Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

SATversary: Adversarial Attacks and Defenses for Satellite Fingerprinting

Joshua Smailes, Sebastian Köhler, Simon Birnbach, Martin Strohmeier, Ivan Martinovic

TL;DR

This study evaluates the security of satellite transmitter fingerprinting (SatIQ) under optimized adversarial conditions, including jamming, data poisoning, and spoofing. It demonstrates that low-power, strategically crafted interference can significantly disrupt authentication, and that poisoning can gradually embed attacker fingerprints into reference data, enabling persistent impersonation. A key contribution is the GAN-based defense, which not only mitigates spoofing during training but also yields a discriminator capable of detecting attacks, even from unseen transmitters, enabling effective single-transmitter fingerprinting for small constellations. Overall, the work highlights critical vulnerabilities in physical-layer fingerprinting for satellites and proposes a practical, dual-use defense strategy that enhances resilience by leveraging generative models and cross-checks with attack-detection capabilities.

Abstract

Due to the increasing threat of attacks on satellite systems, novel countermeasures have been developed to provide additional security. Among these, there has been a particular interest in transmitter fingerprinting, which authenticates transmitters by looking at characteristics expressed in the physical layer signal. These systems rely heavily upon statistical methods and machine learning, and are therefore vulnerable to a range of attacks. The severity of this threat in a fingerprinting context is currently not well understood. In this paper we evaluate a range of attacks against satellite fingerprinting, building on previous works by looking at attacks optimized to target the fingerprinting system for maximal impact. We design optimized jamming, dataset poisoning, and spoofing attacks, evaluating them in the real world against the SatIQ fingerprinting system designed to authenticate Iridium transmitters, and using a wireless channel emulator to achieve realistic channel conditions. We show that an optimized jamming signal can cause a 50% error rate with attacker-to-victim ratios as low as -30dB (far less power than traditional jamming techniques), and demonstrate successful spoofing attacks, with an attacker successfully removing their own transmitter's fingerprint from messages. We also present a viable dataset poisoning attack, enabling persistent message spoofing by altering stored data to include the fingerprint of the attacker's transmitter. Finally, we show that a model trained to optimize spoofing attacks can also be used to detect spoofing and replay attacks, even when it has never seen the attacker's transmitter before. This technique works even when the training dataset includes only a single transmitter, enabling fingerprinting to be used to protect small constellations and even individual satellites, providing additional protection where it is needed the most.

SATversary: Adversarial Attacks and Defenses for Satellite Fingerprinting

TL;DR

This study evaluates the security of satellite transmitter fingerprinting (SatIQ) under optimized adversarial conditions, including jamming, data poisoning, and spoofing. It demonstrates that low-power, strategically crafted interference can significantly disrupt authentication, and that poisoning can gradually embed attacker fingerprints into reference data, enabling persistent impersonation. A key contribution is the GAN-based defense, which not only mitigates spoofing during training but also yields a discriminator capable of detecting attacks, even from unseen transmitters, enabling effective single-transmitter fingerprinting for small constellations. Overall, the work highlights critical vulnerabilities in physical-layer fingerprinting for satellites and proposes a practical, dual-use defense strategy that enhances resilience by leveraging generative models and cross-checks with attack-detection capabilities.

Abstract

Due to the increasing threat of attacks on satellite systems, novel countermeasures have been developed to provide additional security. Among these, there has been a particular interest in transmitter fingerprinting, which authenticates transmitters by looking at characteristics expressed in the physical layer signal. These systems rely heavily upon statistical methods and machine learning, and are therefore vulnerable to a range of attacks. The severity of this threat in a fingerprinting context is currently not well understood. In this paper we evaluate a range of attacks against satellite fingerprinting, building on previous works by looking at attacks optimized to target the fingerprinting system for maximal impact. We design optimized jamming, dataset poisoning, and spoofing attacks, evaluating them in the real world against the SatIQ fingerprinting system designed to authenticate Iridium transmitters, and using a wireless channel emulator to achieve realistic channel conditions. We show that an optimized jamming signal can cause a 50% error rate with attacker-to-victim ratios as low as -30dB (far less power than traditional jamming techniques), and demonstrate successful spoofing attacks, with an attacker successfully removing their own transmitter's fingerprint from messages. We also present a viable dataset poisoning attack, enabling persistent message spoofing by altering stored data to include the fingerprint of the attacker's transmitter. Finally, we show that a model trained to optimize spoofing attacks can also be used to detect spoofing and replay attacks, even when it has never seen the attacker's transmitter before. This technique works even when the training dataset includes only a single transmitter, enabling fingerprinting to be used to protect small constellations and even individual satellites, providing additional protection where it is needed the most.

Paper Structure

This paper contains 39 sections, 2 equations, 17 figures, 3 tables.

Table of Contents

  1. Motivation
  2. Background
  3. Fingerprinting for Authentication
  4. Generative Adversarial Networks
  5. Poisoning Attacks
  6. Related Work
  7. Threat Model
  8. Attack Strategies
  9. Capabilities
  10. Experiment Design
  11. Configuration
  12. Dataset and Software Configuration
  13. Hardware Configuration
  14. Jamming Attack
  15. Data Poisoning Attack
  16. ...and 24 more sections

Figures (17)

  • Figure 1: The transmit-receive loop used during experiments to measure the impact of the attacker's transmitter and channel effects on the fingerprint. Messages are transmitted by one SDR, pass over a wire and through the PROPSIM channel emulator, before being received by the other SDR.
  • Figure 2: Architecture of the "Siamese GAN" model. Legitimate messages are modified by the generator to counteract the fingerprint of their transmitter and channel effects ("SDR"). The discriminator compares these to legitimate messages. During training, pairs of legitimate messages are also used for comparison.
  • Figure 3: Results from the jamming experiments, when the attacker does not have phase synchronization. False rejections can be induced even at low amplitudes, and the channel model does not have a significant impact on the results.
  • Figure 4: Examples of some of the signals produced by the jamming attack, in the time domain (upper) and as constellation plots (lower).
  • Figure 5: Number of steps required to poison the reference fingerprints to accept one transmitter instead of another, given the acceptance threshold and update threshold. Inclusive poisoning is significantly more difficult and fails for stricter acceptance thresholds, so a different scale is shown.
  • ...and 12 more figures