Emerging satellite Internet constellations such as SpaceX's Starlink will deploy thousands of broadband satellites and construct Low-Earth Orbit(LEO) satellite networks(LSNs) in space, significantly expanding the boundaries of today's terrestrial Internet. However, due to the unique global LEO dynamics, satellite routers will inevitably pass through uncontrolled areas, suffering from security threats. It should be important for satellite network operators(SNOs) to enable verifiable risk-avoidance routing to identify path anomalies. In this paper, we present STARVERI, a novel network path verification framework tailored for emerging LSNs. STARVERI addresses the limitations of existing crypto-based and delay-based verification approaches and accomplishes efficient and accurate path verification by: (i) adopting a dynamic relay selection mechanism deployed in SNO's operation center to judiciously select verifiable relays for each communication pair over LSNs; and (ii) incorporating a lightweight path verification algorithm to dynamically verify each segment path split by distributed relays. We build an LSN simulator based on real constellation information and the results demonstrate that STARVERI can significantly improve the path verification accuracy and achieve lower router overhead compared with existing approaches.

翻译：新兴的卫星互联网星座，如SpaceX的星链计划，将部署数千颗宽带卫星并在太空中构建低地球轨道卫星网络，从而显著扩展当前地面互联网的边界。然而，由于全球性低轨动态环境的独特性，卫星路由器将不可避免地穿越不可控区域，面临安全威胁。对于卫星网络运营商而言，实现可验证的规避风险路由以识别路径异常至关重要。本文提出STARVERI，一种专为新兴低轨卫星网络设计的新型网络路径验证框架。STARVERI通过以下方式克服了现有基于密码学和基于延迟的验证方法的局限，实现了高效准确的路径验证：（i）在卫星网络运营商的运营中心部署动态中继选择机制，为每个通信对在低轨卫星网络中审慎选择可验证的中继节点；（ii）采用轻量级路径验证算法，动态验证由分布式中继分割的每段路径。我们基于真实星座信息构建了低轨卫星网络仿真器，结果表明，与现有方法相比，STARVERI能显著提升路径验证准确率，并实现更低的路由器开销。