Cybersecurity of space systems is an emerging topic, but there is no single dataset that documents cyber attacks against space systems that have occurred in the past. These incidents are often scattered in media reports while missing many details, which we dub the missing-data problem. Nevertheless, even "low-quality" datasets containing such reports would be extremely valuable because of the dearth of space cybersecurity data and the sensitivity of space systems which are often restricted from disclosure by governments. This prompts a research question: How can we characterize real-world cyber attacks against space systems? In this paper, we address the problem by proposing a framework, including metrics, while also addressing the missing-data problem, by "extrapolating" the missing data in a principled fashion. To show the usefulness of the framework, we extract data for 72 cyber attacks against space systems and show how to extrapolate this "low-quality" dataset to derive 4,076 attack technique kill chains. Our findings include: cyber attacks against space systems are getting increasingly sophisticated; and, successful protection against on-path and social engineering attacks could have prevented 80% of the attacks.

翻译：太空系统的网络安全是一个新兴课题，但目前尚不存在系统性记录过去针对太空系统网络攻击的单一数据集。这些事件往往散见于媒体报道中，且大量细节缺失，我们将此称为"数据缺失问题"。然而，由于太空网络安全数据的匮乏以及太空系统的高度敏感性（通常受政府保密限制），即便包含此类报道的"低质量"数据集也极具价值。这引出一个研究问题：我们如何刻画针对太空系统的真实网络攻击特征？在本文中，我们通过提出一个包含度量指标的框架来解决该问题，同时采用有原则的方式"外推"缺失数据，以应对数据缺失问题。为展示该框架的有效性，我们提取了72起针对太空系统的网络攻击数据，并演示如何通过外推这一"低质量"数据集，推导出4,076条攻击技术杀伤链。研究结论包括：针对太空系统的网络攻击正日益复杂化；而成功防御路径攻击和社会工程攻击可阻止80%的攻击事件。