Syed Khandker (New York University Abu Dhabi), Krzysztof Jurczok (Amateur Radio Operator), Christina Pöpper (New York University Abu Dhabi)

COSPAS-Sarsat is a global satellite-based search and rescue system that provides distress alert and location information to aid in the rescue of people in distress. However, recent studies show that the system lacks proper security mechanisms, making it vulnerable to various cyberattacks, including beacon spoofing, hacking, frequency jamming, and more. This paper proposes a backward-compatible solution to address these longstanding security concerns by incorporating a message authentication code (MAC) and timestamp. The MAC and timestamp ensure the integrity and authenticity of distress signals, while backward compatibility enables seamless integration with existing beacons. The proposed solution was evaluated in both a laboratory setting and a real-world satellite environment, demonstrating its practicality and effectiveness. Experimental results indicate that our solution can effectively prevent attacks such as spoofing, man-in-the-middle, and replay attacks. This solution represents a significant step toward enhancing the security of COSPAS-Sarsat beacon communication, making it more resilient to cyberattacks, and ensuring the timely and accurate delivery of distress signals to search and rescue authorities.

View More Papers

IdleLeak: Exploiting Idle State Side Effects for Information Leakage

Fabian Rauscher (Graz University of Technology), Andreas Kogler (Graz University of Technology), Jonas Juffinger (Graz University of Technology), Daniel Gruss (Graz University of Technology)

Read More

Stacking up the LLM Risks: Applied Machine Learning Security

Dr. Gary McGraw, Berryville Institute of Machine Learning

Read More

ShapFuzz: Efficient Fuzzing via Shapley-Guided Byte Selection

Kunpeng Zhang (Shenzhen International Graduate School, Tsinghua University), Xiaogang Zhu (Swinburne University of Technology), Xi Xiao (Shenzhen International Graduate School, Tsinghua University), Minhui Xue (CSIRO's Data61), Chao Zhang (Tsinghua University), Sheng Wen (Swinburne University of Technology)

Read More

Exploring Phishing Threats through QR Codes in Naturalistic Settings

Filipo Sharevski (DePaul University), Mattia Mossano, Maxime Fabian Veit, Gunther Schiefer, Melanie Volkamer (Karlsruhe Institute of Technology)

Read More