Digital Twin-Driven Secure Access Strategy for SAGIN-Enabled IoT Networks
Hui Liang, Zhihui Wu, Runqi Yuan, Guobin Zhang, Yanfeng Zhang, Jinkai Zheng, Tom H. Luan
TL;DR
This work tackles secure access in SAGIN-enabled IoT under eavesdropping risk by proposing a Digital Twin–driven framework that continuously estimates time-varying secrecy capacity $C_i^{\mathrm{S}}(t)$ and queuing delay $D_i(t)$. A DT-based evolutionary game uses payoff $\pi_i(t)=\alpha\frac{C_i^{\mathrm{S}}(t)}{x_i(t)N}-\beta D_i(t)$ and replicator dynamics $\dot{x}_i(t)=\sigma x_i(t)(\pi_i(t)-\bar{\pi}(t))$ to reach an evolutionary equilibrium where $\pi_i(t)=\bar{\pi}(t)$. A distributed iterative service selection algorithm implemented in the DT enables scalable, self-organizing satellite selection that balances security and latency. Simulations show improved secrecy risk reduction and reduced queuing delays compared with benchmark schemes, validating the DT-driven approach for secure, efficient SAGIN-enabled IoT.
Abstract
In space-air-ground integrated networks (SAGIN)-enabled IoT networks, secure access has become a significant challenge due to the increasing risks of eavesdropping attacks. To address these threats to data confidentiality, this paper proposes a Digital Twin (DT)-driven secure access strategy. The strategy leverages a virtual replica of the physical SAGIN environment within the DT framework to continuously assess dynamic eavesdropping risks by quantifying secrecy capacity. Operating within this DT framework, an evolutionary game model dynamically balances the DT-updated secrecy capacity against queuing delay, steering IoT devices toward more secure and efficient access decisions. Furthermore, a novel distributed algorithm, integral to the DT operation, is developed to obtain the equilibrium access strategy for each device in a scalable manner. Simulation results demonstrate that the proposed DT-based approach substantially improves the security of SAGIN-enabled IoT networks. Additionally, it effectively balances system load, prevents overload occurrences, and decreases queuing delay compared to benchmark schemes, thereby comprehensively improving overall network performance.