点击次数：
DOI码：10.1360/SSI-2025-0434
发表刊物：中国科学:信息科学
刊物所在地：中国北京
关键字：卫星互联网安全, SAT-DEF 框架, 威胁建模, 攻击链
摘要：The rapid deployment of LEO mega-constellations and widespread use of COTS technologies are transforming satellite Internet from a closed system into an open, integrated ecosystem—significantly altering its security landscape. Traditional “security through obscurity” strategies, based on information isolation, are increasingly inadequate given trends such as open signal intelligence, IP-based attack surfaces, and software-defined payloads. To address key modeling challenges in space-air-ground integrated networks—especially the difficulty in uniformly characterizing cross-layer attacks and capturing the dynamic evolution of attack tactics—this paper proposes the satellite Internet security threat analysis and dynamic evolution framework (SAT-DEF). SAT-DEF constructs four logically linked attack chains from an attacker’s viewpoint: signal-network joint intrusion, multi-domain network infiltration, multi-dimension impact execution, and postattack persistence. These chains systematically model threat evolution from the signal to the network layer and from initial intrusion to long-term control. A dynamic phase-transition mechanism is introduced to simulate attacker-defender interactions, supporting the analysis of complex attack paths and composite tactics. Based on behavioral reconstruction and simulation of the KA-SAT incident, SAT-DEF effectively reproduces attacker behavior and assesses its impact. The framework shows clear strengths in cross-layer integration, lifecycle coverage, and dynamic adaptability, providing an extensible foundation for proactive threat awareness, behavior analysis, and defense decisions in satellite Internet.
第一作者：唐明圣
论文类型：期刊论文
卷号：56
期号：3
页面范围：668-683
是否译文：否
发表时间：2026-02-28
收录刊物：EI