HoneySat：一种基于网络的卫星蜜罐框架 (HoneySat: A Network-based Satellite Honeypot Framework)

from arxiv, Efrén López-Morales and Ulysse Planta contributed equally to this work. This paper was accepted to appear at the Network and Distributed System Security (NDSS) Symposium 2026 on December 1st, 2025

Satellites are the backbone of several mission-critical services that enable our modern society to function, for example, GPS. For years, satellites were assumed to be secure because of their indecipherable architectures and the reliance on security by obscurity. However, technological advancements have made these assumptions obsolete, paving the way for potential attacks, and sparking interest in satellite security. Unfortunately, to this day, there is no efficient way to collect data on adversarial techniques for satellites, hurting the generation of security intelligence that can lead to the development of effective countermeasures. In this paper, we present HoneySat, the first high-interaction satellite honeypot framework, fully capable of convincingly simulating a real-world CubeSat, a type of Small Satellite (SmallSat). To provide evidence of HoneySat's effectiveness, we surveyed experienced SmallSat operators in charge of in-orbit satellites and deployed HoneySat over the Internet to entice adversaries. Our results show that 90% of satellite operators agreed that HoneySat provides a realistic and engaging simulation of a SmallSat mission. Additionally, HoneySat successfully deceived human adversaries in the wild and collected 22 real-world satellite-specific adversarial interactions. Finally, in a major demonstration of HoneySat's robustness, we collaborated with an aerospace company to perform a hardware-in-the-loop operation that resulted in HoneySat successfully communicating with an in-orbit, operational SmallSat mission.

翻译：卫星是支撑现代社会运转的若干关键任务服务的支柱，例如全球定位系统（GPS）。多年来，由于卫星架构的难以解析性以及对“隐蔽即安全”策略的依赖，人们一直假定卫星是安全的。然而，技术进步已使这些假设过时，为潜在攻击铺平了道路，并激发了人们对卫星安全的研究兴趣。遗憾的是，迄今为止，仍缺乏有效手段来收集针对卫星的对抗性技术数据，这阻碍了能够促成有效防御措施的安全情报的生成。本文提出了HoneySat，这是首个高交互卫星蜜罐框架，完全能够逼真地模拟现实世界中的立方星（CubeSat）——一种小型卫星（SmallSat）。为证明HoneySat的有效性，我们对负责在轨卫星的经验丰富的小型卫星操作员进行了调研，并将HoneySat部署在互联网上以吸引攻击者。我们的结果表明，90%的卫星操作员认为HoneySat提供了真实且引人入胜的小型卫星任务模拟。此外，HoneySat成功欺骗了真实环境中的攻击者，并收集了22次真实世界的卫星专用对抗性交互记录。最后，作为HoneySat鲁棒性的一次重要展示，我们与一家航空航天公司合作，执行了一次硬件在环操作，使HoneySat成功与一个在轨运行的小型卫星任务实现了通信。