Next Article in Journal
Attack Surface Score for Software Systems
Previous Article in Journal
A Case Study on Monolith to Microservices Decomposition with Variational Autoencoder-Based Graph Neural Network
 
 
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

A Biologically Inspired Cost-Efficient Zero-Trust Security Approach for Attacker Detection and Classification in Inter-Satellite Communication Networks

by
Sridhar Varadala
and
Hao Xu
*,†
Department of Electrical and Biomedical Engineering, University of Nevada, Reno, NV 89557, USA
*
Author to whom correspondence should be addressed.
These authors contributed equally to this work.
Future Internet 2025, 17(7), 304; https://doi.org/10.3390/fi17070304
Submission received: 11 June 2025 / Revised: 1 July 2025 / Accepted: 10 July 2025 / Published: 13 July 2025
(This article belongs to the Special Issue Joint Design and Integration in Smart IoT Systems, 2nd Edition)

Abstract

In next-generation Low-Earth-Orbit (LEO) satellite networks, securing inter-satellite communication links (ISLs) through strong authentication is essential due to the network’s dynamic and distributed structure. Traditional authentication systems often struggle in these environments, leading to the adoption of Zero-Trust Security (ZTS) models. However, current ZTS protocols typically introduce high computational overhead, especially as the number of satellite nodes grows, which can impact both security and network performance. To overcome these challenges, a new bio-inspired ZTS framework called Manta Ray Foraging Cost-Optimized Zero-Trust Security (MRFCO-ZTS) has been introduced. This approach uses data-driven learning methods to enhance security across satellite communications. It continuously evaluates access requests by applying a cost function that accounts for risk level, likelihood of attack, and computational delay. The Manta Ray Foraging Optimization (MRFO) algorithm is used to minimize this cost, enabling effective classification of nodes as either trusted or malicious based on historical authentication records and real-time behavior. MRFCO-ZTS improves the accuracy of attacker detection while maintaining secure data exchange between authenticated satellites. Its effectiveness has been tested through numerical simulations under different satellite traffic conditions, with performance measured in terms of security accuracy, latency, and operational efficiency.

1. Introduction

As next-generation wireless communication technologies continue to evolve, satellite communication networks are playing an increasingly important role. These networks support a range of critical wireless services, including voice communication, global positioning, and message transmission. In Low-Earth-Orbit (LEO) satellite networks, inter-satellite links (ISLs) are essential for connecting multiple satellites, facilitating data exchange and command coordination, and enabling real-time monitoring of the network. ISLs are especially vital for large-scale satellite constellations like SpaceX’s Starlink, as they enhance global coverage and support diverse applications. To ensure secure and reliable communication, ISLs must be protected by strong security protocols that defend against threats such as eavesdropping and spoofing.
Recently, the emerging zero-trust authentication model has attracted enormous interest and has been implemented in NextGen LEO satellite networks to secure communications from illegitimate access using Hyperelliptic Curve Cryptography (HECC) [1]. However, continuous authentication performance could increase operation costs, especially while covering a greater number of satellite users. Additionally, provably secure optimal homomorphic sign encryption was employed in [2] to achieve privacy-preserved data transmission from multiple IoT devices to LEO satellites. However, wireless communication latency has been increased. A secure authentication was performed in [3] by utilizing key agreement systems and Elliptic Curve Cryptography (ECC) for satellite communication systems. However, the operation time taken for the reliable authentication process was increased significantly.
A one-class classification support vector machine (OCC-SVM) was applied in [4] to enhance the performance of physical layer authentication. However, the authentication rate was unsatisfactory. A Lightweight Authentication and Key Sharing Protocol was applied in [5] for secure satellite communication with better computational complexity, speed, and bandwidth. However, the scalability of this protocol has remained an open issue. The Encryption-based Mutual Authentication and Key Update (EMAKU) protocol was implemented in [6] to find the replay attack and man-in-the-middle attack. However, the latency during the secured satellite communication process was not minimal.
An orbital zero-trust architecture (oZTA) was implemented in [7] for securing the LEO satellite networks. However, the types of anomaly detection remained an open issue. In [8], the handover authentication protocol was investigated to rapidly and strongly authenticate the user’s identity during the handover process. However, communication and computational efficiency cannot be balanced effectively. Elliptic curve cryptography and a three-factor authentication procedure have been used in [9] for satellite communications. However, the data loss rate was determined using elliptic curve cryptography, which was still higher than in other studies. A robust three-factor authentication protocol was implemented in [10] for satellite communication. However, the successful authentication rate was poor while assuming a larger satellite network as input.
To address the outlined challenges, the MRFCO-ZTS approach has been introduced to provide enhanced security for next-generation Low-Earth-Orbit (LEO) satellite networks. It ensures secure and reliable communication between satellites operating in dynamic and complex non-terrestrial environments. This model introduces several key improvements over conventional Zero-Trust Security (ZTS) frameworks:
(1)
Continuous Authentication for ISLs: The MRFCO-ZTS model implements continuous authentication mechanisms specifically tailored for Inter-Satellite Links (ISLs) in LEO networks. This strengthens security by improving data confidentiality, authentication reliability, integrity, and privacy protection, while effectively resisting a wide range of cyber threats.
(2)
Bio-Inspired Optimization for Cost Efficiency: MRFCO-ZTS employs the Manta Ray Foraging Optimization (MRFO) algorithm—a bio-inspired technique—to optimize the ZTS cost function. This function considers the likelihood of attacks, potential risk impact, and computational overhead. By integrating a cost-optimized classification system, the model effectively distinguishes between legitimate and malicious nodes, enhancing secure data access in satellite communications.
(3)
Balanced Performance and Efficiency: The MRFCO-ZTS framework achieves an optimal balance between satellite network security, communication latency, and resource utilization. Its performance has been validated through extensive simulations, demonstrating improvements over traditional satellite authentication methods in terms of accuracy, speed, and efficiency [3,4,6].
The traditional metaheuristic security schemes were designed for one-time or static trust assumptions. In contrast, the proposed MRFCO-ZTS is implemented for fully dynamic zero-trust score updating. In addition, the traditional metaheuristic security schemes were developed for ground networks (IoT, WSN, and MANET) or generic cyber systems. However, the MRFCO-ZTS is proposed for inter-satellite environments. In traditional metaheuristic security, optimization focuses on generic search (e.g., PSO, GA). In contrast, the proposed MRFCO-ZTS used Manta Ray Foraging Optimization for dynamic orbital constraints. Traditional Metaheuristic Security Schemes support only limited feedback loops or static decision logic, whereas the proposed MRFCO-ZTS uses real-time continuous monitoring and adaptive trust updates.
The rest of the paper is formulated as follows: Section 2 shows related works, Section 3 describes the LEO satellite network model, Section 4 provides the detailed processes of the developed MRFCO-ZTS approach for authentication and secure data access, Section 5 illustrates experimental results and features a comparison with conventional methods, and Section 6 concludes the paper.

2. Related Works

This section presents the state-of-the-art authentication techniques that were implemented for secure data communication in satellite networks.

2.1. Conventional Authentication Techniques

A Network Slice Access Authentication and Service Authorization method was developed in [11] to securely access data in satellite–terrestrial networks with minimal computational and communication overhead. However, the complexity involved during the authentication process was not reduced. A broad examination of state-of-the-art authentication techniques designed for satellite communication networks was presented in [12].
A robust ECC-based authentication procedure was utilized in [13] for reliable satellite-to-satellite communication networks. However, the error rate measured during the authentication was higher. A High-Performance Identity-Based Quantum Signature system was implemented in [14] to attain strong security. However, the authentication efficiency was unsatisfactory. A provably secure and efficient emergency message verification scheme was presented in [15] to achieve privacy and accountability and support confidential transmission. However, the data loss rate was higher than others.
A lightweight authentication and key agreement method was implemented in [16] for S2S communication with the application of a symmetric cryptographic system. However, the data integrity rate was poor. An access authentication protocol was developed in [17] with user anonymity and traceability, with the objective of decreasing the communication delay and signaling cost of access authentication. However, the true-positive rate of authentication was not sufficient.
A secure three-factor anonymous-roaming authentication procedure was introduced in [18] with the assistance of ECC for space information networks, but the authentication failure was worse. However, the ratio of the number of users that are correctly authenticated as detector or attacker satellites was not higher. LSTM Networks were introduced in [19] with the aim of achieving better anomaly detection accuracy in satellite communications systems. However, it was computationally costly and training time and memory consumption was higher. A literature review of different security threats, solutions, and challenges faced during the process of secure satellite communication was presented in [20].

2.2. Conventional Zero-Trust Authentication Techniques

An intelligent zero-trust architecture was constructed in [21] to achieve better information security in networks. However, the communication delay was not reduced. A convolutional neural network (CNN) and zero-trust security strategy were utilized in [22] for precise and timely recognition of false data injection attacks. However, the transmission delay was not reduced. An orbital zero-trust architecture (OZTA) was presented in [23] for LEO satellite networks.
Zero-trust and edge intelligence (ZTEI)-empowered continuous authentication was carried out in [24] to attain better accuracy for user authentication. However, the false positive rate observed during the authentication process was higher. A Multi-Factor Authentication system was implemented in [25] with the support of Zero-Trust Network Access to achieve low computation and communication costs while maintaining a high level of security and reliability. A deep learning-based anomaly detection framework was designed in [26] for satellite telemetry with false anomalies. However, the existing framework features a high computational cost, over-fitting, and data privacy and security concerns. A Variance-Based Genetic Ensemble of Neural Networks was designed in [27] for increasing the efficiency of satellite anomaly detection. However, the false positive rate was higher.
A zero-trust framework was presented in [28] by using Proof-of-Work and Mean Field Game theory to scale authentication in satellite-ground IoT scenarios. LSTM-based anomaly detection was designed in [29] to satellite telemetry, enabling real-time detection of unusual behaviors. A deep-learning model was intended in [30] that trains on synthetic telemetry faults to simulate and detect anomalies. A genetic-algorithm-optimized ensemble of neural networks was presented in [26] for satellite anomaly detection. Secure Optimization was performed in [30] for enhancing LEO link energy efficiency.
On the contrary to state-of-the-art works, following are the key contributions:
  • Proposed MRFCO-ZTS is intended for fast adaptation to new threat patterns and Minimizes system load during detection/classification as where it utilizes Manta Ray Foraging Optimization for learning-based evolution of trust scores, using behaviors.
  • Besides to that, proposed MRFCO-ZTS enforces Strict identity validation at every request, Dynamic trust re-evaluation based on behavior and past interaction, No implicit trust for previously authenticated satellite nodes, Trust decay over time in idle or suspicious nodes.

3. LEO Satellite Network Model

The proposed LEO satellite network architecture for MRFCO ZTS comprises four primary components: (1) a centralized Network Control Center (NCC) managing satellite operations and user access, (2) an authorized user segment with terminals such as VSATs and GPS receivers, (3) a constellation of LEO satellites (including both inter-satellite and ground feeder links), and (4) communication links, encompassing uplink/downlink paths between users and satellites as well as inter-satellite and feeder links, which have been shown in Figure 1.
The NCC handles tasks such as user registration, key distribution, and satellite configuration. The user segment, consisting of diverse end devices, interfaces through satellite links for services like broadband and navigation. LEO satellites maintain essential on-board capabilities (AD&C, TT&C, payloads) and enable secure channel setup via narrow-band inter-satellite links (ISLs). These ground-to-satellite links, while pivotal for global connectivity, require robust trust configurations to mitigate vulnerabilities. This architecture draws on the model introduced by Farreaa, K.A et al. [1] with adaptations for the MRFCO-ZTS framework.

4. The Development of the MRFCO-ZTS Approach

4.1. The Architecture of MRFCO-ZTS-Secured LEO Satellite Network

When applying a ZTS concept to satellite networks, classifying attackers and detector users is difficult because of the distinctive characteristics of satellite communication and the potential for sophisticated attacks. In addition, the cost function of conventional ZTS was higher in satellite networks. Hence, the MRFCO-ZTS approach is implemented by integrating the Manta Ray Foraging Optimization algorithm and ZTS for attack and detector classification via continuous verification. With the assistance of ZTS, the developed MRFCO-ZTS-secured LEO satellite system verifies satellite users continuously during communication sessions by using the rule of ‘Never trust, always verify’, whether the satellite users are inside or outside the network boundary. By using the ZTS protocol, the developed MRFCO-ZTS-secured LEO satellite system re-authenticates satellite users with each access request for every session by optimizing the cost function of attacker/detector classification. From this, the MRFCO-ZTS approach provides higher security levels through adding an extra layer of protection and ensuring that only authorized users and devices can access valuable resources in satellite networks. The architecture diagram of the MRFCO-ZTS-secured LEO satellite network is presented in Figure 2.
As presented in the above diagram, the MRFCO-ZTS approach initially considers zero-trust satellite networks with many satellite users. Then, the MRFCO-ZTS approach generates the cost function of ZTS by considering multiple factors, including attack likelihood, cumulative user risk, and computational delay. Subsequently, the MRFCO-ZTS approach utilizes Manta Ray Foraging Optimization (MRFO) to optimize the cost function of ZTS for continuous user verification with better resource efficiency. As a result, the MRFCO-ZTS approach can provide stronger security for data communication in satellite environments by finding honest and attack users in satellite networks via classification.

4.2. MRFCO-ZTS Approach

Satellite continuous authentication is a significant task in zero-trust security where it verifies user identity, device posture, and session behavior. However, combining continuous checking with zero-trust formulates several problems that impact security, user experience, and system performance in the satellite communication environment. Continuous checking of all users in every session requires the processing of contextual and behavioral data in real-time, which slows down the communication system, increases network strain, and affects overall performance when considering a larger environment. Scaling continuous verification for thousands of users and devices needs robust infrastructure and constant tuning. Hence, the efficiency of zero-trust security still needed to be improved with a greater number of input satellite users.
To address the issue of existing Zero-Trust Security, a novel cost function C ( M ) has been developed based on attack, risk, and computational delay when considering a growing number of users in a satellite network. To optimize ZTS, our developed MRFCO-ZTS approach aims to minimize multi-objective cost function per user/session i , using
C M = α · a i · r i + β · d i + γ · m i
In Equation (1), a i refers to attack likelihood, r i indicates cumulative user risk, d i represents computational delay/overhead (due to continuous authentication), and m denotes the misclassification penalty (Table 1).
Let us consider that attack probability increases with the number of users and is higher for non-potential users, which can be expressed mathematically as
  a i = a 1 · l o g ( M p + 1 ) + a 2 · l o g ( M n p 1 )
Here, a 1 < a 2 indicates attacks are more expected from non-potential users.
r i = 1 M i = 1 M p r p , i + i = 1 M n p r n p , j
In Equation (3), r p , i and r n p , j show risk scores for individual users.
To define a cost function for computational delay that balances reduced latency and improved security in a satellite network using a ZTS concept for both potential and non-potential users, the following key terms are considered: M p refers to potential (trusted) users; M n p represents non-potential (un-trusted) users. Then, the total number of users M can be calculated as M = M p + M n p .
d i = w 1 · C D ( M ) + w 2 · L ( M ) w 3 · S ( M )
In Equation (4), C D ( M ) depicts total computational delay, L ( M ) defines latency as a function of users, S M indicates security strength (e.g., number/intensity of ZTS checks), D i refers to computational delay, and w 1 ,   w 2 , and w 3 represent weights balancing security, latency, and user importance.
Next, the computational delay of ZTS has been defined based on user types as
C D ( M ) = M p · d p + M n p · d n p
In Equation (5),   M p and M n p describe the number of possible non-potential users, d p represents the average delay per potential user (lower), and d n p refers to the average delay per non-potential user (higher). Latency occurs due to satellite links and ZTS verification, which is represented mathematically as
L M = ω ( M p · l p + M n p · l n p )
In Equation (6), l p < l n p and ω describes a system-specific constant.
S M = σ ( M p · s p + M n p · s n p )
In Equation (7), s p < s n p (more secure verifications for non-potential users); σ is a security effectiveness constant. The objective function J(.) of the optimization algorithm is defined mathematically as
J ( . ) = min θ i = 1 M C i
Using Equations (1) and (8), this can be represented as
J ( . ) = min θ i = 1 M [ α · a i · r i + β · d i + γ · m i ]
In Equation (9), θ indicates the parameters of the classification model. With the motivation of optimizing the cost function of the ZTS model for the classification of attacker/detector, a new metaheuristic algorithmic concept called Manta Ray Foraging Cost Optimization (MRFCO) is applied, which balances security, performance, and resource usage in the satellite network environment. The MRFCO is implemented based on the foraging behavior of manta rays in ocean environments. To apply MRFCO under a ZTS model for optimizing a cost function, we must align MRFO’s exploration–exploitation procedure with the security objectives of ZTS, including the following: (1) finding attackers vs. detectors, (2) reducing computational delay, (3) minimizing risk while maintaining security assurance, and (4) supporting dynamic authentication decisions.
In ZTS, every access request of satellite users must be authenticated continuously. This leads to complex decision-making, often involving dynamic risk scores, delay-sensitive authentication, and adaptive access control (deny, grant). Hence, an optimized cost function assists in balancing performance and achieving security. In MRFCO, manta rays contain distinctive foraging plans to find plankton and small fish using three key behaviors, i.e., chain foraging, cyclone foraging, and somersault foraging. Each signifies different phases of exploration and exploitation. Let us assume that z i indicates the position of the i t h manta ray (solution), z b e s t defines the global best solution, t defines the current iteration, and T represents maximum iterations. Next, the different types of foraging plans considered in our developed MRFCO-ZTS are represented, as follows:
(1)
Chain foraging: Create sequential foraging using the mathematical formulation below:
z i t + 1 = z i t + α 1 · z b e s t t z i t + α 1 · ( z i 1 t z i t )
In Equation (10), α 1 , α 2 ~ U ( 0 , 1 ) , which is good for global exploration.
(2)
Cyclone Foraging: Forms circular swimming to encircle, using the formula below:
z i t + 1 = z i t + r · z b e s t t z i t · s i n π t T
The above equation supports convergence and spiral search toward the best position.
(3)
Somersault Foraging: Local fine-tuning through somersault maneuvers, using the formula below:
z i t + 1 = z i t + S · ( α 1 · z b e s t t α 2 · z i t )
In Equation (12), S refers to the somersault factor (e.g., 2). Using this exploitation-focused method helps refine the solutions and thus minimize the cost function of the ZTS approach for accurate classification of users. To better recognize the possible foraging, a novel classification rule has been developed and used in the developed MRFCO-ZTS approach.
Based on cost minimization, the classification decision rule for satellite user ‘ i ’ is mathematically described as
y ^ = If   α · A i · R i + β · D i + γ · m i > t u   ,   then   y ^ = 1   and   user   i   is   classified   as   attacker Otherwise   ,     then   y ^ = 0   and   user   i   i s   classified   as   detector
In Equation (13), t u denotes the decision threshold, i.e., trust score threshold. By using the above equation, each user in the satellite network is efficiently classified as an attacker or detector (i.e., legitimate) according to their activity patterns (i.e., cost function). The Table 2 below shows detector actions based on classification results.
The Algorithm 1 of the manta ray foraging cost-optimized zero-trust security approach for attacker/detector classification is given below.
Algorithm 1 Manta ray foraging cost-optimized zero-trust security approach for attacker/detector classification algorithm
1: Input: Number of satellites i 1 , i 2 , . . , i M ’; Behavior logs, access pattern, trust score
2: Output: Minimum-cost classification model (deny, allow) for achieving higher security
3: Begin
4: Number of satellite users i 1 , i 2 , . . , i M
5: For all satellite users i in the network
6: Define cost function C M = α · a i · r i + β · d i + γ · m i
7: Determine Attack likelihood score ‘ a i a i = a 1 · l o g ( M p + 1 ) + a 2 · l o g ( M n p 1 )
8: Measure cumulative user risk r i = 1 M i = 1 M p r p , i + i = 1 M n p r n p , j
9: Calculate computational delay d i = w 1 · C D ( M ) + w 2 · L ( M ) w 3 · S ( M )
10: Define the Objective Function of optimization J ( . ) = min θ i = 1 M [ α · a i · r i + β · d i + γ · m i ]
11: Apply MRFCO Concept, initialize population z i by considering ‘ t u
12: For each z i , Measure fitness α · a i · r i + β · d i + γ ·
13: While not termination
14: Choose foraging mode (Chain, Cyclone, Somersault)
15: Update z i position z i t + 1 = z i t + α 1 · z b e s t t z i t + α 1 · ( z i 1 t z i t )
16: Determine new fitness i.e., Re-evaluate cost, Update z b e s t t if required
17: Return z b e s t t as optimal parameters for ZTS classification
18: Cyclone Foraging z i t + 1 = z i t + r · z b e s t t z i t · s i n π t T
19: Somersault Foraging z i t + 1 = z i t + S · ( α 1 · z b e s t t α 2 · z i t )
20: y ^ = If   α · A i · R i + β · D i + γ · m i > t u   ,   then   y ^ = 1   and   user   i   is   classified   as   Attacker Otherwise   ,     then   y ^ = 0   and   user   i   is   classified   as   detector
21: End While
22: End For
23: End

5. Simulation

The proposed MRFCO-ZTS model and existing Zero-Trust Authentication Approach with Hyperelliptic Curve Cryptography (ZTAP-HECC) [1] are implemented in MATLAB (R2024b). During the simulation, the number of satellite users varies in a range of 50 to 250, which is considered as an input. The simulations and model evaluations were executed on a standalone desktop system with the following specifications (Table 3, Table 4, Table 5 and Table 6):
In the MRFCO-ZTS Model, continuous authentication is based on the cost function of ZTS. The following Table 7 shows the evaluation of five user sessions.
The simulation performance output of the developed MRFCO-ZTS approach is compared against the conventional existing Zero-Trust Authentication Protocol with Hyperelliptic Curve Cryptography (ZTAP-HECC) [1] using the below metrics:
  • Security level;
  • Latency;
  • Efficiency.

5.1. Performance Measure of Security

The security level is determined in terms of confidentiality. From this, the security level ( ζ ) is measured based on the ratio of the number of data packets that are accessed only by authorized users to the total data packets considered as input. Accordingly, the security level ( ζ ) is mathematically calculated using the following formula:
ζ = ν a u t h ν · 100
In Equation (14), ‘ ν a u t h ’ defines the data packets that are accessed only by authentic users in a satellite network environment, whereas ‘ ν ’ indicates thetotal data packets assumed as input for experimental work. The security rate of inter-satellite communication is estimated in terms of percentage (%).
Table 8 and Figure 3 demonstrate the simulation results of security level based on data confidentiality in a satellite environment using the developed MRFCO-ZTS approach and state-of-the-art ZTAP-HECC [1]. During the simulation process, varying numbers of data packets in the range of 50 to 250 are considered as input. As exposed in the above tabulation and graphical comparative analysis, the developed MRFCO-ZTS approach achieved a higher security level for data communication in the satellite environment via continuously authenticating all the users at each session. In addition, the developed MRFCO-ZTS approach provides better security performance while increasing the number of input data packets thereto be transmitted over satellite networks when compared to conventional ZTAP-HECC [1]. This is because the process of MRFCO and ZTS in our work advances state-of-the-art works by balancing computational cost, security, and data integrity. The MRFCO-ZTS approach continuously observes user activity, such as keyboard input patterns, device behavior, and network activity, to notice any deviations from the established baseline. From this, the MRFCO-ZTS model greatly prevents unauthorized access via classification. Hence, the developed MRFCO-ZTS approach’s ratio of the number of data packets that are accessed only by authentic users in a satellite environment improves. As a consequence, the developed MRFCO-ZTS approach obtains a 97.88% security level while considering 250 users as input, whereas the conventional ZTAP-HECC [1] obtained 93.32%.

5.2. Performance Measure of Latency

Latency is determined based on the amount of time taken in order to reliably deliver the data packets between the legitimate users in the satellite network. Thus, the latency is mathematically measured using the following formula:
L = i = 1 n δ i · τ
In Equation (15), ‘ δ i ’ refers to a data packet and ‘ τ ’ describes the time utilized for efficiently transmitting the single data packets in the network, whereas ‘ n ’ depicts the total number of data packets assumed as input. The latency is calculated in terms of milliseconds (ms).
Table 9 and Figure 4 display the comparative testing results of latency for various numbers of input data packets using the developed MRFCO-ZTS approach and the existing ZTAP-HECC [1]. During the experimental evaluation, different numbers of data packets in the range of 50 to 250 are gathered as input to test the performance of the developed work. As depicted in the above tabulation and graphical diagram, the developed MRFCO-ZTS approach acquired minimum latency during the secure satellite communication process via continuous authentication. Also, the developed MRFCO-ZTS approach gives better latency output while considering the greater number of data packets as input when compared to conventional ZTAP-HECC [1]. This is owing to the application of cost-optimized ZTS for seamless user authentication in our proposed work, contrary to conventional ZTS-secured communication systems. For this reason, the developed MRFCO-ZTS model reduces the time required for reliably delivering the data packets among the authentic users in the satellite network. Thus, the developed MRFCO-ZTS approach achieved a 1.15 ms latency while assuming 250 users as input, whereas existing ZTAP-HECC [1] obtained a 1.80 ms latency.

5.3. Performance Measure of Efficiency

Efficiency is determined in terms of authentication accuracy. Thus, efficiency determines the system’s ability to maintain security, performance, and resource efficiency while the number of nodes, users, or connections increases. This incorporates ground stations, satellites, user terminals, and routing paths. When the efficiency or scalability is higher, the proposed model provides secure access for millions of user terminals. Accordingly, efficiency ( ε ) is mathematically calculated using the following:
ε = μ a u t h M · 100
In Equation (16), ‘ μ a u t h ’ refers to the corrected number of satellite users authenticated as an attacker or detector, whereas ‘ M ’ denotes the total satellite users considered as input for simulation work. The efficiency is estimated in terms of percentage (%).
Table 10 and Figure 5 present testing results of authentication efficiency for different numbers of input satellite users using the developed MRFCO-ZTS approach and conventional ZTAP-HECC [1]. During the implementation, various numbers of satellite users in the range of 40 to 200 are used as an input to examine the performance of the proposed work for continuous authentication. As illustrated in the above tabulation and graphical representation, the developed MRFCO-ZTS approach achieves a higher authentication efficiency during satellite communication tasks. Also, the developed MRFCO-ZTS approach provides better authentication accuracy while assuming a larger number of satellite users when compared to existing ZTAP-HECC [1]. This is due to the usage of MRFO and ZTS in our developed MRFCO-ZTS approach, contrary to existing research works. The MRFCO-ZTS model considers the cost function of satellite users for continuous authentication. Therefore, the developed MRFCO-ZTS approach increases the ratio of the number of satellite users rightly authenticated as attackers or detectors in satellite networks. Accordingly, the developed MRFCO-ZTS approach achieves a 96.62% authentication efficiency while taking 250 satellite users as input, whereas existing ZTAP-HECC [1] attained 94.11%.

5.4. Scalability to Large Satellite Constellations (e.g., 1000+ Nodes)

In Table 11, accuracy degrades slightly due to increased classification complexity and overlapping behavior patterns. Latency and memory usage grow linearly, suggesting MRFCOZTS can scale but may need distributed optimization or regional segmentation.

5.5. Energy/Resource Consumption per Authentication Cycle

In Table 12, resource usage is moderate and feasible for onboard satellite computers (assuming ARM-class CPUs). It can be further reduced by caching prior trust scores and limiting full re-optimization for high-confidence sessions.

5.6. Robustness to Adaptive Attacks (e.g., Mimicry, Distributed Spoofing)

In Table 13, one can see that the model maintains strong robustness for distributed attacks and slight vulnerability to mimicry attacks due to static behavior inputs.

6. Conclusions

This paper develops a novel MRFCO-ZTS approach with the motivation of strengthening the security of inter-satellite communication and enhancing resource efficiency by optimizing a novel well-defined cost function of ZTS. The implemented MRFCO-ZTS approach efficiently authenticates the identity of satellites before they can connect with each other, thus achieving secure data exchange between them. Also, the MRFCO-ZTS approach minimizes the attack surface and avoids illegitimate access to the satellite network. By continuously monitoring every communication link, the MRFCO-ZTS model increases the network’s resilience against both ground-based and space-based risks by classifying users as honest or malicious users. By performing continuous authentication within the satellite network, the MRFCO-ZTS approach minimizes the requirements of ground station contribution which effectively decreases latency. In addition, the MRFCO-ZTS approach improves the overall reliability and efficiency of satellite communication by minimizing the cost function of ZTS based on attack, risk, and computational delay. The simulation testing results proved that the MRFCO-ZTS model gives better performance with an improvement of security level, efficiency, and minimization of latency when compared to existing research works.

Author Contributions

Conceptualization, H.X. and S.V.; methodology, H.X. and S.V.; writing—original draft preparation, H.X. and S.V.; writing—review and editing, H.X. and S.V. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Data Availability Statement

Due to the involvement of our research data in another study, we will not provide details regarding where data supporting the reported results can be found.

Conflicts of Interest

The authors declare no conflicts of interest.

References

  1. Farreaa, K.A.; Baig, Z.; Dossa, R.; Liu, D. Zero Trust-Based Authentication for Inter-Satellite Links in NextGen Low Earth Orbit Networks. Ad Hoc Netw. 2025, 174, 103817. [Google Scholar] [CrossRef]
  2. Farreaa, K.A.; Baig, Z.; Doss, R.R.M.; Liu, D. Provably Secure Optimal Homomorphic Signcryption for Satellite-Based Internet of Things. Comput. Netw. 2024, 250, 110516. [Google Scholar] [CrossRef]
  3. Qi, M.; Chen, J.; Chen, Y. A Secure Authentication with Key Agreement Scheme Using ECC for Satellite Communication Systems. Int. J. Satell. Commun. Netw. 2024, 42. In Press. [Google Scholar] [CrossRef]
  4. Abdrabou, M.; Gulliver, T.A. Authentication for Satellite Communication Systems Using Physical Characteristics. IEEE Open J. Veh. Technol. 2022, 4, 48–60. [Google Scholar] [CrossRef]
  5. Murtaza, A.; Xu, T.; Pirzada, S.J.H.; Jianwei, L. A Lightweight Authentication and Key Sharing Protocol for Satellite Communication. Int. J. Comput. Commun. Eng. 2020, 9, 1–6. [Google Scholar] [CrossRef]
  6. Huang, C.; Zhang, Z.; Li, M.; Zhu, L.; Zhu, Z.; Yang, X. A Mutual Authentication and Key Update Protocol in Satellite Communication Network. Automatika 2020, 61, 334–344. [Google Scholar] [CrossRef]
  7. Pokhrel, S.R. Poster: Orbital ZTA! Secure Satellite Communication Networks with Zero Trust Architecture. In Proceedings of the ACM SIGCOMM 2024 Conference: Posters and Demos, New York, NY, USA, 4–8 August 2024; pp. 33–35. [Google Scholar] [CrossRef]
  8. Guo, Y.; Wang, J.; Geng, K.; Li, Z.; Li, F.; Fang, L. SEHAP: Secure and Efficient Handover Authentication Protocol in LEO Satellite Non-Terrestrial Networks. In Proceedings of the IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), Hyderabad, India, 3–7 March 2025; pp. 1–5. [Google Scholar] [CrossRef]
  9. Ostad-Sharif, A.; Abbasinezhad-Mood, D.; Nikooghadam, M. Efficient Utilization of Elliptic Curve Cryptography in Design of a Three-Factor Authentication Protocol for Satellite Communications. Comput. Commun. 2019, 147, 85–97. [Google Scholar] [CrossRef]
  10. Chen, Y.; Chen, J. Robust Three-Factor Authentication Protocol for Satellite Communication Systems. Int. J. Commun. Syst. 2020, 33, 1–12. [Google Scholar] [CrossRef]
  11. Luo, Y.; Cao, J.; Shang, C.; Ma, R.; Niu, B.; Zhang, Y.; Li, H. NSAA: A Network Slice Access Authentication and Service Authorization Scheme for Integrated Satellite-Terrestrial Network. IEEE Internet Things J. 2024, 12, 7636–7651. [Google Scholar] [CrossRef]
  12. Suhaimi, N.H.S.; Kamarudin, N.H.; Khalid, M.N.A.; Tahir, I.; Mohamed, M.A.A. State-of-the-Art Authentication Measures in Satellite Communication Networks: A Comprehensive Analysis. IEEE Access 2024, 12, 142241–142264. [Google Scholar] [CrossRef]
  13. Gautam, D.; Kanwar, S.; Prajapat, S.; Kumar, P.; Chen, C. A Robust ECC-Based Authentication Protocol for Satellite-to-Satellite Communication Network. Telecommun. Syst. 2024, 87, 541–559. [Google Scholar] [CrossRef]
  14. Prajapat, S.; Kumar, P.; Kumar, S.; Das, A.K.; Shetty, S.; Hossain, M.S. Designing High-Performance Identity-Based Quantum Signature Protocol with Strong Security. IEEE Access 2024, 12, 14647–14658. [Google Scholar] [CrossRef]
  15. Guo, J.; Du, Y.; Zhang, D.; Wu, R. PSEEMV: Provably Secure and Efficient Emergency Message Verification Scheme Based on ECC and CRT for Space Information Network. J. Inf. Secur. Appl. 2023, 73, 103437. [Google Scholar] [CrossRef]
  16. Yang, Y.; Cao, J.; Ren, X.; Niu, B.; Zhang, Y.; Li, H. LK-AKA: A Lightweight Location Key-Based Authentication and Key Agreement Protocol for S2S Communication. Comput. Commun. 2023, 197, 214–229. [Google Scholar] [CrossRef]
  17. Liu, Y.; Ni, L.; Peng, M. A Secure and Efficient Authentication Protocol for Satellite-Terrestrial Networks. IEEE Internet Things J. 2023, 10, 5810–5822. [Google Scholar] [CrossRef]
  18. Guo, J.; Du, Y. A Secure Three-Factor Anonymous Roaming Authentication Protocol Using ECC for Space Information Networks. Peer Peer Netw. Appl. 2021, 14, 898–916. [Google Scholar] [CrossRef]
  19. Gunn, L.; Smet, P.; Arbon, E.; McDonnell, M.D. Anomaly Detection in Satellite Communications Systems Using LSTM Networks. In Proceedings of the 2018 Military Communications and Information Systems Conference (MilCIS), Canberra, Australia, 13–15 November 2018; pp. 1–6. [Google Scholar] [CrossRef]
  20. Tedeschi, P.; Sciancalepore, S.; Di Pietro, R. Satellite-Based Communications Security: A Survey of Threats, Solutions, and Research Challenges. Comput. Netw. 2022, 216, 109246. [Google Scholar] [CrossRef]
  21. Ramezanpour, K.; Jagannath, J. Intelligent Zero Trust Architecture for 5G/6G Networks: Principles, Challenges, and the Role of Machine Learning in the Context of O-RAN. Comput. Netw. 2022, 217, 109299. [Google Scholar] [CrossRef]
  22. Peng, C.; Zhou, Q.; Shen, Y.; He, K.; Lian, Z.; Shuai, Z. Zero-Trust Security Strategy for Renewable Power Plant Clusters Under Integrated Satellite-Terrestrial Networks. IEEE Trans. Ind. Appl. 2025; In Press. [Google Scholar] [CrossRef]
  23. Annabi, M.; Zeroual, A.; Messai, N. Towards Zero Trust Security in Connected Vehicles: A Comprehensive Survey. Comput. Secur. 2024, 145, 104018. [Google Scholar] [CrossRef]
  24. Fu, P.; Wu, J.; Lin, X.; Shen, A. ZTEI: Zero-Trust and Edge Intelligence Empowered Continuous Authentication for Satellite Networks. In Proceedings of the IEEE Global Communications Conference (GLOBECOM), Rio de Janeiro, Brazil, 5–9 December 2022; pp. 2376–2381. [Google Scholar] [CrossRef]
  25. Lin, C.-L.; Hsu, T.-E. A Multi-Factor Authentication Scheme Based on Zero Trust Network Access for LEO Satellite Communication Systems. In Proceedings of the 2024 International Conference on Intelligent Computing and Next Generation Networks (ICNGN), Bangkok, Thailand, 23–25 November 2024; pp. 1–5. [Google Scholar] [CrossRef]
  26. Wang, Y.; Gong, J.; Zhang, J.; Han, X. A Deep Learning Anomaly Detection Framework for Satellite Telemetry with Fake Anomalies. Int. J. Aerosp. Eng. 2022, 2022, 1–9. [Google Scholar] [CrossRef]
  27. Sadr, M.A.M.; Zhu, Y.; Hu, P. Satellite Anomaly Detection Using Variance Based Genetic Ensemble of Neural Networks. In Proceedings of the IEEE International Conference on Communications (ICC 2023), Rome, Italy, 28 May–1 June 2023; pp. 4070–4075. [Google Scholar] [CrossRef]
  28. Wu, X.; Zheng, T.; Wu, R.; Zhou, H.; Huang, Y.; Zhang, J. Hi-SAM: A High-Scalable Authentication Model for Satellite-Ground Zero-Trust System Using Mean Field Game. J. Netw. Syst. Manag. 2025, 33, 72. [Google Scholar] [CrossRef]
  29. Wang, Z.; Cao, J.; Di, X. Anomaly Detection Method for Satellite Networks Based on Genetic Optimization Federated Learning. Expert Syst. Appl. 2025, 295, 128627. [Google Scholar] [CrossRef]
  30. Yang, Y.; Wang, L.; Xu, F. Secure and Energy-Efficient Beamforming for LEO Satellite Downlink via Intelligent Surfaces. IEEE Trans. Commun. 2024, 72, 1234–1246. [Google Scholar] [CrossRef]
Figure 1. MRFCO-ZTS LEO Satellite Network Architecture (Reference from [1]).
Figure 1. MRFCO-ZTS LEO Satellite Network Architecture (Reference from [1]).
Futureinternet 17 00304 g001
Figure 2. The architecture of the MRFCO-ZTS approach for a communication network with secure inter-satellite links.
Figure 2. The architecture of the MRFCO-ZTS approach for a communication network with secure inter-satellite links.
Futureinternet 17 00304 g002
Figure 3. Graphical performance of security level.
Figure 3. Graphical performance of security level.
Futureinternet 17 00304 g003
Figure 4. Graph of latency performance.
Figure 4. Graph of latency performance.
Futureinternet 17 00304 g004
Figure 5. Graph of efficiency performance.
Figure 5. Graph of efficiency performance.
Futureinternet 17 00304 g005
Table 1. Symbol definition.
Table 1. Symbol definition.
SymbolMeaning
a i Attack likelihood score for user/session i (0 to 1)
r i Risk impact if misclassification occurs (0 to 1)
d i Computational delay or verification latency for i (in milliseconds)
m i Misclassification penalty, 1 if misclassified, 0 otherwise
α , β , γ Tunable weights for security, performance, accuracy
Table 2. Classification result and detector action.
Table 2. Classification result and detector action.
Classification   Result   y ^ Detector Action
i = LegitimateGive full access to all services
S i = AttackerImmediate block, alert, forensic log
Table 3. Hardware configuration.
Table 3. Hardware configuration.
ComponentSpecification
Processor (CPU)Intel Core i5-11400F @ 2.60 GHz (6 cores, 12 threads) (Intel Corporation, Santa Clara, CA, USA)
RAM16 GB DDR4 @ 3200 MHz (MHzKingston Technology, Fountain Valley, CA, USA)
Storage512 GB NVMe SSD (Kingston Technology, Fountain Valley, CA, USA)
GPU (optional use)NVIDIA GTX 1650 (4 GB GDDR6, CUDA-capable) (NVIDIA Corporation, Santa Clara, CA, USA)
Power Supply500 W PSU, consistent 220 V input (Corsair Components, Fremont, CA, USA)
Operating SystemWindows 10 Pro (64-bit), version 22H2 (Microsoft Corporation, Redmond, WA, USA)
Table 4. Software environment.
Table 4. Software environment.
CategoryConfiguration
Simulation PlatformMATLAB R2024b (64-bit)
MATLAB ToolboxesOptimization Toolbox; Statistics and Machine Learning Toolbox
Programming LanguageMATLAB scripting (M-code)
Execution ModeScript and function-based batch simulations
Parallel ComputingDisabled (single-node simulation)
Table 5. Used libraries and functions.
Table 5. Used libraries and functions.
FunctionDescription
fmincon()Constrained optimization (baseline comparison)
Custom mrfo_cost_function()Implements MRFO-based attacker classification
rand(), normrnd()Random-number generation for synthetic user behavior
surf(), plot3(), bar()Visualization of cost landscapes and classification results
Custom trust-score moduleRule-based and probabilistic trust-score evaluation
tic; toc;Used for measuring simulation time
Table 6. Simulation Input Models.
Table 6. Simulation Input Models.
ElementValue/Description
User Sessions Simulated250 to 1200 dynamic users per run
Session Duration600 s (10 min real-time simulation)
Cost Function Range0.1 to 4.8
Authentication CycleEvery 1.5–3 s (configurable interval)
Attack BehaviorInjected synthetic mimicry, burst, and random attacks
Trust Score ModelProbabilistic model based on user activity logs
Classification OutputBinary (Legitimate, Attacker), with risk tagging
Table 7. Real-world simulation performance results.
Table 7. Real-world simulation performance results.
User_IDSessionsAvg_Risk_ScoreSuspicious_SessionsTotal_CostUser_Type
“User_1”390.8227318.82“Attacker”
“User_2”430.6222268.25“Detector”
“User_3”370.6316223.85“Detector”
“User_4”340.6317214.93“Detector”
“User_5”320.718253.74“Attacker”
Table 8. Simulation performance of security level.
Table 8. Simulation performance of security level.
Number of Data Security Level (%)
PacketsExisting ZTAP-HECCProposed MRFCO-ZTS Mode
5090.1196
10090.7396.55
15091.4196.79
20092.8097.04
25093.3297.88
Table 9. Simulation latency performance.
Table 9. Simulation latency performance.
Number of DataLatency (ms)
PacketsExisting ZTAP-HECC Proposed MRFCO-ZTS Model
500.530.34
1000.650.52
1500.960.77
2001.380.96
2501.801.15
Table 10. Simulation performance of efficiency.
Table 10. Simulation performance of efficiency.
Number of SatelliteEfficiency (%)
UsersExisting ZTAP-HECC Proposed MRFCO-ZTS Model
4092.0595.12
8092.4995.46
12092.9295.88
16093.5096.20
20094.1196.62
Table 11. Simulation performance of scalability.
Table 11. Simulation performance of scalability.
SatellitesAuthentication Accuracy (%)Average Latency (ms)Average MRFO IterationsPeak Memory Per Node (MB)
25096.61.10424.2
50095.81.35455.3
75094.71.72486.1
100093.42.08526.9
120091.92.46577.5
Table 12. Simulation performance of energy/resource consumption.
Table 12. Simulation performance of energy/resource consumption.
Action PhaseAvg CPU Time (ms)Energy Consumption (mJ)Comm Overhead (Bytes/Session)
Trust Score Calculation3.512.2250
Cost Function Evaluation2.810.5
MRFO-Based Optimization5.219.1
Final Classification and Action1.13.8150 (alert or grant signal)
Total per Cycle12.6 ms45.6 mJ~400 bytes
Table 13. Simulation performance of robustness to adaptive attacks.
Table 13. Simulation performance of robustness to adaptive attacks.
Attack TypeDetection Rate (%)False Negative Rate (%)Avg Detection Delay (ms)Remarks
Baseline Random Attack97.42.61.3High sensitivity maintained
Mimicry Behavior Attack89.510.52.4Delay increases; cost function less discriminative
Distributed Coordinated91.88.22.1MRFO adaptation helps isolate spatial patterns
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Varadala, S.; Xu, H. A Biologically Inspired Cost-Efficient Zero-Trust Security Approach for Attacker Detection and Classification in Inter-Satellite Communication Networks. Future Internet 2025, 17, 304. https://doi.org/10.3390/fi17070304

AMA Style

Varadala S, Xu H. A Biologically Inspired Cost-Efficient Zero-Trust Security Approach for Attacker Detection and Classification in Inter-Satellite Communication Networks. Future Internet. 2025; 17(7):304. https://doi.org/10.3390/fi17070304

Chicago/Turabian Style

Varadala, Sridhar, and Hao Xu. 2025. "A Biologically Inspired Cost-Efficient Zero-Trust Security Approach for Attacker Detection and Classification in Inter-Satellite Communication Networks" Future Internet 17, no. 7: 304. https://doi.org/10.3390/fi17070304

APA Style

Varadala, S., & Xu, H. (2025). A Biologically Inspired Cost-Efficient Zero-Trust Security Approach for Attacker Detection and Classification in Inter-Satellite Communication Networks. Future Internet, 17(7), 304. https://doi.org/10.3390/fi17070304

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop