Abstract
The existing satellite-terrestrial integrated networks (STINs) suffer from security and privacy concerns due to the limited resources, poor attack resistance and high privacy requirements of satellite networks. Network Intrusion Detection System (NIDS) is intended to provide a high level of protection for modern network environments, but how to implement distributed NIDS on STINs has not been widely discussed. At the same time, satellite networks have always lacked real and effective security data sets as references. To solve these problems, we propose a distributed NIDS using Federal Learning (FL) in STIN to properly allocate resources in each domain to analyze and block malicious traffic, especially distributed denial-of-service (DDoS) attacks. Specifically, we first design a typical STIN topology, on the basis of which we collect and design security data sets adapted to satellite and terrestrial networks in STIN, respectively. To address the problem of poor attack resistance of satellite networks, we propose a satellite network topology optimization algorithm to reduce the difficulty in tracing malicious packets due to frequent link switching. In order to solve the problem of limited resources and high privacy requirements of satellite networks, we propose an algorithm for FL adaptation to STIN, and build a distributed NIDS using FL in STIN. Finally, we deploy the designed distributed NIDS in a prototype system and evaluate our proposed distributed NIDS with a large number of simulations of randomly generated malicious traffic. Related results demonstrate that the performance of our approach is better than traditional deep learning and intrusion detection methods in terms of malicious traffic recognition rate, packet loss rate, and CPU utilization.
Highlights
A S an important supplement to the wireless network, satellite-terrestrial integrated network (STIN) offers large-capacity information transmission service to space access network and terrestrial network in a recent decade [1]
We provide evaluation analysis to validate the functionality of the prototype and the feasibility of the distributed Network Intrusion Detection Systems (NIDS) using Federal Learning (FL)
RELATED WORK In this paper, we focus on designing security data sets and deploying the distributed NIDS using FL in STINs
Summary
A S an important supplement to the wireless network, satellite-terrestrial integrated network (STIN) offers large-capacity information transmission service to space access network and terrestrial network in a recent decade [1]. The effectiveness of NIDS is evaluated based on their performance to identify attacks which requires a comprehensive data set that contains normal and abnormal behaviors, such as NSLKDD [11] and UNSW-NB15 [12] These data sets and NIDSs are generally used for terrestrial networks and are difficult to apply to satellite communications because of the following characteristics of STIN. We propose a FL adapted STIN algorithm to combine the horizontal FL method with a NIDS in STINs. we propose a satellite network topology optimization algorithm and implement it with the FL-based NIDS in a large and real Linux-based prototype, which contains nearly 40 nodes and many different types of emulated attacks.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
