International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.4,July20132
The threeprimary AON components thatare vulnerable to security attacksareopticalamplifiers,fibersand optical switches. These optical components are specifically prone to gain competitionand crosstalk respectively. Crosstalkcausessignalin one channelto leak into unintended channelsproducinginterference toother optical signals passing through theAON. Optical switchesandother similar components exhibit high crosstalk due to non-ideal demultiplexing and spaceswitching.Coherent crosstalk in wavelength routers, for instance within wavelength selectiveswitches for WDM systems, can allow an illegitimate user on a particular channel on one fiber(i.e., attacker)to jamanother user on the same wavelength on a differentfiber, which is known as
in-band jamming attack
.Thus an in-band jammer who injects a signal on a single wavelength intoa link using high power transmitter can destroy many signals on that wavelengthsince channelsof the same wavelength from different fibersshare the same switching plane.An attacker,aperson internal to the network oranexternal remote person,candisrupt the operation of anoptical node byexploitingthesecross-talk characteristics ofswitches byinjecting a very highpower attack signal through the wavelength selective switch.A second type of attack, knownas
, exploits gaincompetition propertyof optical amplifiers.If anattackerinjectsa strong signal at a wavelength outside the communication band, but within the passbandof theamplifierthenthe gains of the legitimatesignals may be reduced considerably.The attack canwork becausetheamplifier cannot distinguishbetweenattack signalsand legitimate signalsandprovidesgain to each signal indiscriminatelyin proportion to its strengthfrom a finite supplyof gain. As a result the legitimate signalsbecome weaker and weaker.The gain competitionattack, also known as
out-of-band jamming attack
,can resultin denial of service tolegitimateusers. In some instances, it may be possible to deny service to manyusers from a legitimatenetwork access point via the gaincompetition attack .To foil the in-band and out-of-band jamming attacksin AON, some preventive countermeasureshave beenproposed in , , ,, , , , ,and which are primarily focusedon detection and attack localization, i.e., reactive approach.Three types of preventivecountermeasure categories are primarily focused in :1) incorporating band limiting filters tothwart signals outside certain band to prevent out-of-band gain competition and reducingvulnerabilitiesintrinsic to hardware, 2) providing anti-jamming transmission schemes such asCDMA or TDMA that are hardened for anti-jamming and anti-tapping measures and 3) protocolsand architecture designs adapted to AONs, such as avoiding compromised link for sensitivecommunications.Although  mentions some suggestions for preventive measure,thesesuggested preventive countermeasures are not implemented as a secured systemand therefore,there is no in-depth discussion about how to implement these ideas, whatchallenges may arisethrough adoption of such security measures and how much security they may provide toAONs.The concept of attack awarenetwork planning hasalsobeen proposed in,,and .In , the propagation of high-power jammingattack is stopped by using powerequalizers in different nodes, which suggestsplacing the optical attenuators within opticalcomponents.This paperdeals with incorporating security inAONsusingbothproactiveprevention techniquesand reactiveon-the-fly restorationtechniques.Establishmentand restorationof secured lightpathsareperformed using three major steps as shown in Figure1:generation andmanagement of component security databaseat source nodes, establishment of secured lightpath, andpartialrestoration of lightpathin case of anattack. First,securityindices representing securityrisk factorsofcomponentsare calculated andsecuritydatabasesarecreatedfortheAON infrastructure.