeds back keys in current stage as a part of the inputs of the next stage, to generate more complicated keys for data encryption. Experimental results show that the WiSDC can effectively protect transmitted messages for wireless environments. The analytical results indicate that the WiSDC has higher security level and execution efficiency than those of the SSL and IPsec.

Xuemei Ding,Meisong Li,Yamin Wei,Lu Yuan

DOI: https://doi.org/10.1088/1742-6596/1648/3/032137

2020-10-01

Journal of Physics: Conference Series

Abstract:Abstract With the rapid development of Internet, network security protocol plays an increasingly important role, which will enhance the security and stability of computer communication. Network security protocol can control the application process of computer communication technology, which will improve the computing communication environment. Through security protocol, we can guarantee the security of computer communication technology. In CTC system, this paper analyzes the practical application of computer security protocol. Through security protocol, we can guarantee the practical application effect of computer communication technology, which will promote the strengthening of security protocol in the future. In practical work, the security protocol will transfer information and data through a variety of methods, such as key distribution, identity authentication, data encryption and so on. Firstly, this paper analyzes the common security protocols. Then, this paper analyzes the role of security protocol.

English Else

Shiang-Jiun Chen,Chin-Shen Fang,Tzu-Yun Wang,I-Wei Chiang

DOI: https://doi.org/10.1109/ICKII58656.2023.10332769

2023-08-11

Abstract:Under the Software-Defined Networking (SDN) framework, Low Earth Orbit (LEO) operates with its multiple architectures, including Cross-Domain Controller Architecture, Inter-Domain Controller Architecture, and so on. For cross-domain controller structure, the security of the east-west protocol is considered, including the protocols and sources in its secure design. For the inter-domain controller, the south-north bound protocol and software are used. we proposed a method to build a treatment model to provide a mechanism for the abnormal behavior. On these two architectures, we employed a series of security analysis methods and countermeasures. Regarding the security analysis methods, we used software composite analysis (SCA), static application security testing (SAST), and dynamic application security testing (DAST) to assess the potential threats and attack vectors, and then build a threat model. East-west and south-north (application layer) protocols were considered in building the threat model. With this model, the monitor mechanism was established for the abnormal activities. The security performance was evaluated.

Engineering,Computer Science

Yuan Gao,Hong Ao,Zenghui Feng,Weigui Zhou,Su Hu,Xiangyang Li

DOI: https://doi.org/10.1109/CSE-EUC.2017.165

2017-01-01

Abstract:Physical layer security has become popular in recent years. In satellite communication systems, wire-tap users are easy to obtain information from satellite side for the range of the beam is broad. In this work, we consider the multi user scenario, by adopting the dynamic beam forming in satellite networks, the beam could be restricted into the small range, where wire-tap users could not obtain information from the side band and the information security has been obtained by using the scheme. From the simulation result, we can conclude that, by using the proposed physical layer security method, the wiretap user could not retreat enough information.

Yu Zhang,Shuangrui Zhao,Ji He,Yuanyu Zhang,Yulong Shen,Xiaohong Jiang

DOI: https://doi.org/10.1049/2023/5604802

2023-10-26

IET Information Security

Abstract:Satellite internet serves as an indispensable component of the upcoming sixth-generation networks for providing global broadband internet access service. Due to the open nature of satellite-ground communication, security issue in satellite internet has always been an important concern for both industry and academia. Although many researchers focus on secure communications in satellite internet, the literature is surprisingly sparse, with no comprehensive overview of the state-of-the-art security techniques. This paper provides an in-depth survey of secure communications for various satellite internet scenarios. Based on different security mechanisms, we first categorize the existing works of secure communications in satellite internet into two categories: cryptography-based and physical layer security-based. The former includes classical encryption-based and quantum encryption-based secure communication, and the latter is further divided into precoding-based, cooperative jamming-based, relay selection-based, and physical-layer authentication-based secure communication depending on the applied techniques. Finally, we provide some future research directions.

computer science, information systems, theory & methods