| Summary: | Satellite communications are increasingly crucial for telecommunications, navigation, and Earth observation. However, many widely
used satellites do not cryptographically secure the downlink, opening the door for radio spoofing attacks. Recent developments in
software-defined radio hardware have enabled attacks on wireless
systems including GNSS, which can be effectively spoofed using
only cheap hardware available off the shelf. However, these conclusions do not generalize well to other satellite systems such as high
data rate backhauls or satellite-to-customer connections, where the
spoofing requirements are currently unknown.
In this paper, we present a systematic review of spoofing attacks
against satellite downlink communications systems. We establish
a threat model linking attack feasibility and impact to required
budget through real-world experiments and channel simulations.
Our results show that nearly all evaluated satellite systems were
overshadowable at a distance of 1km in the worst case, for a budget
of ~2000 USD or less.
We evaluate how the key challenges of antenna directionality, legitimate satellite signal presence, modulation schemes, and receiver
saturation can be overcome in practice through antenna sidelobe
targeting, overshadowing, and automatic gain control takeover.
We also show that, surprisingly, protocols designed to be more
robust against channel noise are significantly less robust against an
overshadowing attacker. We conclude with a discussion of physicallayer countermeasures specifically applicable to satellite systems
which can not be cryptographically upgraded.
|
|---|