This document explores the physical layer security of optical networks, detailing various vulnerabilities like jamming, eavesdropping, and infrastructure attacks. It discusses innovative security measures such as optical steganography, encryption, and anti-jamming techniques that maintain high data rates while ensuring privacy and authentication. Researchers highlight how optical technology enhances network security through real-time data processing and the use of advanced codes for confidentiality and availability.

1. PHYSICAL LAYER SECURITY
OF OPTICAL NETWORKS
Abstract
The physical layer of an optical network may be attacked in numerous ways,
such as by jamming, assaults on the physical infrastructure, eavesdropping, and
interception. As the requirement for network capacity develops, the physical layer
of the optical network must be kept secure. In this overview article, specialists
look at security problems in optical networks and discuss a variety of novel
approaches to defending optical networks. In the first section of this study,
researchers discuss a variety of security issues that might harm the optical layer
of an optical network. These weaknesses include jamming, physical
infrastructure assaults, eavesdropping, and interception. Enhanced optical
network security has gained a lot of interest in the sectors described above.
Real-time signal processing is essential in order to apply security measures at
the physical layer without slowing down the pace of optical communications. The
key advantages of optical processing for optical layer security include rapid
reaction, wide-band operation, resilience to electromagnetic fields, compact size,
and low latency. In the second part of this research, we look into optical
steganography, optical encryption, optical code-division multiple access (CDMA)
secrecy, self-healing, survivable optical rings, anti-jamming, and optical CDMA
confidentiality.
I. Introduction
Introduction Optical communication systems are employed in many different
fields, including business, the military, and personal communication. Optical
networks are unusual in that their data speeds are greater than 40 GB/s, and this
figure will only increase as time goes on. Physical layer security measures have

2. to function in real time, which is not achievable with standard electronic
computing. Side-channel assaults are less likely to emerge in optical
communication networks because optical components don’t leave
electromagnetic traces. With optical encryption, communications may be
encrypted fast and with minimum latency (at speeds not attainable with standard
electrical implementations) (at rates not possible with conventional electrical
implementations). In addition to data encryption, optical steganography may be
used to obscure the flow of data over an open transmission channel.
II. Threats and defenses in
optical networks at the optical
layer
There are many different forms of optical networks, from local area networks to
the backbone networks of the Internet. Each network may tackle a particular
threat type in a different manner. Researchers investigate the optical layer to
examine whether there are any threats to privacy, availability, authentication, and
secrecy (Skorin-Kapov, 2016).
A. Confidentiality
Even though optical networks don’t have an electromagnetic signature, an
attacker may nonetheless listen in on them by physically tapping into the optical
fiber or by pretending as a lawful subscriber and listening to residual crosstalk
from an adjacent channel. It is not hard to tap an optical cable that is out in the
open and has no physical protection. For example, the protective coating and
cladding of an optical fiber may be peeled away to allow a small quantity of light
to escape (Rahouma, 2021). A component of the optical signal that is required
may be collected by inserting a second fiber near where light is exiting the first
wire. In reality, this is a tricky approach to tapping an optical connection since you

3. can only retrieve a tiny fraction of the optical signal without getting noticed. The
eavesdropper’s signal-to-noise ratio must be exceedingly low for the signal loss
to be unnoticeable (Zhang et al., 2016).
B. Authentication
For authentication, researchers and the individuals who will utilize the information
must agree on a precise technique to code and decode the information. The
structure of the code is used to figure out who the user is. In a physical optical
connection, an optical signal can reach any destination if it has the right
wavelength (in a wavelength-division-multiplexing (WDM) network) or temporal
synchronization (in a time-division-multiplexing (TDM) network). An OCDMA
coding/decoding system uses a specific OCDMA code that both the sender and
the person the message is meant for agree on as a way to verify the message.
Without the code, unauthorized users can’t figure out what the OCDMA signal
says when there is other OCDMA traffic around. In other words, OCDMA codes
not only allow for multiple access, but they also allow two users to prove who
they are (Fok et al., 2011).
C. Privacy
Steganography could make communication networks more private by hiding
messages so that only the sender and the person to whom they are sent know
about a transfer. Optical steganography makes it possible to send data over a
secret channel called a “stealth channel” that can be hidden while “public
channels” are in use. For this to work, the data rate on the stealth channel must
be higher than on the public channel. This could be useful for applications that
need more privacy than what a low-bitrate, high-priority channel can offer. Figure
1 shows the idea behind optical steganography (Etemad et al., 2007).
It uses a dispersive optical element with high group-velocity dispersion (GVD) to
make a series of short light pulses that are spread out in time (stealth pulse). In
contrast to the high-dispersion component, which makes each wavelength
component move at a different speed, short optical pulses have a naturally wide

4. spectrum width. With a high GVD, the peak amplitudes of stealth pulses are
brought down to a level below the noise in the system, such as the noise that is
made by optical amplifiers when they are turned up. If there is also a public
signal, the stretched stealth pulses may be hidden by both the background noise
of the network and the public signal, as shown in the middle figure of Fig. 1.
Figure 1’s bottom figure shows that the stealth signal can have a wide range and
blend in with background noise, or it can have a narrow range and work
alongside the public channel. The goal is to make sure that the stealth signal
can’t be found by its spectrum (Rothe et al., 2020).

6. Figure 1 shows, at the top, an example of a schematic for optical
steganography that makes use of group velocity dispersion. (a) a measured
temporal profile of the stealth channel before it spreads, and (b) a
measured temporal profile of the stealth channel after it has spread. In the
middle is a graphic showing the measured public signal eye (a) without a
stealth signal, and (b) with a stealth signal. Bottom: Spectral masking of the
stealth transmission (a) spectrum without stealth transmission; (b)
spectrum with the stealth signal present; and (c) spectrum of the stealth
signal on its own (Fok et al., 2011).
D. Availability
Experts say that optical networks can be attacked in many different ways,
including through physical infrastructure attacks and signal jamming. Any setting
can cause a service to be denied. Even though denial of service may not always
lead to the theft of information, it can lead to the loss of network resources (like
bandwidth), the disruption of many users, and large financial losses for the
network operator. A damaged optical fibre could be done on purpose or by
accident. For example, construction workers digging around a buried fiber optic
cable could accidentally cut it, or an attacker could just cut a part of the fibre that
isn’t covered. No matter what the goal is, optical networks are often built with
redundant channels to help them fix problems quickly and keep service from
going down. Self-healing ring topologies make sure that both service availability
and survivability are met. Commonly used in the infrastructure of local and
metropolitan area networks for telecommunications. Guaranteed to fix broken
connections in 60 milliseconds or less (Zhang et al., 2016).
III. Optical Layer Security:
Confidentiality
A. Optical Encryption

7. In an encrypted system, an eavesdropper can’t figure out what the data is from
the ciphertext if they don’t have the encryption key. So, encryption is a good way
to protect signals and keep networks private. A lot of money has been spent on
developing optical structures so that encryption operations can be done quickly in
the optical domain. Part of the reason for this work is that optical processing can
work at data rates that are many times faster than those of electrical
components. Also, optical components are less likely to have side channels than
electrical ones because they don’t give off any electromagnetic emissions that
can be seen. Several researchers have looked into optical XOR logic, for
example, as a way to start making optical encryption methods (Fok et al., 2011).
The result is that the optical XOR gates don’t leave any electromagnetic traces
that a spy could use to track them. Cross-polarization and cross-gain modulation
in a semiconductor optical amplifier, four-wave mixing for phase- and
polarization-modulated signals, cross-phase modulation in interferometric-based
optical devices, and pump depletion with sum and difference frequency
generation in a periodically poled lithium niobate (PPLN) waveguide have all
been proposed and shown to work as optical XOR gates. Figure 2 shows that an
optical encryption system can use a variety of XOR gates to do encryption at the
transmitter and decryption at the receiver (Yousefi et al., 2020).
Figure 2: This figure shows how the parts of an all-optical encryption
system are put together. Quantum key distribution is what QDK stands for
(Fok et al., 2011).

8. B. Coherent OCDMA technique
As explained in Section II, the type of OCDMA codes that are used affects how
secret the system is. OCDMA codes are often put into two groups: those that
make sense and those that don’t. Spectral-phase encoding (SPE) is a
well-known coherent OCDMA technique. It shifts the phase of many coherent
spectral components in different ways. The decoder at the receiver does
conjugate phase shifts to bring all of the spectral components into phase and
make an autocorrelation peak for data reception. Incoherent OCDMA, direct
detection, and intensity modulation are used to build the system. Researchers
focus on wavelength-hopping time-spreading (WHTS), which is a common
two-dimensional OCDMA method, because its code is flexible and it works better
than other schemes. Along with the OCDMA codes, the way data is modulated
also makes the system secret. The energy levels of bits “1” and “0” change, and
a photodetector can pick up on these changes even without a decoder. This
shows that on-off keying (OOK) can be broken. To get around this problem, both
coherent and incoherent OCDMA codes can use two-code-keying modulation,
which uses two different codes for bits “1” and “0” to make the energy levels of all
bits the same (Prucnal et al., 2009).
IV. Authentication of the optical
layer
Even though little research has been done on authentication at the physical layer
of an optical network, the unique coding features of OCDMA codes show a lot of
promise for improving authentication in optical networks. In the case of a SPE
code, for example, the receiver may only pick up the signal if the whole set of
phase coding information is changed. This means that each chip’s phase must
be encoded and decoded correctly. Figure 8 shows the eye diagrams of a
scrambled Hadamard code that have been sent. The code is broken using very
precise phase chips, which leads to the open-eyed figure in Figure 8. (a). Figure
3 shows that even if only one of the eight phase chips is missing, the

9. descrambled eye diagram is completely closed (b). The above example shows
how researchers could use the fact that each OCDMA code is unique to find out
who the intended users are. They don’t have the code to get signals from
authorised users, so they can’t. More research is being done to make
authentication better.
Figure 3: This figure shows experimental eye diagrams of decoded and
unscrambled Hadamard codes. Using the right decoder or a decoder that is
only partly right (Fok et al., 2011).
V. Optical layer Security:
Availability
A. Ring of Resistance For high survivability and service availability, self-healing
ring designs are a good alternative to other topologies. As explained in Section
IV, OCDMA’s large code cardinality not only makes brute-force channel finding
harder, but it also improves service availability while using less bandwidth.
Because of this, it has been suggested to build a two-way OCDMA ring network
with an OCDMA-based backup channel. With a high cardinality, you can build a
resilient ring network that doesn’t need extra capacity or a backup route in case a

10. link fails. Traditional backup methods have to permanently set aside all or part of
their bandwidth. If there is no breakdown, the bandwidth that could be used is
wasted. Soft blocking is what makes incoherent OCDMA networks stand out.
Soft blocking is the ability to change or remove the number of transmissions
happening at the same time without changing how the hardware is set up. Unlike
WDM and TDM, it is not limited by the number of wavelengths or time slots.
Older optical multiplexing systems like WDM and TDM are not as scalable and
don’t use the spectrum as well as OCDMA. OCDMA may offer many more optical
channels than WDM, even though both use the same number of wavelengths.
Instead, as the number of transmissions goes up, the network’s performance
keeps getting worse. Also, incoherent OCDMA lets different types of data share
the same link. In order to improve network service quality, two pathways in the
ring may transport data at different rates. High priority traffic use the main lane,
whereas research traffic utilises the “backup” channel. OCDMA’s soft blocking
capability allows traffic aggregation with little effect on performance. In the case
of a connection breakdown, then, more bandwidth or a backup route are not
necessary. During normal operation, both connections may be used. Each node
in the researcherst and east connections may add and remove signals, as shown
in Figure 4.

11. Figure 4: This figure depicts a bidirectional two-fiber OCDMA ring network
(Etemad et al., 2007).
B. Anti-jamming
On passive networks, any access point may inject a powerful optical signal
upstream to create a denial of service (such rings, buses, and stars). In the
worst-case scenario, the strong optical signal might overpower the optical
receiver, prohibiting the user from receiving any data. Due to optical fiber’s
broadband capability, optical communications may be carried in a jammed
channel by totally shifting the optical signal wavelength outside the blocked
waveband. Consequently, anti-jamming may be implemented, and the
communication channel can be restored. Figure 5 depicts the anti-interference
concept. As illustrated on the left side of Figure 5, prior to jamming, signals are
sent in the middle waveband.

12. Figure 5: Diagram of waveband up- or down-conversion as an anti-jamming
technique (Fok et al., 2011).
VI. Principle of optical layer
security:Privacy
Steganography may enhance signal privacy by concealing the stealth signal
inside background noise and public transmission. Steganography adds a layer of
protection to the signal’s secrecy, but it does not guarantee it. Wu et al. initially
proposed the concept of optical steganography, and their theoretical analysis of
the performance of the stealth channel. Experiment findings indicate that optical
steganography is well suited for a variety of public channels. Examples include
transmitting a stealth signal encoded using SPE over a RZ-OOK public channel,
a stealth signal encoded with NRZ-OOK over another WHTS public channel, and
a stealth signal encoded with WHTS over yet another WHTS public channel.
Optical steganography is especially helpful in passive optical networks, because
signals are not filtered nor digitally regenerated at nodes (e.g., FIOS) (Etemad et
al., 2007).
Previous research has shown that it is challenging to identify the presence of a
stealth signal in the presence of public signals by analysing the temporal or
spectral characteristics of the transmitted signals. If the opponent believes there
is a hidden signal, they may use a variety of strategies to determine whether or
not they can discover it. Utilizing an adjustable dispersion-compensating device

13. is an appropriate method for detecting a buried signal. Once the opponent
detects a clue of the stealth signal, he need just change the signal’s dispersion to
recover it in full. Under such assaults, the confidentiality of the stealth
communication cannot be guaranteed. In response to this possible risk, Wang et
al. suggested enhancing the privacy of stealth transmission by adding temporal
phase modulation to the stretched stealth signal prior to broadcasting it over the
network. After adding a temporal phase mask to the spread stealth signal, as
seen in Figure 6, some portions of the spread pulse undergo phase changes. In
addition to the matched dispersion correction, the matching phase recovery at
the receiver, as seen in Figure 6, is necessary to recover the stealth pulses.
Figure 6: This figure demonstrates a temporal phase modulation strategy
for distributed stealth pulses that enhances the confidentiality of stealth
transmission (Fok et al., 2011).
Conclusion

14. In this study, researchers investigate the vulnerability of optical networks to a
variety of security issues that may manifest in the optical layer of a network. In
addition, they present an overview of a variety of optical methods for mitigating
the aforementioned security issues. Optical technology permits the processing of
data in real time, hence enhancing the security of optical networks. In this study,
researchers evaluated optical encryption as a method for enhancing secrecy at
line speeds while presenting less of a threat from side channels than electrical
encryption. Experimentally, a variety of optical XOR gates with and without
feedback have been constructed. These approaches provide the generation of
long key streams from short key streams or the processing of registers utilized by
Vernam cyphers to encrypt data, hence enabling safe optical encryption. Due to
the vast bandwidth of fiber optics, anti-jamming may be achieved using optical
frequency conversion, allowing signals to be transmitted outside of the jamming
band and boosting network availability. As a result of the large spectrum of
optical pulses, optical steganography is easily implemented utilizing either
compact fiber Bragg gratings or temporal stretching based on group velocity
dispersion in fibers. A phase mask may be utilized to increase the stealth signal’s
security even more. Steganography adds a layer of protection to the signal’s
secrecy, but it does not guarantee it. Researchers also suggest using orthogonal
coding for obscurity and resilient optical ring design with OCDMA coding to boost
the optical network’s availability and privacy. The unique coding scheme used by
OCDMA enables signal validation. According to the specialists, additional study
will be conducted on this issue.