The document discusses exploiting trust relationships in satellite communication networks. It describes how an attacker could potentially "piggyback" on a satellite network by finding an unused frequency and transmitting data without authorization, akin to adding a "rogue carrier." The document notes challenges in detecting such rogue transmissions and suggests cooperation across satellite operators could help with detection. It concludes by noting previous work compromising the data link layer and suggests combined attacks on the data link and network layers could allow more serious exploitation of satellite systems.
How Global-Scale Personal Lighwaves are Transforming Scientific ResearchLarry Smarr
07.03.08
Speaker
Distinguished Lecturer Series
Department of Computer Science
Title: How Global-Scale Personal Lighwaves are Transforming Scientific Research
UC Davis
The Academic and R&D Sectors' Current and Future Broadband and Fiber Access N...Larry Smarr
05.02.23
Invited Access Grid Talk
MSCMC FORUM Series
Examining the National Vision for Global Peace and Prosperity
Title: The Academic and R&D Sectors' Current and Future Broadband and Fiber Access Needs for US Global Competitiveness
Arlington, VA
How Global-Scale Personal Lightwaves are Transforming Scientific ResearchLarry Smarr
07.03.22
Distinguished Lecturer
Technology for a Changing World Series
Baskin School of Engineering, UCSC
Title: How Global-Scale Personal Lighwaves are Transforming Scientific Research
Santa Cruz, CA
BSides Canberra 2018: A low cost guide to satellite listeningPamela O'Shea
So many satellites are moving and sitting over our heads, and the numbers are ever increasing. Using low cost software defined radio (SDR) and low cost DIY antennas you can make from materials at your local hardware store or garage, a world of fun can be explored.
This is a beginners guide on how to get up and running. Exploring which projects to tackle first, from weather satellites, data over Inmarsat and Iridium, to listening to amateur radio and cube satellites.
Learn about some hardware you can make or scout for online and use at home. A quick tour of the frequency bands requiring some bigger hardware will also be discussed.
06.05.23
Keynote Talk
2006 Technology Horizons Spring Exchange
Science & Technology in 10, 20, & 50 Years
Institute for the Future
Title: Is it Live or is it Telepresence?
San Mateo, CA
OptIPuter-A High Performance SOA LambdaGrid Enabling Scientific ApplicationsLarry Smarr
07.03.21
IEEE Computer Society Tsutomu Kanai Award Keynote
At the Joint Meeting of the: 8th International Symposium on Autonomous Decentralized Systems
2nd International Workshop on Ad Hoc, Sensor and P2P Networks
11th IEEE International Workshop on Future Trends of Distributed Computing Systems
Title: OptIPuter-A High Performance SOA LambdaGrid Enabling Scientific Applications
Sedona, AZ
Experiments in Living in the Virtual/Physical WorldLarry Smarr
10.01.25
Opening Keynote Talk
C5: The Eighth International Conference on
Creating, Connecting and Collaborating through Computing
Title: Experiments in Living in the Virtual/Physical World
La Jolla, CA
07.03.13
Opening Talk
Delegation from the Chief of Naval Operations’ Strategic Studies Group: Cyberspace & Maritime Operations in 2030
Title: Towards Telepresence
La Jolla, CA
Responsive Parameter based an AntiWorm Approach to Prevent Wormhole Attack in...IDES Editor
The recent advancements in the wireless technology
and their wide-spread deployment have made remarkable
enhancements in efficiency in the corporate and industrial
and Military sectors The increasing popularity and usage of
wireless technology is creating a need for more secure wireless
Ad hoc networks. This paper aims researched and developed
a new protocol that prevents wormhole attacks on a ad hoc
network. A few existing protocols detect wormhole attacks but
they require highly specialized equipment not found on most
wireless devices. This paper aims to develop a defense against
wormhole attacks as an Anti-worm protocol which is based on
responsive parameters, that does not require as a significant
amount of specialized equipment, trick clock synchronization,
no GPS dependencies.
[CB20] Drones' Cryptanalysis - Detecting Spying Drones by Ben NassiCODE BLUE
In an "open skies" era in which drones fly among us, a new question arises: how can we tell whether a passing drone is being used by its operator for a legitimate purpose (e.g., delivering pizza) or an illegitimate purpose (e.g., taking a peek at a person showering in his/her own house)? In this talk, I present a new method that can detect whether a specific POI (point of interest) is being video streamed by a drone. I show that applying a periodic physical stimulus on a target/victim being video streamed by a drone causes a watermark to be added to the encrypted video traffic that is sent from the drone to its operator and how this watermark can be detected using interception. Based on this method, I present an algorithm for detecting a privacy invasion attack. I analyze the performance of our algorithm using four commercial drones (DJI Mavic Air, Parrot Bebop 2, DJI Spark, and DJI Mavic Pro) and show how our method can be used to (1) determine whether a detected FPV (first-person view) channel is being used to video stream a person by a drone in 2 seconds, and (2) locate a spying drone in space; we also demonstrate how the physical stimulus can be applied covertly.
Secrecy performance analysis on spatial modeling of wireless communications w...IJECEIAES
In this paper, the secrecy performance of the spatial modeling for ground devices with randomly placed eavesdroppers when an unmanned aerial vehicle (UAV) acted as two hops decode and forward (DF) was investigated. We characterize the secrecy outage probability (SOP) and intercept probability (IP) expressions. Our capacity performance analysis is based on the Rayleigh fading distributions. After analytical results by Monte Carlo simulation, and the Gauss-Chebyshev parameter was selected to yield a close approximation, the results demonstrate the SOP with the average signal-to-noise ratio (SNR) between UAV and ground users among the eavesdroppers and the IP relationship with the ability to intercept the information of the ground users successfully.
Waluku: Answering Astronomy Questions through Social MediaJim Geovedi
langitselatan as one of the established astronomy community in Indonesia have been actively use social media to interact and discussion with their members and general public. Since 2011 langitselatan received question from public to answer in the form of blog article and now planning to extensively use social media network for astronomy outreach.
This paper reports the development and implementation of Waluku, an online astronomy knowledge base management system with the extension of the dialogue based natural language chatbot on the Twitter social network, that creates responses based on information extracted from langitselatan blog articles, Wikipedia articles and community supplied answers.
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...Jim Geovedi
Dalam bahasa yang sama, kata yang paling sering digunakan, jumlah huruf per kata, serta berbagai statistik lain yang terkait dengan distribusi frekuensi sangat bergantung kepada ragam yang digunakan. Makalah ini menelaah perbandingan distribusi frekuensi kata antara empat ragam bahasa Indonesia yang populer di internet, yaitu Kompas (media massa), Wikipedia bahasa Indonesia (ensiklopedia), Twitter (mikroblog), dan Kaskus (forum). Kajian dilakukan dengan menggunakan korpus yang diambil dari data yang tersedia secara publik di internet serta diproses dengan menggunakan bahasa pemrograman Python serta beberapa pustaka pemrograman yang bersumber terbuka. Hasil kajian menunjukkan adanya perbedaan distribusi yang cukup tajam di antara keempat ragam bahasa Indonesia ini. Kompas banyak menggunakan kata akan karena sifat beritanya; Wikipedia banyak menggunakan kata adalah karena sifat deskriptifnya; Twitter banyak menggunakan kata aku karena sifat subjektifnya; Kaskus banyak menggunakan kata gan yang merupakan kata khas komunitas ini. Kajian ini juga memberikan beberapa hal yang harus diperhatikan dalam kajian serupa seperti penyiapan dan pembersihan data korpus dan leksikon. Kajian ini diharapkan dapat memberikan dasar penelitian lebih lanjut dalam bidang distribusi frekuensi dan analisis korpus bahasa Indonesia.
More Related Content
Similar to Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship
How Global-Scale Personal Lighwaves are Transforming Scientific ResearchLarry Smarr
07.03.08
Speaker
Distinguished Lecturer Series
Department of Computer Science
Title: How Global-Scale Personal Lighwaves are Transforming Scientific Research
UC Davis
The Academic and R&D Sectors' Current and Future Broadband and Fiber Access N...Larry Smarr
05.02.23
Invited Access Grid Talk
MSCMC FORUM Series
Examining the National Vision for Global Peace and Prosperity
Title: The Academic and R&D Sectors' Current and Future Broadband and Fiber Access Needs for US Global Competitiveness
Arlington, VA
How Global-Scale Personal Lightwaves are Transforming Scientific ResearchLarry Smarr
07.03.22
Distinguished Lecturer
Technology for a Changing World Series
Baskin School of Engineering, UCSC
Title: How Global-Scale Personal Lighwaves are Transforming Scientific Research
Santa Cruz, CA
BSides Canberra 2018: A low cost guide to satellite listeningPamela O'Shea
So many satellites are moving and sitting over our heads, and the numbers are ever increasing. Using low cost software defined radio (SDR) and low cost DIY antennas you can make from materials at your local hardware store or garage, a world of fun can be explored.
This is a beginners guide on how to get up and running. Exploring which projects to tackle first, from weather satellites, data over Inmarsat and Iridium, to listening to amateur radio and cube satellites.
Learn about some hardware you can make or scout for online and use at home. A quick tour of the frequency bands requiring some bigger hardware will also be discussed.
06.05.23
Keynote Talk
2006 Technology Horizons Spring Exchange
Science & Technology in 10, 20, & 50 Years
Institute for the Future
Title: Is it Live or is it Telepresence?
San Mateo, CA
OptIPuter-A High Performance SOA LambdaGrid Enabling Scientific ApplicationsLarry Smarr
07.03.21
IEEE Computer Society Tsutomu Kanai Award Keynote
At the Joint Meeting of the: 8th International Symposium on Autonomous Decentralized Systems
2nd International Workshop on Ad Hoc, Sensor and P2P Networks
11th IEEE International Workshop on Future Trends of Distributed Computing Systems
Title: OptIPuter-A High Performance SOA LambdaGrid Enabling Scientific Applications
Sedona, AZ
Experiments in Living in the Virtual/Physical WorldLarry Smarr
10.01.25
Opening Keynote Talk
C5: The Eighth International Conference on
Creating, Connecting and Collaborating through Computing
Title: Experiments in Living in the Virtual/Physical World
La Jolla, CA
07.03.13
Opening Talk
Delegation from the Chief of Naval Operations’ Strategic Studies Group: Cyberspace & Maritime Operations in 2030
Title: Towards Telepresence
La Jolla, CA
Responsive Parameter based an AntiWorm Approach to Prevent Wormhole Attack in...IDES Editor
The recent advancements in the wireless technology
and their wide-spread deployment have made remarkable
enhancements in efficiency in the corporate and industrial
and Military sectors The increasing popularity and usage of
wireless technology is creating a need for more secure wireless
Ad hoc networks. This paper aims researched and developed
a new protocol that prevents wormhole attacks on a ad hoc
network. A few existing protocols detect wormhole attacks but
they require highly specialized equipment not found on most
wireless devices. This paper aims to develop a defense against
wormhole attacks as an Anti-worm protocol which is based on
responsive parameters, that does not require as a significant
amount of specialized equipment, trick clock synchronization,
no GPS dependencies.
[CB20] Drones' Cryptanalysis - Detecting Spying Drones by Ben NassiCODE BLUE
In an "open skies" era in which drones fly among us, a new question arises: how can we tell whether a passing drone is being used by its operator for a legitimate purpose (e.g., delivering pizza) or an illegitimate purpose (e.g., taking a peek at a person showering in his/her own house)? In this talk, I present a new method that can detect whether a specific POI (point of interest) is being video streamed by a drone. I show that applying a periodic physical stimulus on a target/victim being video streamed by a drone causes a watermark to be added to the encrypted video traffic that is sent from the drone to its operator and how this watermark can be detected using interception. Based on this method, I present an algorithm for detecting a privacy invasion attack. I analyze the performance of our algorithm using four commercial drones (DJI Mavic Air, Parrot Bebop 2, DJI Spark, and DJI Mavic Pro) and show how our method can be used to (1) determine whether a detected FPV (first-person view) channel is being used to video stream a person by a drone in 2 seconds, and (2) locate a spying drone in space; we also demonstrate how the physical stimulus can be applied covertly.
Secrecy performance analysis on spatial modeling of wireless communications w...IJECEIAES
In this paper, the secrecy performance of the spatial modeling for ground devices with randomly placed eavesdroppers when an unmanned aerial vehicle (UAV) acted as two hops decode and forward (DF) was investigated. We characterize the secrecy outage probability (SOP) and intercept probability (IP) expressions. Our capacity performance analysis is based on the Rayleigh fading distributions. After analytical results by Monte Carlo simulation, and the Gauss-Chebyshev parameter was selected to yield a close approximation, the results demonstrate the SOP with the average signal-to-noise ratio (SNR) between UAV and ground users among the eavesdroppers and the IP relationship with the ability to intercept the information of the ground users successfully.
Similar to Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship (20)
Waluku: Answering Astronomy Questions through Social MediaJim Geovedi
langitselatan as one of the established astronomy community in Indonesia have been actively use social media to interact and discussion with their members and general public. Since 2011 langitselatan received question from public to answer in the form of blog article and now planning to extensively use social media network for astronomy outreach.
This paper reports the development and implementation of Waluku, an online astronomy knowledge base management system with the extension of the dialogue based natural language chatbot on the Twitter social network, that creates responses based on information extracted from langitselatan blog articles, Wikipedia articles and community supplied answers.
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...Jim Geovedi
Dalam bahasa yang sama, kata yang paling sering digunakan, jumlah huruf per kata, serta berbagai statistik lain yang terkait dengan distribusi frekuensi sangat bergantung kepada ragam yang digunakan. Makalah ini menelaah perbandingan distribusi frekuensi kata antara empat ragam bahasa Indonesia yang populer di internet, yaitu Kompas (media massa), Wikipedia bahasa Indonesia (ensiklopedia), Twitter (mikroblog), dan Kaskus (forum). Kajian dilakukan dengan menggunakan korpus yang diambil dari data yang tersedia secara publik di internet serta diproses dengan menggunakan bahasa pemrograman Python serta beberapa pustaka pemrograman yang bersumber terbuka. Hasil kajian menunjukkan adanya perbedaan distribusi yang cukup tajam di antara keempat ragam bahasa Indonesia ini. Kompas banyak menggunakan kata akan karena sifat beritanya; Wikipedia banyak menggunakan kata adalah karena sifat deskriptifnya; Twitter banyak menggunakan kata aku karena sifat subjektifnya; Kaskus banyak menggunakan kata gan yang merupakan kata khas komunitas ini. Kajian ini juga memberikan beberapa hal yang harus diperhatikan dalam kajian serupa seperti penyiapan dan pembersihan data korpus dan leksikon. Kajian ini diharapkan dapat memberikan dasar penelitian lebih lanjut dalam bidang distribusi frekuensi dan analisis korpus bahasa Indonesia.
Satellite Hacking — Intro by Indianz (2012)Jim Geovedi
A very good introduction by IndianZ (Martin Rutishauser) about Satellite Hacking. He also brought up some information that missed in my satellite hacking talks. Highly recommended for those who are interested in the subject.
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksJim Geovedi
In 2010 a number of practical high-profile attacks against GSM has been discussed and demonstrated. Still it should be noted that those only work against GSM (2G) which has been standardised in the early 90s. It was followed by the 3G family of standards in 2000 which in turn are currently superseded (better: complemented) by yet another generation (4G). LTE (4G) which is expected to be "the next big thing in mobile telco business" has an all-IP network architecture that is much flatter than the earlier architectures' ones.
This talk will provide an in-depth treatment of satellite telephony networks from a security perspective. The overall system seems secure, but in reality, it cannot be expected to be fully reliable.
We will briefly cover the satellite mobile system architecture, then discuss GMR (GEO-Mobile Radio) system elements, e.g. GSS (Gateway Station Subsystem), MES (Mobile Earth Station), AOC (Advanced Operation Center), and TCS (Traffic Control Subsystem) for GMR-1 systems and NCC (Network Control Center), GW (Gateway), SCF (Satellite Control Facility) and CMIS (Customer Management Information System) for GMR-2 systems.
From there, we will discuss the security issues of GMR system as it shares similar vulnerabilities with GSM–GMR is derived from the terrestrial digital cellular standard GSM and support access to GSM core networks, along with some interesting demos.
Time permitting, a question and answer session at the end of the presentation will allow participants to cover any additional issues in satellite telephony system they’d like to discuss.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
2. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
Disclaimer
This presentation is intended to demonstrate the inherent security,
design and configuration flaws in publicly accessible satellite
communication networks and promote the use of safer satellite
communication systems. Viewers and readers are responsible for their
own actions and strongly encourage to behave themselves.
5. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
Artificial Satellite
‣ It was the English sci‐fi writer
Arthur C. Clarke who
conceived the possibility of
artificial communication
satellites in 1945. Clarke
examined the logistics of
satellite launch, possible
orbits and other aspects.
Arthur C. Clarke, science fiction author, meeting with
fans, at his home office in Colombo, Sri Lanka.
source: http://en.wikipedia.org/wiki/Arthur_C._Clarke
6. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
Artificial Satellite
‣ The first artificial satellite
was Sputnik 1 launched
by Soviet Union on
4 October 1957.
In 1957, the Soviet Union launched Sputnik, a basketball‐size capsule that became the Earth’s first man‐made satellite. Sputnik’s radio signals
were a “raspberry” from the Soviets, fumed one U.S. pundit. The next year, the United States created NASA, and the space race was under way.
source: http://magma.nationalgeographic.com/ngm/2007‐10/space‐travel/space‐travel‐photography.html
7. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
Satellite Internet Services
‣ One‐way multicast: used for IP multicast‐based data,
audio and video distribution.
‣ Most Internet protocols will not work correctly over
one‐way access, since they require a return channel.
‣ One‐way with terrestrial return: used with traditional
dial‐up access to the Internet, but downloads are sent via
satellite at a speed near that of broadband Internet
access.
‣ Two‐way satellite access: allows upload and download
data communications.
8. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
Very Small Aperture Terminal
‣ A one or two‐way terminal used in
a star, mesh or point to point network
with. Antenna size is restricted to
being less than or equal to 3.8 m at
Ku band and 7.8 m at C band.
‣ It consists of a large high performance
hub earth station (with an antenna of
up to 9 m in diameter) and a large
number of smaller, lower performance
terminals. These small terminals can
be receive only, transmit only or
transmit/receive. A 2.5m parabolic dish antenna for
bidirectional high‐speed satellite Internet.
source: http://en.wikipedia.org/wiki/VSAT
9. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
Frequency Band Designations
300 MHz 3 GHz
VHF UHF
1 GHz
VHF UHF L S
3 GHz 30 GHz
SHF EHF
8 GHz 12 GHz 18 GHz 40 GHz 75 GHz
C X Ku K Ka V
source: http://www.satcom‐services.com/sat_freq.htm
10. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
Data communication service using satellite access media with Time Division Multiplex (TDM) / Time Division Multiple
Access (TDMA) technology based on Internet‐protocol.
source: http://www.lintasarta.net/PRODUKLAYANAN/Satelit/VsatIP/tabid/85/Default.aspx
11. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
Data communication service using satellite access media with Single Channel per Carrier (SCPC)
connecting point‐to‐point and point‐to‐multipoint.
source: http://www.lintasarta.net/PRODUKLAYANAN/Satelit/VsatLink/tabid/86/Default.aspx
12. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
Attacks against Satellite Systems
‣ Hypothetical Attacks
‣ Denial of services (uplink/downlink jamming, overpower uplink), orbital
positioning attacks (raging transponder spoofing, direct commanding,
command replay, insertion after confirmation but prior to execution)
‣ Practical Attacks
32. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
Detection Issues
‣ Require at least another satellite and satellite
operator to detect rogue carrier (similar to GPS
mechanism).
‣ Satellite operator alliance co‐operation.
‣ Specialised company detecting rogue carrier.
‣ Hard to detect if rogue carrier has ability to
switch frequency automatically prior detection.