Title: Security Issues in Space networks
Author: Mohammed Atiquzzaman
Organization: University of Oklahoma
Co-Authors: Shohrab Hossain
Satellites are being used to capture real-time images, video for various purposes, such as, observing the Earth, weather data, live images for tornado, cyclones, tsunami, etc. In future, these data can be accessed by terrestrial users through the Internet. Mobility protocols aim at providing uninterrupted real-time data communication facilities through seamless Internet connectivity to hosts or networks in motion, such as in bus, train, aircraft, and satellites. Mobile IP is an example of such a mobility protocol which uses Home Agent for mobility management, and requires signaling among the mobility agents, mobile node and the correspondent node for its operation. Originally, Mobile IP had no route optimization between end hosts; all traffic passes the mobility agents. However, recent mobility protocols, such as, Mobile IPv6 incorporated Route Optimization between end hosts, by informing correspondent node and home agent about mobile node's current location through binding updates. However, these binding updates are vulnerable to various attacks as unauthorized agent might send fabricated binding updates to fool mobile node, correspondent node or home agent. SIGMA is a seamless end-to-end mobility protocol which does not require change in Internet infrastructure but requires signaling between hosts to manage mobility. In short, the requirement of seamless connectivity in mobile environment, signaling protocols and use of optimized route between end hosts have introduced several security vulnerabilities to mobility protocols. In this paper, we explain such security threats on various components of mobility management schemes for space networks. Some of the major threats are traffic redirection attack, man-in-the-middle attack, bombing attack, denial-of-service attack, DNS poisoning, replay attack, etc. These attacks can affect the privacy and the integrity of the data. We also discuss possible protection mechanisms to protect network components from these security threats.