低轨卫星网络星间路由安全机制研究

doi:10.11959/j.issn.2096-8930.2023015

天地一体化信息网络 ›› 2023, Vol. 4 ›› Issue (2): 13-23.doi: 10.11959/j.issn.2096-8930.2023015

• 专题：卫星互联网安全技术 • 上一篇下一篇

低轨卫星网络星间路由安全机制研究

薛文浩¹, 潘恬¹, 卢诚承¹, 杨帆¹, 黄韬¹^,², 刘韵洁¹^,²

¹ 北京邮电大学网络与交换技术国家重点实验室，北京 100876
² 网络通信与安全紫金山实验室，江苏南京 211111

修回日期:2023-05-10 出版日期:2023-06-20 发布日期:2023-06-01
作者简介:薛文浩（1997- ），男，北京邮电大学硕士生，主要研究方向为低轨卫星网络、网络安全协议、卫星网络仿真系统等
潘恬（1987- ），男，博士，北京邮电大学副教授，博士生导师，主要研究方向为云数据中心网络、低轨卫星网络、高速可编程网络设备等
卢诚承（1998- ），男，北京邮电大学硕士生，主要研究方向为低轨卫星网络、分布式路由协议、卫星网络仿真系统等
杨帆（1981- ），男，博士，北京邮电大学工程师，硕士生导师，主要研究方向为软件定义网络、低轨卫星网络、高性能路由交换技术等
黄韬（1980- ），男，博士，北京邮电大学教授，博士生导师，主要研究方向为未来网络体系架构、软件定义网络、确定性网络等
刘韵洁（1943— ），男，中国工程院院士，主要研究方向为未来网络体系架构、软件定义网络、网络操作系统等
基金资助:
国家重点研发计划资助项目(2018YFB1800602);国家重点研发计划资助项目(2019YFB1802600)

Research on LEO Satellite Network Routing Security

Wenhao XUE¹, Tian PAN¹, Chengcheng LU¹, Fan YANG¹, Tao HUANG¹^,², Yunjie LIU¹^,²

¹ State Key Laboratory of Networking and Switching Technology, BUPT, Beijing 100876, China
² Purple Mountain Laboratories, Nanjing 211111, China

Revised:2023-05-10 Online:2023-06-20 Published:2023-06-01
Supported by:
National Key Research and Development Program of China(2018YFB1800602);National Key Research and Development Program of China(2019YFB1802600)

摘要/Abstract

摘要：

为了保障路由的安全性和抗毁性，设计面向星间路由的安全机制和故障恢复机制成为维护低轨卫星网络可靠通信的关键。为了应对卫星网络可能面临的安全威胁，分析不同路由攻击行为对典型星间路由协议的影响，并设计差异化的协议包安全认证机制和链路故障恢复机制。此外，搭建基于虚拟化技术的卫星网络仿真平台，通过仿真多种路由攻击场景，验证所设计星间路由安全机制的有效性，并评估引入安全机制前后的 CPU 占用率、协议包处理时间等性能指标。实验结果表明，在有限的认证时间和路由开销下，该星间路由安全机制能够有效防范空间网络环境中的多种安全威胁，并减少由突发链路故障引起的通信时延，从而保障低轨卫星网络的安全可靠通信。

关键词: 低轨卫星网络, 路由协议, 路由安全攻击, 链路故障恢复, 安全攻击仿真

Abstract:

The design of secure mechanisms and failure recovery mechanisms for inter-satellite routing has become pivotal in maintaining dependable communication within the LEO satellite network.To address the potential security threats faced by satellite networks, the impact of different routing attack behaviors on a typical inter-satellite routing protocol was analyzed and differentiated packet security authentication mechanisms and link failure recovery mechanisms were designed.Additionally, a satellite network emulation platform based on virtualization technology was constructed, enabled the verification of the effectiveness of the designed inter-satellite routing security mechanisms through the emulation of various routing attack scenarios.Furthermore, performance metrics such as CPU utilization and packet processing time were also evaluated before and after the introduction of security mechanisms.Experimental results demonstrated that the proposed inter-satellite routing security mechanism effectively mitigated multiple security threats in the space network environment while reduced communication latency caused by sudden link failures, thereby ensured secure and reliable communication within the LEO satellite network.

Key words: LEO satellite network, routing protocol, routing security attack, link failure recovery, security attack simulation

中图分类号:

TP393

薛文浩, 潘恬, 卢诚承, 杨帆, 黄韬, 刘韵洁. 低轨卫星网络星间路由安全机制研究[J]. 天地一体化信息网络, 2023, 4(2): 13-23.

Wenhao XUE, Tian PAN, Chengcheng LU, Fan YANG, Tao HUANG, Yunjie LIU. Research on LEO Satellite Network Routing Security[J]. Space-Integrated-Ground Information Networks, 2023, 4(2): 13-23.

图/表 19

图1

图2

图3

图4

图5

图6

图7

图8

图9

图10

图11

图12

图13

图14

图15

图16

图17

图18

图19

参考文献 22

[1]	MCDOWELL J C . The low earth orbit satellite population and impacts of the SpaceX Starlink constellation[J]. The Astrophysical Journal Letters, 2020,892(2): L36.
[2]	HENRI Y . The OneWeb satellite system[M]. Handbook of Small Satellites. Cham: Springer International Publishing, 2020: 1-10.
[3]	PAN T , HUANG T , LI X C ,et al. OPSPF:orbit prediction shortest path first routing for resilient LEO satellite networks[C]// Proceedings of ICC 2019 - 2019 IEEE International Conference on Communications (ICC). Piscataway:IEEE Press, 2019: 1-6.
[4]	RUAN G H , PAN T , LU C C ,et al. Lightweight route flooding via flooding topology pruning for LEO satellite networks[C]// Proceedings of ICC 2022 - IEEE International Conference on Communications. Piscataway:IEEE Press, 2022: 1149-1154.
[5]	李喆, 刘军 . 卫星网络安全路由研究[J]. 通信学报, 2006,27(8): 113-118.
	LI Z , LIU J . Research on secure routing algorithm in satellite networks[J]. Journal on Communications, 2006,27(8): 113-118.
[6]	ASUQUO P , CRUICKSHANK H , OGAH C P A ,et al. A distributed trust management scheme for data forwarding in satellite DTN emergency communications[J]. IEEE Journal on Selected Areas in Communications, 2018,36(2): 246-256.
[7]	YU Z F , ZHOU H G , WU Z F . A trust-based secure routing protocol for multi-layered satellite networks[C]// Proceedings of 2012 IEEE International Conference on Information Science and Technology. Piscataway:IEEE Press, 2012: 313-317.
[8]	VATALARO F , CORAZZA G E , CAINI C ,et al. Analysis of LEO,MEO,and GEO global mobile satellite systems in the presence of interference and fading[J]. IEEE Journal on Selected Areas in Communications, 1995,13(2): 291-300.
[9]	孙文宇, 张伟嘉, 王立民 . 基于深度不确定性估计网络的低轨卫星互联网故障预测方法[J]. 天地一体化信息网络, 2022(2): 89-97.
	SUN W Y , ZHANG W J , WANG L M . Fault detection method of low-orbit satellite Internet based on deep uncertainty estimation network[J]. Space-Integrated-Ground Information Networks, 2022(2): 89-97.
[10]	周笛, 盛敏, 郝琪 ,等. 巨型星座系统的网络运维与资源管控技术[J]. 天地一体化信息网络, 2020(1): 26-35.
	ZHOU D , SHENG M , HAO Q ,et al. Network operation,maintenance and resource management in mega constellation system[J]. Space-Integrated-Ground Information Networks, 2020(1): 26-35.
[11]	刘沛龙, 陈宏宇, 魏松杰 ,等. LEO卫星网络海量遥感数据下行的负载均衡多径路由算法[J]. 通信学报, 2017,38(S1): 135-142.
	LIU P L , CHEN H Y , WEI S J ,et al. Load balancing multipath routing protocol for mass remote sensing data downlink in LEO satellite network[J]. Journal on Communications, 2017,38(S1): 135-142.
[12]	EKICI E , AKYILDIZ I F , BENDER M D . Datagram routing algorithm for LEO satellite networks[C]// Proceedings of Proceedings IEEE INFOCOM 2000.Conference on Computer Communications.Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat.No.00CH37064). Piscataway:IEEE Press, 2002: 500-508.
[13]	WERNER M . A dynamic routing concept for ATM-based satellite personal communication networks[J]. IEEE Journal on Selected Areas in Communications, 1997,15(8): 1636-1648.
[14]	YAN J . Reverse detection based QoS routing algorithm for LEO satellite constellation networks[J]. Tsinghua Science ＆ Technology, 2011,16(4): 358-363.
[15]	BARRITT B J , EDDY W . SDN enhancements for LEO satellite networks[C]// Proceedings of 34th AIAA International Communications Satellite Systems Conference. Virginia:AIAA, 2016.
[16]	MCKEOWN N , ANDERSON T , BALAKRISHNAN H ,et al. OpenFlow[J]. ACM SIGCOMM Computer Communication Review, 2008,38(2): 69-74.
[17]	DOULIGERIS C , SERPANOS D N . Network Security:Current Status and Future Directions[M]. USA: Wiley, 2006.
[18]	MALIK S . Network security principles and practices[Z]. 2002.
[19]	HENDERSON T R , LACAGE M , RILEY G F ,et al. Network simulations with the ns-3 simulator[J]. SIGCOMM demonstration, 2008,14(14): 527.
[20]	LANTZ B , HELLER B , MCKEOWN N . A network in a laptop:rapid prototyping for software-defined networks[C]// Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks. New York:ACM, 2010: 1-6.
[21]	PFAFF B , PETTIT J , KOPONEN T ,et al. The design and implementation of open vswitch[C]// 12th {USENIX} Symposium on Networked Systems Design and Implementation.[S.l.:s.n.], 2015: 117-130.
[22]	QI J Q , LI Z M , LIU G L . Research on coverage and link of multi-layer Satellite Network based on STK[C]// Proceedings of 2015 10th International Conference on Communications and Networking in China (ChinaCom). Piscataway:IEEE Press, 2016: 410-415.

低轨卫星网络星间路由安全机制研究

Research on LEO Satellite Network Routing Security

在线阅读

pdf下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 19

参考文献 22

相关文章 1

Metrics

推荐阅读 0