hank rausch jamming paper
TRANSCRIPT
-
8/18/2019 Hank Rausch Jamming Paper
1/8
Jamming Commercial Satellite Communications During Wartime:
An Empirical Study
Hank RauschCACI, Inc
Abstract
Satellite Communications parameters—Carrier to Noise
Ratio, Bandwidth, Power, and Frequency—wererecorded for approximately 500 satellite communication
carriers continuously, over a period of 16 months.
These carriers support communications for militaryoperations in the current Iraq war. Communications
outages during this period were logged and the reason
for outage was determined. Some outages caused by
electromagnetic interference are shown to havecharacteristics that would be expected if these carriers
were being subjected to a hostile denial of service
attack. Keywords: commercial satellitecommunications, jamming, denial of service attack,
hostile interference.
1. Overview
Commercial satellite communications play anincreasingly vital role in military operations. During
Operation Desert Shield/Desert Storm (1990-91),
military use of satellite communications was 1 Mbps per
5000 combatants. By Operation Iraqi Freedom (2003),this ratio had increased to over 51 Mbps per 5000
soldiers [1]. Other sources put the figure at 3,200
Mbps for 132,000 combatants in Iraq today, for a ratio
of 121 Mbps per 5000 combatants [2]. Simply put, itwould be impossible to conduct modern warfare as it is
done today without commercial satellite
communications. This stems from two unrelated trends:(1) The evolution of command and control mechanisms
to ever smaller units of action, creating exponential
growth in the numbers of communications links
required to sustain operations; and (2) inadequate procurement of military satellite communications,
which failed to keep up with the burgeoning demand.
These two factors explain why today, 84% of satellitecommunications supporting operations in Operation
Iraqi Freedom is provided by commercial satcomm [3].
This reliance on commercial satellites—leasedtransponders from Intelsat and Eutelsat, for example—
brings with it an attendant vulnerability. These satellites
are not hardened to protect against maliciousinterference, or jamming. The potential exists that vital
military communications could be severed or reduced at
a critical time, due to unauthorized transmission to thesatellite by an adversary. Recent authors have
highlighted this vulnerability, specifically as it relates to
the military’s use of commercial satellites [4]. TheCongressional Research Service makes this point
explicitly in a recent report to Congress:“…a growing dependence on space
communications may also become a critical
vulnerability for Net-Centric Warfare” [3].The potential for this type of attack is known and
has been acknowledged [5], but up to now empirical
evidence for it has been lacking.This paper presents empirical evidence of all types of
interference, including that by suspected hostile
adversaries, observed during ongoing operations inOperation Iraqi Freedom (OIF). As a contractual clause
in the provision of leased satellite bandwidth to the U.S.
military, it was required to monitor and record the
spectral shape, power level, and carrier to noise ratio ona continuous basis for all commercial transponders
leased to the military. This data was collected from
July, 2004 to November, 2005 and all instances ofdegraded communications catalogued and analyzed.
The evidence suggests that unauthorized interferenceis a small but significant subset of all types of satellite
communications problems experienced. Within this
subset, the cause of the majority of interference events
Proceedings of the Fourth IEEE International Workshop on Information Assurance (IWIA’06)
0-7695-2564-4/06 $20.00 © 2006 IEEE
-
8/18/2019 Hank Rausch Jamming Paper
2/8
was eventually found and determined to be non-hostile.However, in a subset of these interference events the
cause could not be determined. Furthermore, these
events all had similar “attack profiles,” and in all cases
they disrupted military communications, forcing units torelocate their communications to another satellite,
another transponder, or a different part of the sametransponder. It is reasonable to deduce that at leastsome of these events were in fact hostile
communications denial of service attacks. This paper
presents an analysis of these attacks, and concludes with
a consideration of ways to mitigate this type of attack.
2. Background
Commercial geosynchronous communicationsatellites are susceptible to a denial of service attack by
hostile electromagnetic interference. This interference
can be present at the local receiver (downlink jamming),or directed at the satellite and mixed with or overriding
the valid carrier (uplink jamming). Downlink jamming
is relatively easily detected and dealt with, using
traditional direction finding and triangulationtechniques. Uplink jamming, on the other hand, is both
easy to conduct and harder to prosecute.The vulnerability of commercial satellites to uplink
jamming lies in the nature of their construction and
operation: A transponder on the satellite accepts
microwave energy within a specified range andretransmits it at the downlink frequency. No special
processing or filtering is done; the transponder acts as a
simple repeater. Consequently, if a foreign signal of the
appropriate carrier frequency is introduced, it is
retransmitted along with any legitimate signals that are present on the transponder. If the foreign signal is of
sufficient carrier to noise ratio, a receiver attempting todetect and demodulate the legitimate carrier will be
unable to do so, as the two signals are mixed. The
foreign signal also raises the noise floor of thattransponder, which in turn reduces the carrier to noise
ratio of all legitimate carriers. Since most small aperture
satellite receive sites are (in general) receive powerlimited, this foreign signal may degrade or sever all
communications on the transponder, even in cases
where it does not directly mask the legitimate carrier.This effect is intensified by the tremendous encoding
gain employed in current commercial satellitecommunication modulation protocols. The effect ofcurrent encoding techniques is that a small decrease in
carrier to noise ratio—in some cases only 1-2 dB,
results in complete cessation of effectivecommunications, from what was once an essentially
error-free channel. Finally, an additional artifact of
commercial satellite communications is that since theyare geostationary, they are easily targeted with
rudimentary equipment. No tracking equipment is
needed; it is only necessary to transmit on thedesignated carrier frequency with a continuous wave
(unmodulated) signal at the elevation and azimuth for
the target satellite.The power required to degrade or sever
communications depends on the carrier to noise ratio of
the signal being targeted. Broadcast communications
carrier signals generally have carrier to noise ratios of20 dB or more. Consequently, degradation of these
carriers would require transmit equipment of a like
nature—antennas of large aperture—9m or more—and
power amplifiers rated in the thousands of watts.Indeed, all documented cases of interference with a
commercial broadcast have involved anothercommercial broadcast site. In a series of attacks
between 23 and 30 June, 2002 the outlawed cult Falun
Gong successfully broadcast over 10 channels being
aired by Chinese TV on Sinsoat-1. They did this fromTaiwan, using a commercial broadcast site [6].
In 1986 a disgruntled satellite dish vendor and part-time teleport operator, John MacDougal, broadcast over
HBO’s satellite service on Galaxy 1 for about 4
minutes, dubbing himself “Captain Midnight”. He used
the 30 foot dish at Florida’s Central Teleport, where heworked part-time, to do this [7].
During the period July 6 to July 14, 2003, Voice of
America broadcasts to Iran were suspected of being jammed by Cuban authorities [8].
So in general, disruption of a high power broadcastservice requires like equipment. This is not the case for
full duplex point to point communications using so-called Very Small Aperture Satellite Terminals(VSATs). These terminals typically use antennas
varying in size from about 1 meter to several, usually a
maximum of 4 meters. Because they are easy to set upand tear down, they are used for the majority of ad-hoc,
semi-permanent communications needed by U.S. Forces
in land operations. These terminals are almost alwaysreceive-power limited. Typical carrier to noise ratios are
in the range of 6 to 10 dB above the noise floor,
depending on weather conditions. Typical transmit
power is a few watts. Depending on the bandwidth ofthe targeted signal, an interfering signal only needs to be
(approximately) one-half powerful as the target signal tocompletely disrupt communications. Recall that due to
advanced coding techniques, the effect of decreasingsignal to noise ratio beyond a certain threshold is
effectively complete cutoff. This can be done with a
comparable VSAT with comparable power supply asthe victim terminal.
Proceedings of the Fourth IEEE International Workshop on Information Assurance (IWIA’06)
0-7695-2564-4/06 $20.00 © 2006
IEEE
-
8/18/2019 Hank Rausch Jamming Paper
3/8
The extent to which VSAT terminals are vulnerable
to this type of interference is shown by the large number
of instances of unintentional self jamming that occur in
military use of commercial satellite bandwidth.Commercial satellites all use polarization separation to
maximize the use of available carrier bandwidth.
Typically, communications are carried outsimultaneously on identical carrier frequencies, on both
the horizontal and vertical polarizations. A vital step in
setting up a terminal for allowed transmission is to zero
out the “cross polarization” component of one’sterminal, by rotating the transmit feed horn. Failure to
do this properly results in excessive power on the other pole, presumably being used by other customers.
Military satellites, in general, do not use polarization
separation, and consequently many military terminaloperators are unaware or unappreciative of the
significance of minimizing cross polarization. In
military use of commercial satellites, it is commonplaceto have to respond and attend to several cases a week
where a terminal is inadvertently cross-polarized. Inshort, the user terminals act as jammers themselves,
operating at their normal transmit frequencies and powers. This illustrates how easy it would be to do so
on purpose.Uplink jamming is made an even more significant
threat by the fact that a threat jammer can be anywhere
in the uplink footprint of the transponder, potentiallythousands of square miles. This threat can be made even
more difficult to eliminate because the jammer can be
mobile, or operate only on a limited duty cycle, or both.Geolocation of the threat jammer while he is on the air
is made difficult due to the directional nature of the
uplink transmission—it does not broadcast out in a wide pattern, as would a downlink jammer. Rather, it
concentrates its energy in a focused beam, making it
very hard to triangulate.Susceptibility to this sort of information warfare has
been understood in the abstract for some time.However, to date there has been little documentation of
actual attacks using these techniques. It is proposed
here that one reason for this lack of documentation is
that it is difficult to isolate bona fide interference attacksfrom other forms of communication degradation in
general, and specifically from other forms of
interference. Contributing to this difficulty is the fact
that commercial satellite providers do not monitor alltheir transponders all the time, and that even when they
do they almost never record and archive transponder or
carrier characteristics. Consequently forensic analysisof past suspected attacks has been impossible.
Fortunately, it is now possible to analyze at least asubset of the commercial satellite bandwidth used for
military communications, and to make an assessment of
the relative threat of hostile interference, or uplink
jamming. This is so because for a significant portion of
commercial bandwidth provided during the current Iraq
War, a contractual clause stipulated that these
communications be monitored and the RF parametersrecorded continuously. This dataset provides us with an
opportunity to investigate and determine whether
instances of jamming occurred. The evidence is only
circumstantial, in that it is not possible, in the absenceof information about the transmitter in these instances,
to definitely say that jamming was occurring. However,
we can certainly determine that communications wereimpacted, and that the nature of interference conformed
to how an attacker would be expected to behave.What follows is an analysis of all instances of
communications degradation that occurred during the
period July 2004 to October, 2005. This set of events iscategorized according to source, leaving a subset caused
by interference. This subset of interference events is
further classified according to origin. A subset ofunknown interference events, all of which severely
degraded communications, is then analyzed for theirsimilarity to what would be expected to be a traditionalattack profile.
3. Data Gathering
Leased commercial satellite transponders were
monitored as part of a contractual requirement in the provision of commercial satellite services to the U.S.
military. This was done by a worldwide network of
teleports with receive antennas located in the downlinkfootprint of the leased transponder. A spectrum
analyzer was connected to the Low Noise Block
Downconverter (LNB) or Low Noise Amplifier (LNA)of each antenna. The signal was digitized, and each
carrier attribute—power level, carrier to noise ratio,
occupied bandwidth, and center frequency—wasrecorded. These values were compared to expected
values, and an alarm created at a central monitoring site
when measured values differed significantly. Inaddition, alarms were also generated if an unexpected
carrier appeared. In most cases these alarms were due
to an authorized site transmitting without priorcoordination with the satellite provider, but in a subset
of these cases the source of the unauthorized carrier was
unknown. In these instances, detailed spectral plots of
the interference were taken and all efforts were made todetermine the source, and to restore communications.
A screen capture of a monitored carrier, with parameters
monitored, is shown in Figure 1.
Proceedings of the Fourth IEEE International Workshop on Information Assurance (IWIA’06)
0-7695-2564-4/06 $20.00 © 2006
IEEE
-
8/18/2019 Hank Rausch Jamming Paper
4/8
Figure 1: Monitored carrier with parametersshown
The scale of these monitoring operations is quitelarge, involving (to date): 16 worldwide teleport sites,some 46 separate monitor antennas, over 100 discrete
transponders, and over 500 individual carriers. The
volume of data collected is therefore huge, consisting ofover 7M discrete parameters recorded since monitoring
operations began in April 2003. This information is
stored in a database, along with records of each alarmand actions taken to correct the alarm. It is this body of
data that is the source for this study. The study focuses
on a subset of this data collected from July, 2004 to November, 2005, when detailed records of
troubleshooting efforts were retained.
4. Results
To understand the scope of the problem ofunauthorized communications interference, and
specifically potentially hostile attacks, it is useful to
categorize first all alarms, then the subset of thesealarms caused by unauthorized interference, and then
the subset of these events for which the source is
unknown and deemed potentially hostile.Figure 2 shows the average number of carriers
monitored per month. It can be seen that the number of
carriers monitored increases each month, which itself is
further evidence of the increasing reliance of militaryoperations on commercial satellites. The vast majority
of these carriers provided communications in support ofOperation Iraqi Freedom (>80%), but also included here
are communications supporting operation in other
theaters. These carriers were generally several Mbps in bandwidth and constituted one-half of a full duplex
point to point communications link, but range from a
few tens of kHz to 27 Mbps. Modulation also varies,with the vast majority being Single Channel per Carrier
(SCPC) with QPSK modulation, but some broadcast
carriers are included and the data also contains a few
multiple access networks using Time Division MultipleAccess (TDMA). A very few carriers also used spread
spectrum modulation techniques.
0
50
100
150
200
250
300
350
400
450
500
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Figure 2: Average Number of CarriersMonitored per Month (7/04-10/05)
Figure 3 shows the number of alarms created by the
monitoring system during this time period. In fact, thenumber of actual alarms is much higher, this chart
represents the number of trouble tickets opened. To
reduce operator workload, trouble tickets are createdonly when a carrier exceeded nominal parameters for a
set amount of queries (usually within a six minute
period). This chart shows that satellite communicationsare subject to many types of problems, most of which
are transitory and correct themselves quickly.
0
500
1000
1500
2000
2500
3000
3500
1 2 3 4 5 6 7 8 9 1 0 11 12 13 14 15 16
Figure 3: Alarms per month for monitoredcarriers
Figure 4 shows the subset of the alarms indicated inFigure 3 that were actual problems that were tracked
over a period of time to resolution, in the same time
period (7/04-10/05). It can be seen that the number of problems tracked to resolution is much smaller—on the
order of 50 times less—than the number of alarms
generated by those carriers. The reason for this is thatmany alarm conditions are transitory and correct
themselves before troubleshooting efforts are required.
It is possible that the alarms shown in figure 3 containsome hostile interference events, but because the effects
Proceedings of the Fourth IEEE International Workshop on Information Assurance (IWIA’06)
0-7695-2564-4/06 $20.00 © 2006
IEEE
-
8/18/2019 Hank Rausch Jamming Paper
5/8
were so brief, further troubleshooting was not done. So
figure 4 provides the best picture of events that
terminate or degrade satellite communications long
enough to be a real problem.
0
10
20
30
40
50
60
70
1 3 5 7 9 1 1
1 3
1 5
Figure 4: Satellite communications problemsper Month
Not all of these events are unauthorized interference,in fact, these events are a minority. This can be seen infigure 5. Figure 5 is a breakdown of all problems
identified in figure 3 according to cause. Causes are
categorized as follows: End of Mission (EOM)*
(13.2%), Hardware Related (HW) (23.0%),Maintenance (M) (15.7%)**, Power (P) (16.9%),
Weather (Wx) (14.5%), Interference (I) (9.8%) and
Unknown (U) (6.9%).
*End of Mission refers to the condition where a carrier
has gone off the air apparently for no cause, and it wassubsequently determined that the transmit station
intended to do so but did not notify the satellite provider
beforehand, and troubleshooting efforts were initiated.
**Maintenance refers only to those cases where a
station went off the air for maintenance withoutnotifying the satellite provider. Scheduled maintenance
with prior notification did not trigger an alarm.
eom
hw
int
main
pwr
unk
wx
Figure 5: Classification of satellitecommunication problems according to cause
In summary, only 9.8% of satellite communications
problems for the monitored carriers were due to
unauthorized interference. This represents a total of 50
separate cases over the monitoring period. In themajority of these cases, it was possible to determine a
cause for the interference.
In the subset of 50 cases of interference where
communications is terminated or degraded, it was
possible to determine the cause for 29 cases. Theresults of this classification are shown in Figure 6. In
12 cases the cause of the interference was a terminal
that was authorized to transmit to the satellite but had animproper polarization setting and therefore was bleeding
energy into the opposite pole (Cross-polarization, or
Xpol.) Fortunately, it is easy to spot the offender sincea cross polarized terminal will have some (usually the
bulk) of its energy on the correct pole, so identification
of the interference source is not an issue. This is not thecase with the other sources of interference. In 3 of the
cases the source was adjacent satellite interference,where carriers on the adjacent satellite bleed onto oneanother. Terminal operators inadvertently transmitting
on the wrong frequency or pole caused 5 cases,
oftentimes because they did not receive the currentlineup (Lineup problems). Some type of self-
interference caused 5 other cases, where a lineup or
equipment problem at the operators own terminal
generated RF energy that interfered with his receivesignal. 3 cases were caused by known events that are
not captured by the above classification.
ASI
Lineup
Other
Self
Unk
Xpol
Figure 6: Classification of interference eventsaccording to origin
This leaves 21 cases during the monitoring periodwhere the interference degraded or terminated military
communications and for which the cause was unknown.A breakdown of these events according to geographic
region is shown in figure 7. Certain common attributes
of these cases makes one infer that it is possible that ahostile operator intentionally caused the interference.
For starters, 15 of the 21 documented cases interfered
Proceedings of the Fourth IEEE International Workshop on Information Assurance (IWIA’06)
0-7695-2564-4/06 $20.00 © 2006
IEEE
-
8/18/2019 Hank Rausch Jamming Paper
6/8
with reception by a terminal in Southwest Asia.
Secondly, in almost half (9 of 21), the cause was
documented as a continuous wave (CW) carrier, i.e. an
unmodulated one. This is significant as in general thereis little reason to ever intentionally transmit a CW
carrier, in fact satellite operators frown on allowing its
use. The reason is that a narrowband CW carrier canhave a much higher carrier/noise ratio than a modulated
one, and thus can easily raise the noise floor of an
authorized carrier to the point that authorized
communications are terminated. In effect, it is the perfect jammer. During normal operation the only time
a satellite operator will allow a CW carrier to betransmitted is during initial lineup of the terminal.
0
2
4
6
8
10
12
14
16
SWA Eur ope CONUS PAC
Total Unk Interf er ence
Sweeping Carr ier s
CW carr iers
Figure 7: Classification of unknown origininterference events according to geographic
region and characteristics
Furthermore and most damningly, in 5 of the 21
cases, the unauthorized carrier varied its center
frequency within a set band—a “sweeper”.Significantly, every single one of these events occurredto carriers where the receive terminal was in Southwest
Asia. The behavior of a sweeping CW carrier can be
seen in figure 8. This is an actual screen capture of asweeper in action. The lighter trace is the “maximum
hold” trace of the spectrum analyzer, showing a
historical record of the highest amplitude recorded bythe spectrum analyzer in that frequency. The darker
trace shows the current (real time) trace. A narrowband,
high C/N CW carrier can be seen at approximately 11.1
kHz, and the max hold trace shows that in the past, ithas swept out approximately the upper 15 Megahertz of
the transponder. Users attempting to receive a signal onthis part of the transponder would experienceintermittent outages when the sweeper transmitted on
the same frequency. This is indicative of potential
jammer behavior. For a given amount of power
available at the transmit antenna, it is more effective toconcentrate that power in a high C/N unmodulated
carrier than spread it across a wider spectrum.
Figures 9a through 9c show the temporal behavior of
another sweeping carrier.
Figure 8: Example of a sweeping interferingcarrier
Figure 9a: Example sequence of a narrowbandsweeping carrier t=0
Figure 9b: Example Sequence of NarrowbandSweeper, t= +25 minutes
Proceedings of the Fourth IEEE International Workshop on Information Assurance (IWIA’06)
0-7695-2564-4/06 $20.00 © 2006
IEEE
-
8/18/2019 Hank Rausch Jamming Paper
7/8
Figure 9c: Example Sequence of a NarrowbandSweeper, t=+57 minutes
The ticketing system that recorded these events givesa rough estimate of the duration of impact of these 21unknown interference events. Duration of tickets ranges
from 0.1 hours to two extremely long tickets (2446 and
2043 hours). Throwing out these two instances—thetickets were probably kept open past the time the event
cleared—reveals an average event duration of 85 hours.
In some cases, the sweeper or unauthorized carrierwould stop transmitting and then retransmit again. In
one case, a sweeper’s behavior was quite regular,
always starting at the same time each morning,transmitting along a swept frequency for about an hour,
and then ceasing until the next day.
This behavior: Unmodulated, high C/N signal,sweeping out a section of a transponder, and
intermittent operations, are all consistent with the pattern that would be expected if an adversary were
attempting to disrupt communications. Combined with
the fact that the vast majority of these cases occurred to
communication supporting military operations inSouthwest Asia, it is reasonable to deduce that at least
some of them were due to hostile interference. This
supports the central thesis of this paper, that militarycommunications across commercial satellites are subject
to hostile interference that is relatively easy to execute
and difficult to troubleshoot. The next section will
address ways to defend against this type of attack.
5. Conclusions
The following mitigations are recommended by this
study:
5.1 Monitoring
An active monitoring program for military
communications over commercial satellites is virtually a
necessity. The logged data available for this study wasonly available due to a specific contractual requirement
to monitor and archive leased bandwidth. Commercialsatellite operators do not archive their transponder dataand in many cases do not monitor it continuously at all.
Without a monitoring program, the root cause of many
of the problems highlighted in this study would have been unknown.
Given the difficulties in maintaining satellite
communications highlighted in this study, even withoutthe prospect of hostile interference, it should be clear
that continuous space segment monitoring of
commercial satellite communications is a necessity.
5. 2 Operations Security
The 500+ currently monitored carriers represent afraction of the total number of carriers on commercial
satellites. Even if the range of potential target carriers is
limited to those commercial satellites with the correct
longitude to support communications in a given theater,the choice of potential satellites may be in the dozens
and the number of transponders up to the 100+ range.
The data from this study suggests that an adversary can
disrupt communications on only a portion of atransponder at time. Given the range of potential
transponders to choose from, how does he/she knowwhich one to jam? This highlights the absolute
necessity of keeping the transmission plan that
documents communication parameters secure. By theirnature, it is impossible to keep some characteristics of
these carriers secret—in fact the carriers themselves are
in the public domain, inasmuch as they are transmittedin a common medium open to reception by anyone.
However, the communications that these carriers
support, and specifically the military units and locationssupported, must be kept secure. This necessitates a
decoupling or firewall between carrier characteristics
needed for the satellite operator and operational
information that would give an advantage to anadversary.
5.3 Demodulation
It has been shown that the origin of the majority of
interference events (approximately 60%) wereultimately known, and attributed to “inadvertent
jammers”—non hostile players that, out of material
failure or operator error, accidentally interfered withmilitary communications. However, determining which
Proceedings of the Fourth IEEE International Workshop on Information Assurance (IWIA’06)
0-7695-2564-4/06 $20.00 © 2006
IEEE
-
8/18/2019 Hank Rausch Jamming Paper
8/8
interferers are benign and which are potentially hostile
is a time consuming process. The ability to determine
the modulation type and symbol rate of interfering
carriers would significantly aid this process. Forexample, in some cases an operator becomes “out of
sync” with authorized communications plans and
transmits a previously authorized carrier on anunauthorized part of a transponder. His carrier
characteristics—modulation and encoding type, and
symbol rate—are known. The ability to determine that
an interferer has, for example, an 8PSK modulationtype with a symbol rate of 1230 ksps, would greatly aid
the process of determining the source. TDMA carrierscan easily be mistaken for hostile interference, as on a
spectrum analyzer it appears that a narrowband carrier is
sweeping out a section of bandwidth. The ability todemodulate this signal, at least to the point of
determining that it is a modulated carrier and not a CW
—would allow a monitor to concentrate his/her effortson actual hostile interferers. Commercially available
monitoring equipment exists that can perform this typeof carrier characterization. Its use would greatly aid a
monitoring agent in sorting out unintentionalinterference from potentially hostile actions.
6. References
[1] Rayermann, P. Exploiting Commercial SATCOM: A betterway US Army War College 2003
[2] Satellite Industry Overview: Satellites are Critical GlobalInfrastructure. 2005 GSA/FTS Network Services Conference,
15-18 August 2005. Chicago, IL
[3] Wilson, C., “Network Centric Warfare: Background andOversight Issues for Congress”,(2004) Congressional Research Service, June 2
[4] Gansler, J, and Ninnendijk, H. “Information Assurance;
trends in Vulnerabilities, Threats, and Technologies” WorkingPaper published onhttp://www.ndu.edu/ctnsp/IaverMao03.pdf by the NationalDefense University
[5] GAO-02-781:Critical Infrastructure Protection:Commercial Satellite Security should be more fully
addressed.. GAO Report to the Ranking Minority Member,Permanent Subcommittee on Investigations, Committee onGovernment Affairs, U.S. Senate August 2002
[6] Tanner, J. Behind Falun Gong's satellite hack, downloadedfrom http://www.findarticles.com on 10/22/05
[7] The Story of Captain Midnight , downloaded from
http://www.signaltonoise.net/library/captmidn.htm on10/22/05
[8] Johnson, S. “Cuban Jamming Demands A Firm Response”(2003) WebMemo #310 published July 22, 2003 at http://www.heritage.org
Proceedings of the Fourth IEEE International Workshop on Information Assurance (IWIA’06)
0-7695-2564-4/06 $20.00 © 2006
IEEE