Professor in computer science and software engineering develops novel method to prevent cyber attacks on low earth orbit satellites
Published: Oct 9, 2023 9:05 AM
By Joe McAdory
Imagine the potential widespread impact of cyberattacks on low earth orbit (LEO) satellite telecommunications networks. Media outlets couldn’t share vital information. Government and defense agencies would remain in the dark. Families become separated without the lifeline of smart phones.
Tao Shu, associate professor in computer science and software engineering, has a plan that could prevent such a communications catastrophe and keep bad actors from obtaining the necessary information to hack into satellite systems. How? Tricky passwords? No. Two-factor authentication methods? No. Encrypting information with challenging mathematics equations or algorithms? Even those are too easy for state-sponsored attackers to unravel.
The answer: randomly scatter pieces of code from one LEO to another across outer space, where these satellites orbit at 1,500 kilometers above the earth, creating a logistical nightmare for would-be cyber attackers. Shu’s timely project during Cybersecurity Awareness Month, “Building Resilience into LEO Satellite Networks by Exploiting Network Layer Characteristics,” was awarded a three-year, $300,000 grant by the National Science Foundation.
“Because the stakes are so high, as telecommunications are a critical infrastructure for our society and democracy, the motivation to hack or damage them from the opposite side, is high,” Shu said. “But the attack model in this high-stakes scenario is fundamentally different from the usual cybercrimes we talk about in our daily lives. That’s the reason why many attempted attacks launched against these systems are state-sponsored.”
Shu cited the Russian invasion of Ukraine as an example, where satellites were compromised and telecommunications disabled four hours before the ground attack.
“The Russians taught us a lesson,” he said. “We learned that satellite systems are not as secure as we thought. Basically, it means these systems can be compromised. Russia made cyber preparations for the invasion and wanted to paralyze the networks to cut off communication. Ukrainian soldiers could not communicate, which made resistance very difficult.”
Shu’s proposal: 1) exploit the global spatial distribution of LEO satellites and their dense connectivity/high mobility, and 2) physically constrain randomized multi-path-routing-based secret key generation methods – means to obtain passwords/codes/secret messages – that are immune to resource-unconstrained attacks. In other words, scatter the pieces of pertinent information across the satellite field.
“My solution is drastically different from the traditional ones,” he said. “The old method is to encrypt the information. But state-sponsored attackers have the capabilities to compromise those systems. My method does not rely on math or algorithm constraints. My security relies on physical constraints.
“What I’m going to do is partition the message into many small pieces. To communicate the message to my destination, I’m going to program all those pieces throughout outer space. Each small piece will be routed randomly to its destination.”
High dynamics and mobility of LEO satellites must be taken into consideration. Why? They are flying at speeds of about 7 to 10 kilometers per second… in outer space. For an attacker to decrypt a message, or code, they must intercept each piece of information, assemble them, and then work on the decryption.
“Outer space is huge,” Shu said. “No attacker has physical access to each of those pieces. Therefore, my method won’t allow attackers to obtain the raw material to get those pieces in the first place. There is no way for them to proceed to the second stage of doing the decryption because you don't even have the full picture of that message.”
Shu said his project will also study cyberattacks on the availability of LEO networks by considering stealthy, intermittent and selective packet dropping attacks. A novel detection method will be developed to accurately identify those packet droppers under harsh inter-satellite communications environments caused by the high mobility.
Evaluation of all proposed methods will be performed on a scale-down snapshot-oriented static testbed, complemented by computer simulations on satellite-orbiting-trace data of real LEO systems, such as Starlink and OneWeb.
As LEO satellite networks are now being integrated into our 5G and Beyond-5G cellular networks, soon we will all be able to enjoy the ubiquitous coverage of these systems. For example, in the middle of a desert, an ocean, a mountain, or any remote/rural areas where traditional cellular signals cannot cover, or in any disastrous situations where the cellular towers have been damaged, Shu said.
“People deserve a guarantee on the security and safety of this critical infrastructure. Something must be done to ensure that this important infrastructure can be counted/relied on when people need it the most. This project is one step forward toward that guarantee.”
Media Contact: , jem0040@auburn.edu, 334.844.3447
Tao Shu's research earned a three-year, $300,000 National Science Foundation grant.
