-
8/7/2019 SATELLITE LINK PROTECTION
1/15
Msc. Telecommmunication Eng. 1
TOPIC: SATELLITE LINK PROTECTION
-
8/7/2019 SATELLITE LINK PROTECTION
2/15
Msc. Telecommmunication Eng. 2
Presentation Layout
Introduction
Conventional Protection
Advanced link protection Encryption
Intrusion Detection Systems
-
8/7/2019 SATELLITE LINK PROTECTION
3/15
Msc. Telecommmunication Eng. 3
Introduction
Link Protection is a blanket term that refers tothe methods
employed to thwart attempts tosteal data from a data transfer link
.
For an Unprotected Link, traffic is sent andreceived in
cleartext, which means thatanybody who can see the network traffic
is freeto copy and use the data on the link as they see
fit .
-
8/7/2019 SATELLITE LINK PROTECTION
4/15
Msc. Telecommmunication Eng. 4
Conventional Link Protection
Conventional methods for protecting ground
controlled satellites from unauthorized
acquisition include the use of a coded
command.
For such system the required electronic
phase synchronization equipment is not only
costly but also adds weight to the systemresulting in payload
reduction by as much as
28pounds.
-
8/7/2019 SATELLITE LINK PROTECTION
5/15
Msc. Telecommmunication Eng. 5
Advanced link protection
In modern ways satelite link protection is
done by either
Encryption
Intrusion Detection Systems
-
8/7/2019 SATELLITE LINK PROTECTION
6/15
Msc. Telecommmunication Eng. 6
Encryption
Encryption is typically used to take this ability
away from those watching network traffic.
This makes it possible to transfer media fromthe content source
to a rendering device in a
secure manner.
Normally Advanced Encryption Standard
(AES-128) is used to encrypt data beforetransport.
-
8/7/2019 SATELLITE LINK PROTECTION
7/15
Msc. Telecommmunication Eng. 7
This encryption establishes the secure
channel necessary for Link Protection.
Hence Earth Stations can authenticate other Earth
Stations, as well as communicate without fear of
content misuse or theft.
And normally this is implemented relatively
transparently.
-
8/7/2019 SATELLITE LINK PROTECTION
8/15
Msc. Telecommmunication Eng. 8
-
8/7/2019 SATELLITE LINK PROTECTION
9/15
Msc. Telecommmunication Eng. 9
-
8/7/2019 SATELLITE LINK PROTECTION
10/15
Msc. Telecommmunication Eng. 10
Intrusion Detection Systems
The advanced method is the use of Intrusion
Detection System (IDS)
IDS will be properly tailored to detect
anomalous events along interconnected
networks and provide countermeasures to
avoid system failure
-
8/7/2019 SATELLITE LINK PROTECTION
11/15
Msc. Telecommmunication Eng. 11
Satellite IDS exploits two types methods
Traffic analyzer, and
The SYN detector
-
8/7/2019 SATELLITE LINK PROTECTION
12/15
Msc. Telecommmunication Eng. 12
Traffic analyzer
Traffic analyzer probes run on the access router of allthe
networks interfaced to the satellite network. Suchprobes aim to
collect statistics about traffic coming fromand going to the
satellite network.
Specifically, a traffic analyzer grabs the number oftransferred
bytes over any active connection.
A time interval must be defined for such measurements.
A large value allows a better measurement accuracy,
but it slows down statistic updates for the attackdetection
matters.
On the contrary, a low value could be affected bytransitory
traffic dynamics, as for instance unexpectedtraffic spikes or idle
times.
-
8/7/2019 SATELLITE LINK PROTECTION
13/15
Msc. Telecommmunication Eng. 13
The SYN detector
The SYN detector is installed on Satellite
gateway and is in charge to monitor all the
traffic in order to create an IPFIX record for
every SYN/FIN exchange through satellite
link.
Each record includes the parameters
identifying the specific connection and it isenhanced with the
time information.
-
8/7/2019 SATELLITE LINK PROTECTION
14/15
Msc. Telecommmunication Eng. 14
Telespazio (TSP) a satellite geostationary link,
remote terrestrial LAN of Polska Telefonia Cyfrowa (PTC),
ISP represented by Telefonica (TID).
-
8/7/2019 SATELLITE LINK PROTECTION
15/15
Msc. Telecommmunication Eng. 15
Thanks for your attentions.
