Ensuring the secure and reliable operation of optical networks is crucial for various societal functions. However, optical network infrastructures are susceptible to unauthorized interception, posing a significant security risk at the physical layer. This necessitates the development of effective detection and localization methods of eavesdropping events. To address this challenge, we present a clustering-based method and a comprehensive eavesdropping diagnosis framework tailored for wavelength division multiplexing (WDM) systems. The framework is designed to handle diverse eavesdropping scenarios, including dynamic detection, classification, and localization of eavesdropping events. To mitigate the data dependency issue while detecting and localizing eavesdropping events, we propose a clustering algorithm utilizing basic optical performance monitoring (OPM) data, thus eliminating the need for sophisticated measurement equipment. A coarse localization requires only the OPM data from the receiver, while a finer localization requires the power monitoring data at all nodes as the input. The feasibility of the proposed scheme is validated using simulation-generated data, in which single and multiple eavesdropping can be detected and localized with a 100% label matching rate. Single-point eavesdropping detection and localization are experimentally validated with data collected from a fiber transmission system comprising three spans of 40 km each. Coarse localization with a 99.79% label matching rate and fine localization with 100% accuracy is achieved. As expected, experimental data shows a less concentrated distribution than the simulated data, which leads to inferior clustering results.
Read full abstract