Overview of Security Issues and Defense Technologies for Low Earth Orbit Satellite Network
-
摘要: 随着低轨卫星网络的快速发展,其应用领域日益广泛,与人工智能等技术融合程度日益趋深,但随之而来的安全问题也更加凸显。该文旨在综述低轨卫星网络面临的主要安全问题,并探讨相应的防御技术。该文首先概述低轨卫星网络的发展情况,不同于现有综述侧重于物理层安全的现状,该文针对低轨卫星网络安全问题,特别是网络层安全进行了系统性研究。该文详细介绍了低轨卫星网络的体系架构、独有的网络特征和脆弱性,并分析了其脆弱性机理,系统地介绍了低轨卫星网络面临的不同威胁手段的安全问题。在此基础上,对基于虚拟仿真、人工智能等先进技术的防御技术进行研究与分析,并对未来低轨卫星网络的安全发展方向提出了建议。Abstract:
Significance In recent years, Low-Earth Orbit (LEO) satellite networks have experienced rapid development, demonstrating broad application prospects in mobile communications, the Internet of Things (IoT), maritime operations, and other domains. These networks are poised to become a critical component of next-generation network architectures. Currently, leading global and domestic commercial entities are actively deploying mega-constellations to enable worldwide mobile communication and broadband internet services. However, as the scale of LEO constellations expands, the satellite networks are increasingly exposed to both anthropogenic threats (e.g., cyberattacks) and environmental hazards (e.g., space debris). Existing review studies have systematically summarized research on security threats and defense mechanisms across the physical, network, and application layers of LEO satellite networks. Nevertheless, gaps remain in prior literature: First, lack of technical granularity. Many studies provide taxonomies of security issues but fail to focus sufficiently on domain-specific cybersecurity challenges or delve into technical details. Second, overemphasis on integrated space-terrestrial networks. Existing reviews often prioritize the broader context of space-air-ground-sea integrated networks, obscuring the unique vulnerabilities inherent to LEO satellite architectures. Third, imbalanced layer-specific analysis: Current works predominantly address physical and link-layer security, while insufficiently highlighting the distinct characteristics of network-layer threats. Building upon prior research, this paper presents a comprehensive review of security challenges and defense technologies in LEO satellite networks. By analyzing the inherent vulnerabilities of these systems, we provide an in-depth exploration of security threats, particularly those targeting network-layer integrity. Furthermore, we critically evaluate cutting-edge defense mechanisms developed to mitigate realistic threats, offering insights into their technical principles and implementation challenges. Progress This paper first elaborates on the architecture of LEO satellite networks, systematically analyzing the composition and functional roles of three core components: the space segment, ground segment, and user segment. It then summarizes the operational characteristics of LEO networks, including their dynamic multi-layer topology, globally ubiquitous coverage, low-latency data transmission, and resilient resource allocation mechanisms. These intrinsic characteristics fundamentally enable LEO networks to deliver high-quality communication services. Subsequently, this study identifies potential vulnerabilities across four dimensions: nodes, links, protocols, and infrastructure. Due to the open nature of satellite links, transmitted data are susceptible to eavesdropping, where adversaries may intercept satellite signals, predict orbital dynamics, and deploy surveillance systems preemptively. Prior research has addressed satellite communication security through physical-layer security designs and scenario-specific eavesdropping analyses. Through theoretical modeling and case studies, this work categorizes multiple Denial-of-Service (DoS) attack variants and explores routing attack risks inherent to the open architecture of LEO networks. Furthermore, it classifies electronic countermeasure interference types based on target scenarios and adversarial objectives. To counter these threats, the paper evaluates emerging defense technologies, including encryption-based security frameworks, resilient routing protocols, and digital twin-enabled virtualization platforms for network simulation and secure design optimization. Finally, it highlights cutting-edge AI-driven security solutions, such as machine learning-powered anomaly detection and federated learning for distributed threat intelligence. Conclusions This review critically examines the evolution of LEO satellite networks, identifying critical gaps in systematic analysis and comprehensive threat coverage within existing studies. By establishing a four-dimensional vulnerability framework—node vulnerabilities arising from harsh space environmental conditions, link vulnerabilities exacerbated by high orbital dynamics, protocol vulnerabilities stemming from commercial standardization compromises, and infrastructure vulnerabilities due to tight coupling with terrestrial internet systems—the study systematically classifies security threats across physical, network, and application layers. The paper further dissects attack methodologies unique to each threat category and evaluates advanced countermeasures. Notable innovations include quantum cryptography-enhanced encryption systems, fault-tolerant routing algorithms, virtualized network emulation environments, and AI-empowered security paradigms leveraging deep learning and federated learning architectures. These technologies not only significantly enhance the security posture of LEO networks but also demonstrate transformative potential for future adaptive security frameworks. However, challenges persist in balancing computational overhead with real-time operational constraints, necessitating further research into lightweight cryptographic primitives and cross-domain collaborative defense mechanisms. This synthesis provides a foundational reference for advancing next-generation satellite network security while underscoring the imperative for interdisciplinary innovation in space-terrestrial converged systems. Prospects Looking ahead, research on the security of LEO satellite networks will constitute a long-term and complex process. With the integration of emerging technologies such as quantum communication and artificial intelligence, security defense mechanisms in LEO satellite networks will evolve toward greater intelligence and automation. Emerging technologies are anticipated to play increasingly critical roles in this domain, particularly through advancements in adaptive intelligent networking technologies and intelligent networking protocol architectures. These developments will support the efficient convergence of space-air-ground-sea integrated networks. The application of deep learning methodologies to analyze network characteristics and construct corresponding neural network models will further enhance network adaptability and coordination. Concurrently, as commercial deployment of LEO satellite networks accelerates, the critical challenge of balancing security requirements with economic efficiency warrants in-depth investigation. Future research should prioritize cost-benefit analyses and explore optimal trade-offs between cybersecurity and service efficiency across diverse application scenarios. Furthermore, international collaboration is expected to assume a pivotal role in the security governance of LEO satellite networks, particularly through jointly establishing international standards and regulatory frameworks to address transnational security threats. This multilateral approach will be essential for maintaining the integrity and resilience of next-generation satellite infrastructures in an increasingly interconnected orbital environment. -
表 1 低轨卫星网络安全问题总结
安全问题 具体手段 威胁描述 威胁影响 窃听攻击 窃听链路 窃听并破解传输的信息 数据泄露 拒绝服务攻击 链路阻塞 分布式恶意流量作用于目标链路 阻塞链路,增大时延 节点失效 恶意流量占据节点服务 增大时延 能量消耗 恶意流量消耗节点资源 降低可用性 路由攻击 伪造更新 引导进入攻击者控制的节点或网络路径 信息准确性 篡改协议 篡改路由协议的控制消息或者数据包 改变路径,增大时延 路由劫持 在控制的路径窃取或丢弃数据 数据泄露、降低可用性
电子对抗干扰对卫星干扰 地面或空间设备对卫星进行干扰 降低可用性 对终端干扰 地面或空间设备对用户终端进行干扰 降低可用性 
下载: 导出CSV
-
[1] 陈全, 杨磊, 郭剑鸣, 等. 低轨巨型星座网络: 组网技术与研究现状[J]. 通信学报, 2022, 43(5): 177–189. doi: 10.11959/j.issn.1000-436x.2022075.CHEN Quan, YANG Lei, GUO Jianming, et al. LEO mega-constellation network: Networking technologies and state of the art[J]. Journal on Communications, 2022, 43(5): 177–189. doi: 10.11959/j.issn.1000-436x.2022075. [2] LI Xiangling, FENG Wei, WANG Jue, et al. Enabling 5G on the ocean: A hybrid satellite-UAV-terrestrial network solution[J]. IEEE Wireless Communications, 2020, 27(6): 116–121. doi: 10.1109/MWC.001.2000076. [3] DEL PORTILLO I, CAMERON B G, and CRAWLEY E F. A technical comparison of three low earth orbit satellite constellation systems to provide global broadband[J]. Acta Astronautica, 2019, 159: 123–135. doi: 10.1016/j.actaastro.2019.03.040. [4] BHATTACHERJEE D and SINGLA A. Network topology design at 27, 000 km/hour[C]. The 15th International Conference on Emerging Networking Experiments and Technologies, Orlando, USA, 2019: 341–354. doi: 10.1145/3359989.3365407. [5] 安建平, 李建国, 于季弘, 等. 空天通信网络关键技术综述[J]. 电子学报, 2022, 50(2): 470–479. doi: 10.12263/DZXB.20210029.AN Jianping, LI Jianguo, YU Jihong, et al. Key technologies of space-air-ground communication networks: A survey[J]. Acta Electronica Sinica, 2022, 50(2): 470–479. doi: 10.12263/DZXB.20210029. [6] CAO Huan, WU Lili, CHEN Yue, et al. Analysis on the security of satellite internet[C]. The 17th China Cyber Security Annual Conference, Beijing, China, 2020: 193–205. doi: 10.1007/978-981-33-4922-3_14. [7] LI Bin, FEI Zesong, ZHOU Caiqiu, et al. Physical-layer security in space information networks: A survey[J]. IEEE Internet of Things Journal, 2020, 7(1): 33–52. doi: 10.1109/JIOT.2019.2943900. [8] WANG Yuntao, SU Zhou, NI Jianbing, et al. Blockchain-empowered space-air-ground integrated networks: Opportunities, challenges, and solutions[J]. IEEE Communications Surveys & Tutorials, 2022, 24(1): 160–209. doi: 10.1109/COMST.2021.3131711. [9] GUO Hongzhi, LI Jingyi, LIU Jiajia, et al. A survey on space-air-ground-sea integrated network security in 6G[J]. IEEE Communications Surveys & Tutorials, 2022, 24(1): 53–87. doi: 10.1109/COMST.2021.3131332. [10] YUE Pingyue, AN Jianping, ZHANG Jiankang, et al. Low earth orbit satellite security and reliability: Issues, solutions, and the road ahead[J]. IEEE Communications Surveys & Tutorials, 2023, 25(3): 1604–1652. doi: 10.1109/COMST.2023.3296160. [11] TEDESCHI P, SCIANCALEPORE S, and DI PIETRO R. Satellite-based communications security: A survey of threats, solutions, and research challenges[J]. Computer Networks, 2022, 216: 109246. doi: 10.1016/j.comnet.2022.109246. [12] MANULIS M, BRIDGES C P, HARRISON R, et al. Cyber security in new space[J]. International Journal of Information Security, 2021, 20(3): 287–311. doi: 10.1007/s10207-020-00503-w. [13] KANG M, PARK S, and LEE Y. A survey on satellite communication system security[J]. Sensors, 2024, 24(9): 2897. doi: 10.3390/s24092897. [14] CHEN Quan, GIAMBENE G, YANG Lei, et al. Analysis of inter-satellite link paths for LEO mega-constellation networks[J]. IEEE Transactions on Vehicular Technology, 2021, 70(3): 2743–2755. doi: 10.1109/TVT.2021.3058126. [15] 李元龙, 李志强. 基于STK的Starlink星座覆盖仿真分析[J]. 指挥控制与仿真, 2023, 45(1): 119–129. doi: 10.3969/j.issn.1673-3819.2023.01.019.LI Yuanlong amd LI Zhiqiang. Simulation analysis of Starlink constellation coverage based on STK[J]. Command Control & Simulation, 2023, 45(1): 119–129. doi: 10.3969/j.issn.1673-3819.2023.01.019. [16] KLENZE T, GIULIARI G, PAPPAS C, et al. Networking in heaven as on earth[C]. The 17th ACM Workshop on Hot Topics in Networks, Redmond, USA, 2018: 22–28. doi: 10.1145/3286062.3286066. [17] 朱沁雨, 曹延华, 陶海成, 等. 低轨星座网络拓扑的抗毁性研究进展[J]. 计算机工程与应用, 2022, 58(17): 1–12. doi: 10.3778/j.issn.1002-8331.2203-0316.ZHU Qinyu, CAO Yanhua, TAO Haicheng, et al. Research progress on survivability of low-orbit constellation network topology[J]. Computer Engineering and Applications, 2022, 58(17): 1–12. doi: 10.3778/j.issn.1002-8331.2203-0316. [18] ESA. Space debris by the numbers[EB/OL]. https://www.esa.int/Safety_Security/Space_Debris/Space_debris_by_the_numbers, 2024. [19] Kepler Communications. Application of space exploration holdings, LLC, for modification of authorization for the SpaceX NGSO satellite system[EB/OL]. https://licensing.fcc.gov/myibfs/download.do?attachment_key=2638397, 2020. [20] LI Yuanjie, LI Hewu, LIU Wei, et al. A networking perspective on Starlink’s self-driving LEO mega-constellation[C]. The 29th Annual International Conference on Mobile Computing and Networking, Madrid, Spain, 2023: 17. doi: 10.1145/3570361.3592519. [21] MA Sami, CHOU Y C, ZHANG Miao, et al. LEO satellite network access in the wild: Potentials, experiences, and challenges[J]. IEEE Network, 2024, 38(6): 396–403. doi: 10.1109/MNET.2024.3391271. [22] AN Kang, LIN Min, OUYANG Jian, et al. Secure transmission in cognitive satellite terrestrial networks[J]. IEEE Journal on Selected Areas in Communications, 2016, 34(11): 3025–3037. doi: 10.1109/JSAC.2016.2615261. [23] BANKEY V and UPADHYAY P K. Physical layer security of multiuser multirelay hybrid satellite-terrestrial relay networks[J]. IEEE Transactions on Vehicular Technology, 2019, 68(3): 2488–2501. doi: 10.1109/TVT.2019.2893366. [24] ZHANG Le, DU Ye, and SUN Zhengyang. Modeling and analysis of cascading failures in LEO satellite networks[J]. IEEE Transactions on Network Science and Engineering, 2024, 11(1): 807–822. doi: 10.1109/TNSE.2023.3308610. [25] NGUYEN T N, TRAN D H, CHIEN T V, et al. Security and reliability analysis of satellite-terrestrial multirelay networks with imperfect CSI[J]. IEEE Systems Journal, 2023, 17(2): 2824–2835. doi: 10.1109/JSYST.2022.3201128. [26] AO Di, SHI Ruisheng, LAN Lina, et al. On the large-scale traffic DDoS threat of space backbone network[C]. 2019 IEEE 5th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS), Washington, USA, 2019: 192–194. doi: 10.1109/BigDataSecurity-HPSC-IDS.2019.00045. [27] ZHANG Yan, WANG Yong, HU Yihua, et al. Security performance analysis of LEO satellite constellation networks under DDoS attack[J]. Sensors, 2022, 22(19): 7286. doi: 10.3390/s22197286. [28] GIULIARI G, CIUSSANI T, PERRIG A, et al. ICARUS: Attacking low earth orbit satellite networks[C/OL]. 2021 USENIX Annual Technical Conference, 2021: 317–331. [29] ZHANG Yaoying, WU Qian, LAI Zeqi, et al. Energy drain attack in satellite internet constellations[C]. 2023 IEEE/ACM 31st International Symposium on Quality of Service, Orlando, USA, 2023: 1–10. doi: 10.1109/IWQoS57198.2023.10188709. [30] KIM T H J, BASESCU C, JIA Limin, et al. Lightweight source authentication and path validation[C]. 2014 ACM conference on SIGCOMM, Chicago, USA, 2014: 271–282. doi: 10.1145/2619239.2626323. [31] 薛文浩, 潘恬, 卢诚承, 等. 低轨卫星网络星间路由安全机制研究[J]. 天地一体化信息网络, 2023, 4(2): 13–23. doi: 10.11959/j.issn.2096-8930.2023015.XUE Wenhao, PAN Tian, LU Chengcheng, et al. Research on LEO satellite network routing security[J]. Space-Integrated-Ground Information Networks, 2023, 4(2): 13–23. doi: 10.11959/j.issn.2096-8930.2023015. [32] PIRAYESH H and ZENG Huacheng. Jamming attacks and anti-jamming strategies in wireless networks: A comprehensive survey[J]. IEEE Communications Surveys & Tutorials, 2022, 24(2): 767–809. doi: 10.1109/COMST.2022.3159185. [33] LIU Wei, LI Yuanjie, LI Hewu, et al. The dark side of scale: Insecurity of direct-to-cell satellite mega-constellations[C]. 2024 IEEE Symposium on Security and Privacy, San Francisco, USA, 2024: 445–464. doi: 10.1109/SP54263.2024.00149. [34] ZHANG Yunfan, HAN Chi, CHU Feihuang, et al. Jamming analysis between non-cooperative mega-constellations based on satellite network capacity[J]. Electronics, 2024, 13(12): 2330. doi: 10.3390/electronics13122330. [35] 梁丽木, 姬少培, 金星虎, 等. 基于密码的卫星互联网安全防护体系研究[J]. 信息安全与通信保密, 2024(2): 31–39. doi: 10.3969/j.issn.1009-8054.2024.02.005.LIANG Limu, JI Shaopei, JIN Xinghu, et al. Research on the security protection system of satellite internet based on cryptography[J]. Information Security and Communications Privacy, 2024(2): 31–39. doi: 10.3969/j.issn.1009-8054.2024.02.005. [36] VILLAR A, LOHRMANN A, BAI Xueliang, et al. Entanglement demonstration on board a nano-satellite[J]. Optica, 2020, 7(7): 734–737. doi: 10.1364/OPTICA.387306. [37] YIN Juan, LI Yuhuai, LIAO Shengkai, et al. Entanglement-based secure quantum cryptography over 1, 120 kilometres[J]. Nature, 2020, 582(7813): 501–505. doi: 10.1038/s41586-020-2401-y. [38] 左珮良, 侯少龙, 郭超, 等. 基于强化学习的多层卫星网络边缘安全决策方法[J]. 通信学报, 2022, 43(6): 189–199. doi: 10.11959/j.issn.1000−436x.2022111.ZUO Peiliang, HOU Shaolong, GUO Chao, et al. Security decision method for the edge of multi-layer satellite network based on reinforcement learning[J]. Journal on Communications, 2022, 43(6): 189–199. doi: 10.11959/j.issn.1000−436x.2022111. [39] 刘之莹, 王兴伟, 徐双, 等. 基于预计算的软件定义卫星网络节能路由[J]. 网络空间安全, 2019, 10(11): 100–109. doi: 10.3969/j.issn.1674-9456.2019.11.016.LIU Zhiying, WANG Xingwei, XU Shuang, et al. Precomputation based energy-saving routing for software defined satellite networks[J]. Cyberspace Security, 2019, 10(11): 100–109. doi: 10.3969/j.issn.1674-9456.2019.11.016. [40] FRATTY R, SAAR Y, KUMAR R, et al. Random routing algorithm for enhancing the cybersecurity of LEO satellite networks[J]. Electronics, 2023, 12(3): 518. doi: 10.3390/electronics12030518. [41] 崔荣芳, 徐湛, 职如昕. 低轨卫星星座快速响应链路损毁路由算法[J]. 电讯技术, 2023, 63(8): 1165–1172. doi: 10.20079/j.issn.1001-893x.220228001.CUI Rongfang, XU Zhan, and ZHI Ruxin. A quick-response link destruction routing algorithm for LEO satellite constellation[J]. Telecommunication Engineering, 2023, 63(8): 1165–1172. doi: 10.20079/j.issn.1001-893x.220228001. [42] XIE Nannan, XIE Lijia, YUAN Qizhao, et al. Research on dos attack simulation and detection in low-orbit satellite network[C]. The 23rd International Conference on Algorithms and Architectures for Parallel Processing, Tianjin, China, 2024: 240–251. doi: 10.1007/978-981-97-0811-6_14. [43] LI Hui, SHI Dongcong, WANG Weizheng, et al. Secure routing for LEO satellite network survivability[J]. Computer Networks, 2022, 211: 109011. doi: 10.1016/j.comnet.2022.109011. [44] PAN Tian, HUANG Tao, LI Xingchen, et al. OPSPF: Orbit prediction shortest path first routing for resilient LEO satellite networks[C]. 2019 IEEE International Conference on Communications, Shanghai, China, 2019: 1–6. doi: 10.1109/ICC.2019.8761611. [45] JIANG Wei, JIANG Hao, XIE Yulai, et al. SatShield: In-network mitigation of link flooding attacks for LEO constellation networks[J]. IEEE Internet of Things Journal, 2024, 11(16): 27340–27355. doi: 10.1109/JIOT.2024.3397865. [46] WANG Xiangtong, HAN Xiaodong, YANG Menglong, et al. Space networking kit: A novel simulation platform for emerging LEO mega-constellations[C]. IEEE International Conference on Communications, Denver, USA, 2024: 5590–5595. doi: 10.1109/ICC51166.2024.10622181. [47] LAI Zeqi, DENG Yangtao, LI Hewu, et al. Space digital twin for secure satellite internet: Vulnerabilities, methodologies, and future directions[J]. IEEE Network, 2024, 38(1): 30–37. doi: 10.1109/MNET.2023.3337141. [48] GAO Yue, QIU Kun, CHEN Zhe, et al. Plotinus: A satellite internet digital twin system[J]. Journal of Communications and Information Networks, 2024, 9(1): 24–33. doi: 10.23919/JCIN.2024.10494942. [49] HENAREJOS P, VÁZQUEZ M Á, and PÉREZ-NEIRA A I. Deep learning for experimental hybrid terrestrial and satellite interference management[C]. The 2019 IEEE 20th International Workshop on Signal Processing Advances in Wireless Communications, Cannes, France, 2019: 1–5. doi: 10.1109/SPAWC.2019.8815532. [50] AL HOMSSI B, DAKIC K, WANG Ke, et al. Artificial intelligence techniques for next-generation massive satellite networks[J]. IEEE Communications Magazine, 2024, 62(4): 66–72. doi: 10.1109/MCOM.004.2300277. [51] YU Changgeun, KIM D, LEE H, et al. GPU-accelerated CNN inference for onboard DQN-based routing in dynamic LEO satellite networks[J]. Aerospace, 2024, 11(12): 1028. doi: 10.3390/aerospace11121028. [52] LIRIM A and DAGLI C. Network intrusion detection system using deep learning[J]. Procedia Computer Science, 2021, 185: 239–247. doi: 10.1016/j.procs.2021.05.025. [53] CHEN Hao, XIAO Ming, and PANG Zhibo. Satellite-based computing networks with federated learning[J]. IEEE Wireless Communications, 2022, 29(1): 78–84. doi: 10.1109/MWC.008.00353. [54] LIN Zheng, CHEN Zhe, FANG Zihan, et al. FedSN: A federated learning framework over heterogeneous LEO satellite networks[J]. IEEE Transactions on Mobile Computing, 2025, 24(3): 1293–1307. doi: 10.1109/TMC.2024.3481275. -
图(5) / 表(1)
计量
- 文章访问数: 101
- HTML全文浏览量: 75
- PDF下载量: 31
- 被引次数: 0
下载:
