Time-varying Bottleneck Links in LEO Satellite Networks: Identification, Exploits, and Countermeasures

—In this paper, we perform a multifaceted study on the security risk involved by the unique time-varying bottleneck links in emerging Low-Earth Orbit (LEO) satellite networks (LSNs). We carry out our study in three steps. First, we profile the spatial and temporal characteristics of bottleneck links and how they might be exploited for bottleneck identification. Thus, the bottleneck links imposes a new risk of link flooding attack (LFA) on LSNs. Second, we propose S KYFALL , a new LFA risk analyzer that enables satellite network operators to simulate various LFA behaviors and comprehensively analyze the consequences on LSN services. Concretely, S KYFALL ’s analysis based on real-world information of operational LSNs demonstrates that the throughput of legal background traffic could be reduced by a factor of 3.4 if an attacker can manipulate a number of compromised user terminals to continuously congest the bottleneck links. Based on our analysis, we finally discuss the limitations of traditional LFA countermeasures and propose new mitigation strategies for LSNs.