Cybersecurity of High-Altitude Platform Stations: Threat Taxonomy, Attacks and Defenses with Standards Mapping - DDoS Attack Use Case

TL;DR

This paper provides a comprehensive threat taxonomy and defense strategies for HAPS, including a simulation case study on DDoS impacts, aiming to guide secure real-world deployment.

Contribution

It introduces a structured cybersecurity framework for HAPS, including threat taxonomy, defense mechanisms, and a simulation-based analysis of DDoS impacts, aligned with standards.

Findings

DDoS significantly affects HAPS service availability

Encryption and beam-steering mitigate attack impacts

Regulatory considerations are crucial for deployment

Abstract

High-Altitude Platform Stations (HAPS) are emerging stratospheric nodes within non-terrestrial networks. We provide a structured overview of HAPS subsystems and principal communication links, map cybersecurity and privacy exposure across communication, control, and power subsystems, and propose a stratosphere-aware threat taxonomy. We then discuss defenses feasible under HAPS constraints including encryption and authentication, frequency agility, directional and beam-steered antennas, intrusion detection, secure boot, and software and supply-chain assurance-while highlighting how they align with emerging regulatory and standards guidance. Finally, we report a simulation-based case study using OMNeT++/INET to characterize distributed-denial-of-service (DDoS) impact on service and control-plane availability, and summarize regulatory and standardization considerations relevant to deployment. We conclude with concrete future research directions. The study is simulation-grounded and intended to inform engineering trade-offs for real-world HAPS deployments rather than serve as an on-air validation.