Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Cybersecurity of High-Altitude Platform Stations: Threat Taxonomy, Attacks and Defenses with Standards Mapping - DDoS Attack Use Case

Chaouki Hjaiji, Bassem Ouni, Mohamed-Slim Alouini

TL;DR

The paper addresses the cybersecurity challenges of High-Altitude Platform Stations (HAPS) within non-terrestrial networks by proposing a stratosphere-aware threat taxonomy and a layered defense framework that aligns with emerging standards. It analyzes HAPS subsystems and communication links to identify exposure points across payload, TT&C, control, and power, and examines regulatory guidance from ITU, 3GPP, and aviation authorities. A simulation-based case study using OMNeT++/INET demonstrates a DDoS impact on service and control planes and validates proposed countermeasures such as encryption, FHSS, IDS, and adaptive filtering. The work provides concrete directions for secure HAPS deployment, emphasizing cross-layer defense integration, regulatory-compliant practices, and future research into datasets, hardware-in-the-loop validation, and scalable security architectures.

Abstract

High-Altitude Platform Stations (HAPS) are emerging stratospheric nodes within non-terrestrial networks. We provide a structured overview of HAPS subsystems and principal communication links, map cybersecurity and privacy exposure across communication, control, and power subsystems, and propose a stratosphere-aware threat taxonomy. We then discuss defenses feasible under HAPS constraints including encryption and authentication, frequency agility, directional and beam-steered antennas, intrusion detection, secure boot, and software and supply-chain assurance-while highlighting how they align with emerging regulatory and standards guidance. Finally, we report a simulation-based case study using OMNeT++/INET to characterize distributed-denial-of-service (DDoS) impact on service and control-plane availability, and summarize regulatory and standardization considerations relevant to deployment. We conclude with concrete future research directions. The study is simulation-grounded and intended to inform engineering trade-offs for real-world HAPS deployments rather than serve as an on-air validation.

Cybersecurity of High-Altitude Platform Stations: Threat Taxonomy, Attacks and Defenses with Standards Mapping - DDoS Attack Use Case

TL;DR

The paper addresses the cybersecurity challenges of High-Altitude Platform Stations (HAPS) within non-terrestrial networks by proposing a stratosphere-aware threat taxonomy and a layered defense framework that aligns with emerging standards. It analyzes HAPS subsystems and communication links to identify exposure points across payload, TT&C, control, and power, and examines regulatory guidance from ITU, 3GPP, and aviation authorities. A simulation-based case study using OMNeT++/INET demonstrates a DDoS impact on service and control planes and validates proposed countermeasures such as encryption, FHSS, IDS, and adaptive filtering. The work provides concrete directions for secure HAPS deployment, emphasizing cross-layer defense integration, regulatory-compliant practices, and future research into datasets, hardware-in-the-loop validation, and scalable security architectures.

Abstract

High-Altitude Platform Stations (HAPS) are emerging stratospheric nodes within non-terrestrial networks. We provide a structured overview of HAPS subsystems and principal communication links, map cybersecurity and privacy exposure across communication, control, and power subsystems, and propose a stratosphere-aware threat taxonomy. We then discuss defenses feasible under HAPS constraints including encryption and authentication, frequency agility, directional and beam-steered antennas, intrusion detection, secure boot, and software and supply-chain assurance-while highlighting how they align with emerging regulatory and standards guidance. Finally, we report a simulation-based case study using OMNeT++/INET to characterize distributed-denial-of-service (DDoS) impact on service and control-plane availability, and summarize regulatory and standardization considerations relevant to deployment. We conclude with concrete future research directions. The study is simulation-grounded and intended to inform engineering trade-offs for real-world HAPS deployments rather than serve as an on-air validation.

Paper Structure

This paper contains 54 sections, 14 figures, 3 tables.

Table of Contents

  1. INTRODUCTION
  2. Research Contributions
  3. Paper Organization
  4. Operational Overview of HAPS
  5. HAPS Subsystems
  6. HAPS Communication Links and Network Architectures
  7. Related Work
  8. HAPS Communication Security Challenges
  9. Aerial Network Security Frameworks
  10. DoS and DDoS Attacks on Aerial Platforms
  11. Authentication and Key Management in Aerial Networks
  12. Machine Learning for Aerial Network Security
  13. Threat Landscape Evolution
  14. Potential Cybersecurity Threats
  15. Key Attack Categories
  16. ...and 39 more sections

Figures (14)

  • Figure 2: HAPS-Centered Ad-hoc Network Configuration
  • Figure 3: HAPS-Based Cell-Free Network Configuration
  • Figure 4: HAPS-Aided Integrated Access and Backhaul Configuration
  • Figure 5: HAPS common cyber threats
  • Figure 6: Jamming attack activity: interference degrades SNR and disrupts link acquisition.
  • ...and 9 more figures