Efrén López-Morales (New Mexico State University), Ulysse Planta (CISPA Helmholtz Center for Information Security), Gabriele Marra (CISPA Helmholtz Center for Information Security), Carlos Gonzalez-Cortes (Universidad de Santiago de Chile and German Aerospace Center (DLR)), Jacob Hopkins (Texas A&M University - Corpus Christi), Majid Garoosi (CISPA Helmholtz Center for Information Security), Elías Obreque (Universidad de Chile), Carlos Rubio-Medrano (Texas A&M University - Corpus Christi), Ali Abbasi (CISPA Helmholtz Center for Information Security)
Satellites are the backbone of mission-critical services that enable our modern society to function, for example, GPS. For years, satellites were assumed to be secure because of their indecipherable architectures and the reliance on security by obscurity. However, technological advancements have made these assumptions obsolete, paving the way for potential attacks. Unfortunately, there is no way to collect data on satellite adversarial techniques, hindering the generation of intelligence that leads to the development of countermeasures.
In this paper, we present HoneySat, the first high-interaction satellite honeypot framework, capable of convincingly simulating a real-world CubeSat, a type of Small Satellite (SmallSat). To provide evidence of HoneySat's effectiveness, we surveyed SmallSat operators and deployed HoneySat over the Internet.
Our results show that 90% of satellite operators agreed that HoneySat provides a realistic simulation. Additionally, HoneySat successfully deceived adversaries in the wild and collected 22 real-world adversarial interactions. Finally, we performed a hardware-in-the-loop operation where HoneySat successfully communicated with an in-orbit, operational SmallSat mission.