Skip to main content
SpringerLink
Log in

DoSat: A DDoS Attack on the Vulnerable Time-Varying Topology of LEO Satellite Networks

  • Conference paper
  • First Online:
Applied Cryptography and Network Security (ACNS 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14584))

Included in the following conference series:

  • 350 Accesses

Abstract

Low Earth orbit (LEO) satellite networks, which feature low-latency and full-coverage connectivity, promise to revolutionize the Internet and become an indispensable part of the next-generation communications network. However, due to the limited bandwidth and processing resources available on board, LEO satellite networks are susceptible to network attacks, especially link flooding attacks (LFAs). LFAs are a specific type of the notorious DoS attack where the attacker tries to cut off critical network links using seemingly legitimate traffic. Unlike attacks targeted directly on servers, LFAs undermine networks in a more insidious manner. In this paper, we present DoSat (DDoS on Satellites), an LFA attack model that focuses on the time-varying topology of satellite networks. The model takes advantage of such an opportunity to concentrate attack traffic: the traffic having been sent out during the process of path delay switching will reach the destination in tandem. We demonstrate through simulation experiments that DoSat can reduce the cost of LFAs by approximately 20% without any tradeoffs of attack’s undetectability.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 79.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Bhattacherjee, D., et al.: Gearing up for the 21st century space race. In: Proceedings of the 17th ACM Workshop on Hot Topics in Networks, pp. 113–119 (2018)

    Google Scholar 

  2. Bhattacherjee, D., Singla, A.: Network topology design at 27,000 km/hour. In: Proceedings of the 15th International Conference on Emerging Networking Experiments And Technologies, pp. 341–354 (2019)

    Google Scholar 

  3. Cao, J., et al.: The crosspath attack: Disrupting the sdn control channel via shared links. In: 28th USENIX Security Symposium (USENIX Security 19), pp. 19–36 (2019)

    Google Scholar 

  4. Elwalid, A., Chiu, A., Xiao, X., Awduche, D.O.: Overview and Principles of Internet Traffic Engineering. RFC 3272 (May 2002)

    Google Scholar 

  5. Fischer, D., Basin, D., Engel, T.: Topology dynamics and routing for predictable mobile networks. In: 2008 IEEE International Conference on Network Protocols, pp. 207–217. IEEE (2008)

    Google Scholar 

  6. Giuliari, G., Ciussani, T., Perrig, A., Singla, A.: Icarus: attacking low earth orbit satellite networks. In: 2021 USENIX Annual Technical Conference (USENIX ATC 21), pp. 317–331 (2021)

    Google Scholar 

  7. Giuliari, G., Klenze, T., Legner, M., Basin, D., Perrig, A., Singla, A.: Internet backbones in space. ACM SIGCOMM Comput. Commun. Rev. 50(1), 25–37 (2020)

    Article  Google Scholar 

  8. Guo, W., Xu, J., Pei, Y., Yin, L., Jiang, C., Ge, N.: A distributed collaborative entrance defense framework against ddos attacks on satellite internet. IEEE Internet Things J. 9(17), 15497–15510 (2022)

    Article  Google Scholar 

  9. Handley, M.: Delay is not an option: Low latency routing in space. In: Proceedings of the 17th ACM Workshop on Hot Topics in Networks, pp. 85–91 (2018)

    Google Scholar 

  10. Handley, M.: Using ground relays for low-latency wide-area routing in megaconstellations. In: Proceedings of the 18th ACM Workshop on Hot Topics in Networks, pp. 125–132 (2019)

    Google Scholar 

  11. Hsiao, H.C., et al.: Stride: sanctuary trail-refuge from internet ddos entrapment. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, pp. 415–426 (2013)

    Google Scholar 

  12. Jiang, C., Wang, X., Wang, J., Chen, H.H., Ren, Y.: Security in space information networks. IEEE Commun. Mag. 53(8), 82–88 (2015)

    Article  Google Scholar 

  13. Kang, M.S., Lee, S.B., Gligor, V.D.: The crossfire attack. In: 2013 IEEE Symposium on Security and Privacy, pp. 127–141. IEEE (2013)

    Google Scholar 

  14. Kassing, S., Bhattacherjee, D., Águas, A.B., Saethre, J.E., Singla, A.: Exploring the "internet from space" with hypatia. In: Proceedings of the ACM Internet Measurement Conference, pp. 214–229 (2020)

    Google Scholar 

  15. Ke, Y.M., Chen, C.W., Hsiao, H.C., Perrig, A., Sekar, V.: Cicadas: Congesting the internet with coordinated and decentralized pulsating attacks. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, pp. 699–710 (2016)

    Google Scholar 

  16. Kelso, T.: Celestrak: Current norad two-line element sets (2020)

    Google Scholar 

  17. Lee, S.B., Kang, M.S., Gligor, V.D.: Codef: collaborative defense against large-scale link-flooding attacks. In: Proceedings of the Ninth ACM Conference on Emerging Networking Experiments and Technologies, pp. 417–428 (2013)

    Google Scholar 

  18. Liu, J., Xu, J., Li, S., Cui, X., Zhang, Y.: A secure multi-path transmission algorithm based on fountain codes. Trans. Emerg. Telecommun. Technol. 33(5), e4450 (2022)

    Article  Google Scholar 

  19. Mauger, R., Rosenberg, C.: Qos guarantees for multimedia services on a tdma-based satellite network. IEEE Commun. Mag. 35(7), 56–65 (1997)

    Article  Google Scholar 

  20. Mitzenmacher, M., Upfal, E.: Probability and computing: Randomization and probabilistic techniques in algorithms and data analysis. Cambridge University Press (2017)

    Google Scholar 

  21. Rasti, R., Murthy, M., Weaver, N., Paxson, V.: Temporal lensing and its application in pulsing denial-of-service attacks. In: 2015 IEEE Symposium on Security and Privacy, pp. 187–198. IEEE (2015)

    Google Scholar 

  22. Studer, A., Perrig, A.: The coremelt attack. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 37–52. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04444-1_3

    Chapter  Google Scholar 

Download references

Acknowledgements

We would like to thank the anonymous reviewers and our shepherd for their helpful comments on our paper. Tianbo Lu is the corresponding author. This work is supported by the National Natural Science Foundation of China (No. 62162060) and the National Key Research and Development Program of China (No. 2023YFB3105902).

Author information

Authors and Affiliations

  1. School of Computer Science (National Pilot Software Engineering School), Beijing University of Posts and Telecommunications, Beijing, China

    Tianbo Lu, Xia Ding, Jiaze Shang, Pengfei Zhao & Han Zhang

  2. Key Laboratory of Trustworthy Distributed Computing and Service (BUPT), Ministry of Education, Beijing, China

    Tianbo Lu, Xia Ding, Jiaze Shang, Pengfei Zhao & Han Zhang

Authors
  1. Tianbo Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xia Ding
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jiaze Shang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Pengfei Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Han Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Tianbo Lu .

Editor information

Editors and Affiliations

  1. New York University Abu Dhabi, Abu Dhabi, United Arab Emirates

    Christina Pöpper

  2. Radboud University Nijmegen, Nijmegen, The Netherlands

    Lejla Batina

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Lu, T., Ding, X., Shang, J., Zhao, P., Zhang, H. (2024). DoSat: A DDoS Attack on the Vulnerable Time-Varying Topology of LEO Satellite Networks. In: Pöpper, C., Batina, L. (eds) Applied Cryptography and Network Security. ACNS 2024. Lecture Notes in Computer Science, vol 14584. Springer, Cham. https://doi.org/10.1007/978-3-031-54773-7_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-54773-7_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-54772-0

  • Online ISBN: 978-3-031-54773-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation