All Issue

2026 Vol.3, Issue 1 Preview Page
Security assessment of Internet-exposed satellite ground segments via non-intrusive reconnaissance
Hyeongjun Choi1
,
Young Eun Kwon1
,
Ji Won Yoon1*
1School of Cybersecurity, Korea University, Seoul 02841, Republic of Korea
*Corresponding Author
30 June 2026. pp. 43-51
PDF XML Citation
Abstract

The rapid transition of satellite communication networks toward IP-centric architectures has expanded the remotely reachable attack surface of the ground segment. While prior security research has predominantly emphasized physical and link-layer threats, security weaknesses in the logical management plane remain insufficiently characterized at Internet scale. This paper presents a comprehensive, non-intrusive security assessment of Internet-exposed satellite modems using Open Source Intelligence and lightweight verification. We propose four assessment modules targeting legacy management protocols such as SNMP, SSL/TLS certificate metadata, web-based management interfaces, and configuration backup mechanisms. Our evaluation indicates that exposure through legacy management services is often constrained by access controls, whereas user-facing web interfaces and configuration workflows continue to exhibit recurring weaknesses. We show that SSL/TLS certificate metadata observable through Internet measurements can leak organizational and deployment context that supports precision reconnaissance. We also identify patterns of unauthenticated diagnostic access and predictable configuration artifact endpoints that may disclose sensitive operational information and reduce the barrier for follow-on compromise when combined with weak authentication or misconfigured access control. Overall, the results suggest that the dominant risk to satellite ground segments is increasingly driven by application-layer misconfigurations and operational workflow weaknesses rather than simple network-level port exposure, underscoring the need to adopt Secure by Design principles for remote management and configuration lifecycle controls.

Keywords
Satellite communication
Open source intelligence
Vulnerability assessment
Management plane security
References
1

P. Tedeschi, S. Sciancalepore, and R. Di Pietro, Satellite-based communications security: a survey of threats, solutions, and research challenges. Computer Networks. 216, 2022, 109246.

10.1016/j.comnet.2022.109246
2

N. Boschetti, N.G. Gordon, and G. Falco, Space cybersecurity lessons learned from the Viasat cyberattack, Accelerating Space Commerce, Exploration, and New Discovery (ASCEND), 24-26 October, 2022, AIAA 2022-4380.

10.2514/6.2022-4380
3

J. Kua, S.W. Loke, C. Arora, N. Fernando, and C. Ranaweera, Internet of things in space: a review of opportunities and challenges from satellite-aided computing to digitally-enhanced space living. Sensors. 21, 2021, 8117.

10.3390/s2123811734884122PMC8662413
4

J.A. Fraire, S. Céspedes, and N. Accettura, Direct-to-satellite IoT: a survey of the state of the art and future research perspectives: backhauling the IoT through LEO satellites, International Conference on Ad-Hoc Networks and Wireless, 1-3 October, 2019, pp. 241-258.

10.1007/978-3-030-31831-4_17
5

J. Pavur and D. Student, Whispers among the stars, DEF CON 28, 6-9 August, 2020.

6

R. Bisping, J. Willbold, M. Strohmeier, and V. Lenders, Wireless signal injection attacks on VSAT satellite modems, USENIX Security Symposium, 14-16 August, 2024, pp. 6075-6091.

7

G. Oligeri, S. Sciancalepore, and R. Di Pietro, GNSS spoofing detection via opportunistic Iridium signals, ACM Conference on Security and Privacy in Wireless and Mobile Networks, 8-10 July, 2020, pp. 42-52.

10.1145/3395351.3399350
8

R. Santamarta, A wake-up call for satcom security. 2014, Seattle, WA, USA: IOActive.

9

Z. Durumeric, D. Adrian, A. Mirian, M. Bailey, and J. A. Halderman, A search engine backed by internet-wide scanning, ACM Conference on Computer and Communications Security, 12-16 October, 2015, pp. 542-553.

10.1145/2810103.2813703
10

L. Yu, J. Hao, J. Ma, Y. Sun, Y. Zhao, and B. Luo, A comprehensive analysis of security vulnerabilities and attacks in satellite modems, ACM Conference on Computer and Communications Security, 14-18 October, 2024, pp. 3287-3301.

11

G. Maral, M. Bousquet, and Z. Sun, Satellite communications systems: systems, techniques and technology. 2020, Chichester, UK: John Wiley & Sons.

10.1002/9781119673811
12

W. Stallings, SNMP, SNMPv2, SNMPv3, and RMON 1 and 2. 1998, Boston, MA, USA: Addison-Wesley.

10.1109/COMST.1998.5340405
13

T. Chung, Y. Liu, D. Choffnes, D. Levin, B. M. Maggs, A. Mislove, and C. Wilson, Measuring and applying invalid SSL certificates: the silent majority, Internet Measurement Conference, 14-16 November, 2016, pp. 527-541.

10.1145/2987443.2987454
14

J. Willbold, M. Schloegel, M. Vögele, T. Gerhardt, T. Holz, and A. Abbasi, Space odyssey: an experimental software security analysis of satellites, IEEE Symposium on Security and Privacy, 22-24 May, 2023, pp. 1-19.

10.1109/SP46215.2023.10351029
15

F. Casaril and L. Galletta, Securing satcom user segment: a study on cybersecurity challenges in view of IRIS2. Computers & Security. 140, 2024, 103799.

10.1016/j.cose.2024.103799
16

J. Pavur, D. Moser, M. Strohmeier, V. Lenders, and I. Martinovic, A tale of sea and sky on the security of maritime VSAT communications, IEEE Symposium on Security and Privacy, 18-21 May, 2020, pp. 1384-1400.

10.1109/SP40000.2020.00056
17

J. D. Case, M. Fedor, M. L. Schoffstall, and J. Davin, Simple network management protocol (SNMP). 1989, RFC 1157.

10.17487/rfc1098
18

K. McCloghrie and M. Rose, Management information base for network management of TCP/IP-based internets: MIB-II. 1991, RFC 1213.

10.17487/rfc1213
19

R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, and T. Berners-Lee, Hypertext transfer protocol HTTP/1.1. 1999, RFC 2616.

10.17487/rfc2616
Information
  • Publisher :Korean Academy of Space Security
  • Publisher(Ko) :한국우주안보학회
  • Journal Title :JOURNAL OF SPACE SECURITY
  • Journal Title(Ko) :한국우주안보학회지
  • Volume : 3
  • No :1
  • Pages :43-51
  • Received Date : 2026-02-24
  • Revised Date : 2026-05-27
  • Accepted Date : 2026-05-29
  • DOI :https://doi.org/10.23386/joss.2026.3.1.006
Journal Informaiton JOURNAL OF SPACE SECURITY JOURNAL OF SPACE SECURITY
Online Submission
  • KISTI Current Status
  • KISTI Cited-by
  • KCI 문헌 유사도 검사
  • orcid
  • open access
  • ccl
Journal Informaiton Journal Informaiton - close