The document discusses methods for protecting satellite communication links. Conventional protection involves coded commands, but these add costly equipment and weight. Modern protection uses encryption or intrusion detection systems. Encryption, like AES-128, encrypts data in transit to prevent unauthorized access. Intrusion detection systems monitor traffic for anomalies, using a traffic analyzer to collect statistics and a SYN detector to monitor connection handshakes.
The document discusses methods for protecting satellite communication links. Conventional protection involves coded commands, but these add costly equipment and weight. Modern protection uses encryption or intrusion detection systems. Encryption, like AES-128, encrypts data in transit to prevent unauthorized access. Intrusion detection systems monitor traffic for anomalies, using a traffic analyzer to collect statistics and a SYN detector to monitor connection handshakes.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPT, PDF, TXT or read online from Scribd
The document discusses methods for protecting satellite communication links. Conventional protection involves coded commands, but these add costly equipment and weight. Modern protection uses encryption or intrusion detection systems. Encryption, like AES-128, encrypts data in transit to prevent unauthorized access. Intrusion detection systems monitor traffic for anomalies, using a traffic analyzer to collect statistics and a SYN detector to monitor connection handshakes.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPT, PDF, TXT or read online from Scribd
Introduction Conventional Protection Advanced link protection Encryption Intrusion Detection Systems
Msc. Telecommmunication Eng. 2
Introduction Link Protection is a blanket term that refers to the methods employed to thwart attempts to “steal” data from a data transfer link . For an Unprotected Link, traffic is sent and received in “cleartext”, which means that anybody who can “see” the network traffic is free to copy and use the data on the link as they see fit .
Msc. Telecommmunication Eng. 3
Conventional Link Protection Conventional methods for protecting ground controlled satellites from unauthorized acquisition include the use of a coded command. For such system the required electronic phase synchronization equipment is not only costly but also adds weight to the system resulting in payload reduction by as much as 28pounds.
Msc. Telecommmunication Eng. 4
Advanced link protection
In modern ways satelite link protection is
done by either Encryption Intrusion Detection Systems
Msc. Telecommmunication Eng. 5
Encryption Encryption is typically used to take this ability away from those watching network traffic. This makes it possible to transfer media from the content source to a rendering device in a secure manner. Normally Advanced Encryption Standard (AES-128) is used to encrypt data before transport.
Msc. Telecommmunication Eng. 6
This encryption establishes the secure channel necessary for Link Protection. Hence Earth Stations can authenticate other Earth Stations, as well as communicate without fear of content misuse or theft. And normally this is implemented relatively transparently.
Msc. Telecommmunication Eng. 7
Msc. Telecommmunication Eng. 8 Msc. Telecommmunication Eng. 9 Intrusion Detection Systems The advanced method is the use of Intrusion Detection System (IDS) IDS will be properly tailored to detect anomalous events along interconnected networks and provide countermeasures to avoid system failure
Msc. Telecommmunication Eng. 10
Satellite IDS exploits two types methods Traffic analyzer, and The SYN detector
Msc. Telecommmunication Eng. 11
Traffic analyzer Traffic analyzer probes run on the access router of all the networks interfaced to the satellite network. Such probes aim to collect statistics about traffic coming from and going to the satellite network. Specifically, a traffic analyzer grabs the number of transferred bytes over any active connection. A time interval must be defined for such measurements. A large value allows a better measurement accuracy, but it slows down statistic updates for the attack detection matters. On the contrary, a low value could be affected by transitory traffic dynamics, as for instance unexpected traffic spikes or idle times.
Msc. Telecommmunication Eng. 12
The “SYN detector”
The SYN detector is installed on Satellite
gateway and is in charge to monitor all the traffic in order to create an IPFIX record for every SYN/FIN exchange through satellite link. Each record includes the parameters identifying the specific connection and it is enhanced with the time information.
Msc. Telecommmunication Eng. 13
Telespazio (TSP) a satellite geostationary link, remote terrestrial LAN of Polska Telefonia Cyfrowa (PTC), ISP represented by Telefonica (TID).