Related papers: Characterizing Cyber Attacks against Space Infrastructures with Missing Data: Framework and Case Study

Characterizing Cyber Attacks against Space Infrastructures with Missing Data: Framework and Case Study

URL: http://arxiv.org/abs/2512.02414v1
Date: Tue, 02 Dec 2025 04:50:55 GMT
Title: Characterizing Cyber Attacks against Space Infrastructures with Missing Data: Framework and Case Study
Authors: Ekzhin Ear, Jose Luis Castanon Remy, Caleb Chang, Qiren Que, Antonia Feffer, Shouhuai Xu,
Abstract summary: There is no single dataset that documents cyber attacks against space infrastructures that have occurred in the past.<n>We propose a framework, including metrics, while also addressing the missing-data problem.<n>We show how the extrapolated data can be used to reconstruct hypothetical but plausible'' space cyber kill chains.
Score: 4.427671363201665
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Cybersecurity of space infrastructures is an emerging topic, despite space-related cybersecurity incidents occurring as early as 1977 (i.e., hijacking of a satellite transmission signal). There is no single dataset that documents cyber attacks against space infrastructures that have occurred in the past; instead, these incidents are often scattered in media reports while missing many details, which we dub the missing-data problem. Nevertheless, even ``low-quality'' datasets containing such reports would be extremely valuable because of the dearth of space cybersecurity data and the sensitivity of space infrastructures which are often restricted from disclosure by governments. This prompts a research question: How can we characterize real-world cyber attacks against space infrastructures? In this paper, we address the problem by proposing a framework, including metrics, while also addressing the missing-data problem by leveraging methodologies such as the Space Attack Research and Tactic Analysis (SPARTA) and the Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) to ``extrapolate'' the missing data in a principled fashion. We show how the extrapolated data can be used to reconstruct ``hypothetical but plausible'' space cyber kill chains and space cyber attack campaigns that have occurred in practice. To show the usefulness of the framework, we extract data for 108 cyber attacks against space infrastructures and show how to extrapolate this ``low-quality'' dataset containing missing information to derive 6,206 attack technique-level space cyber kill chains. Our findings include: cyber attacks against space infrastructures are getting increasingly sophisticated; successful protection of the link segment between the space and user segments could have thwarted nearly half of the 108 attacks. We will make our dataset available.

Related papers

Cybersecurity of High-Altitude Platform Stations: Threat Taxonomy, Attacks and Defenses with Standards Mapping - DDoS Attack Use Case [46.15641504748965]
High-Altitude Platform Stations (HAPS) are emerging stratospheric nodes within non-terrestrial networks.<n>We provide a structured overview of HAPS subsystems and principal communication links, map cybersecurity and privacy exposure across communication, control, and power subsystems, and propose a stratosphere-aware threat taxonomy.<n>We report a simulation-based case study using OMNeT++/INET to characterize distributed-denial-of-service (DDoS) impact on service and control-plane availability.
arXiv Detail & Related papers (2025-11-16T20:28:58Z)
SoK: Securing the Final Frontier for Cybersecurity in Space-Based Infrastructure [0.0]
This study analyzes the range of possible space cyber-attack vectors, which include ground, space, satellite, and satellite constellations.<n>It also assesses the efficacy of mitigation measures that are linked with space infrastructures.<n>Based on the analysis, this paper identifies potential research challenges for developing and testing cutting-edge technology solutions.
arXiv Detail & Related papers (2025-07-22T22:51:31Z)
High Performance Space Debris Tracking in Complex Skylight Backgrounds with a Large-Scale Dataset [48.32788509877459]
We propose a deep learning-based Space Debris Tracking Network(SDT-Net) to achieve highly accurate debris tracking.<n>SDT-Net effectively represents the feature of debris, enhancing the efficiency and stability of end-to-end model learning.<n>Our dataset and code will be released soon.
arXiv Detail & Related papers (2025-06-03T08:30:25Z)
Mind The Gap: Can Air-Gaps Keep Your Private Data Secure? [1.74048653626208]
'Air-gap' measures keep sensitive data in networks entirely isolated from the Internet. Air-gap networks are relevant today to governmental organizations, healthcare industries, finance sectors, intellectual property and legal firms. Motivated and capable adversaries can use sophisticated attack vectors to penetrate the air-gapped networks, leaking sensitive data outward.
arXiv Detail & Related papers (2024-09-06T11:08:05Z)
Mellivora Capensis: A Backdoor-Free Training Framework on the Poisoned Dataset without Auxiliary Data [39.07360350023601]
This paper addresses the challenges of backdoor attack countermeasures in real-world scenarios.<n>We propose a robust and clean-data-free backdoor defense framework, namely Mellivora Capensis (textttMeCa), which enables the model trainer to train a clean model on the poisoned dataset.
arXiv Detail & Related papers (2024-05-21T12:20:19Z)
Evaluating the Security of Satellite Systems [24.312198733476063]
This paper presents a comprehensive taxonomy of adversarial tactics, techniques, and procedures explicitly targeting satellites. We examine the space ecosystem including the ground, space, Communication, and user segments, highlighting their architectures, functions, and vulnerabilities. We propose a novel extension of the MITRE ATT&CK framework to categorize satellite attack techniques across the adversary lifecycle from reconnaissance to impact.
arXiv Detail & Related papers (2023-12-03T09:38:28Z)
Stepping out of Flatland: Discovering Behavior Patterns as Topological Structures in Cyber Hypergraphs [0.7835894511242797]
We present a novel framework based in the theory of hypergraphs and topology to understand data from cyber networks. We will demonstrate concrete examples in a large-scale cyber network dataset.
arXiv Detail & Related papers (2023-11-08T00:00:33Z)
Characterizing Cyber Attacks against Space Systems with Missing Data: Framework and Case Study [5.715413347864052]
There is no single dataset that documents cyber attacks against space systems that have occurred in the past. This paper proposes a framework, including metrics, while also addressing the missing-data problem. We show how to extrapolate this "low-quality" dataset to derive 4,076 attack technique kill chains.
arXiv Detail & Related papers (2023-09-09T21:40:00Z)
Understanding Reconstruction Attacks with the Neural Tangent Kernel and Dataset Distillation [110.61853418925219]
We build a stronger version of the dataset reconstruction attack and show how it can provably recover the emphentire training set in the infinite width regime. We show that both theoretically and empirically, reconstructed images tend to "outliers" in the dataset. These reconstruction attacks can be used for textitdataset distillation, that is, we can retrain on reconstructed images and obtain high predictive accuracy.
arXiv Detail & Related papers (2023-02-02T21:41:59Z)
Autoregressive Perturbations for Data Poisoning [54.205200221427994]
Data scraping from social media has led to growing concerns regarding unauthorized use of data. Data poisoning attacks have been proposed as a bulwark against scraping. We introduce autoregressive (AR) poisoning, a method that can generate poisoned data without access to the broader dataset.
arXiv Detail & Related papers (2022-06-08T06:24:51Z)
Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the Age of AI-NIDS [70.60975663021952]
We study blackbox adversarial attacks on network classifiers. We argue that attacker-defender fixed points are themselves general-sum games with complex phase transitions. We show that a continual learning approach is required to study attacker-defender dynamics.
arXiv Detail & Related papers (2021-11-23T23:42:16Z)
Measurement-driven Security Analysis of Imperceptible Impersonation Attacks [54.727945432381716]
We study the exploitability of Deep Neural Network-based Face Recognition systems. We show that factors such as skin color, gender, and age, impact the ability to carry out an attack on a specific target victim. We also study the feasibility of constructing universal attacks that are robust to different poses or views of the attacker's face.
arXiv Detail & Related papers (2020-08-26T19:27:27Z)

This list is automatically generated from the titles and abstracts of the papers in this site.