Title: Optical network security attacks by

tapping and encrypting optical signals

Maslo Anis1, Nermin Sarajlić2, Mujo Hodžić3, Aljo Mujčić4

1
Faculty of Electrical Engineering Tuzla
2
Faculty of Electrical Engineering Tuzla
3
Zenica University Polytechnic Faculty
4
Faculty of Electrical Engineering Tuzla

Abstract: The growth of internet traffic over the past decade has been constant.
The projections are that this growth will continue. Using a smart wireless device,
we communicate, entertain, socialize and manage, for example, electrical
appliances in the home. The transmission of all this data involves an enormous
increase in internet traffic. The question is which medium can solve the problem
of large amounts of data and long-distance data transmission. Optical fiber as a
medium and AON (All Optical Networks) have the highest transmission capacity.
Optical networks are the solution to the problem of the amount and distance of
data transmission. Within AON, data are transmitted over distances of several
thousand kilometers from source to destination in optical domain. All signal
transmission and switching are performed in the light optical domain. AON at the
optical level are vulnerable at the physical level of network in terms of security.
This paper addresses the issue of AON security at the physical level, with types of
attacks and types of protection against tapping and passive data analysis at the
physical level of ON.

Keywords: ON physical layer network security, optical fiber tapping

(eavesdropping), encoding and encryption of optical light signals

1. Introduction

Optical fibers as the transmission medium and AON optical networks, have the
highest data transmission capacity. Optical networks are the solution to the
problem of broadband transmission media. Initially, ON represented practical
connecting routes between distant concentration points of TCN
(Telecommunications Networks). With the development of optical network
components, AON have evolved in terms of increasing transmission distance and
channel capacity. Currently available commercial AON operate at a transmission
speed of 400 Gb/s per wavelength, with multiple Tb/s per fiber [1]. The AON
signal transmission distances are several thousand kilometers, the transmission of
the entire signals is performing in the light optical domain.
Such, AON in the literature are also called transparent networks. Optical-level
switching AON are vulnerable at the physical level in terms of security. The first
level of AON security defense, as with all other TK networks, begins at the logical
level of the network model [2]. However, it is a roof level of protection, and a
basic physical level must be ensured to build security throughout the system. This
paper addresses the issue of AON security at the physical level.

2. Types of attacks on the physical layer of optical networks

The concept of security is a state of mind. The first line of security for
telecommunication networks is built on the logical network layer of the TCP IP
Network Reference Model (Transmission Control Protocol / Internet Protocol).
However, building secure top-level of network without the security of the
underlying physical layer does not make the system reliable.
Current industry standards focus on data theft attacks from higher-level TCP IP
network models. Attacks on the physical level of AON have been neglected in
some way. The sophistication of the equipment needed to carry out a specific
attack has left even professionals in the optical communications field convinced
that AON are safe on a physical level.
However, eavesdropping devices were discovered on Deutsche Telekom's main
fiber optic links in 2000. Then, illegal eavesdropping devices were also discovered
on Verizon's optical network near Frankfurt Airport in 2003. Subsequently, a
number of eavesdropping in Europe were recorded are growing [4]. So AON,
which transmit high-speed signals in the light domain, are vulnerable to attacks in
the domain of the physical layer of the network.
An attack on the security of an AON network is defined by any action that aims to
impair the confidentiality, integrity and availability of data transmission functions
in the light domain [5].

Attacks on the security of physical layer AON can be divided into several ways.
The first division of the attack is by threat to the basic premises of information
security:

1. Confidentiality: In this case, an effort is made to eavesdrop on the

content of the communication
 3

2. Integrity: In this case, the attacker tries to modify the actual data
being transmitted
3. Accessibility: In this case the attacker tries to obstruct the access
of the authorized subjects to the data.
The second way of classification is simpler, the attacks are divided according to
the damage they cause:

1) Threats aimed at eavesdropping and passive analysis of

unauthorized information
2) Threats aimed at disrupting service by intentionally interfering
with proper signal transmission.

2.1. Threats aimed at eavesdropping and passive analysis of

unauthorized information

The confidentiality of data transmission is mostly related to national military

systems. For military systems it is very important that the enemy does not know
the information transmitted by the AON. However, any data transfer requires the
protection of the privacy of the information. AON elements do not emit lateral
electromagnetic waves that are used to eavesdrop on copper communication
channels. For AON, attackers have developed various eavesdropping techniques
[5] that affect data confidentiality.

2.1.1 Tapping by insider attacks

The simplest method for tapping is an insider attack. The attacker regularly
subscribes - logs into AON, and then eavesdrops on listening signals from his
adjacent communication channels through special equipment. Another type of
insider attacks that eavesdropping performed on switch ports or DWDM nodes
that are designed to analyze and control traffic. These kinds of attacks are very
difficult to detect because they leave no trace and analyze the data passively.
Other methods of tapping require physical contact with an AON optical fiber
through which light signals are transmitted. In order to make physical contact with
the optical fiber in the cable, it is necessary to remove all levels of protection of
the fiber in cable: the sheath of the optical cable, the secondary protective carbon
fibers, the protective tubes, and finally the polymer protection on the fiber itself.
In practice, this is not a simple process.
4

2.1.2 Bend tapping

When access is made to the optical fiber, then fiber could be bent enough to
compromise internal reflection. Compromising internal reflection cause decuple
some percentage of the primary mode of the transmitted light signal. So, Fiber
bending is done so that a smaller percentage of the light signal leaves - leaks from
the fiber optic core. A minimum percentage of the signal is taken for
eavesdropping to make it difficult to detect the loss of optical signal budget on the
receiving side. That is, in order for the regular receiver to detect the attack as hard
as possible. Figure 1 shows the basic schematic of the wiretap as well as the
detection using the OTDR (Optical Time Domain Reflectometer) [6]. The light
emitted due to bending from the optical fiber using prisms is directed to the optical
fiber of the tapping device and then to the opto/electronic convector, after which
the data obtained is analyzed.

Figure 1. a) Basic fiber tapping metod [7], b) OTDR detection of band tapping.

However, a small percentage of the reduction in the budget of the transmitted

signal in practice can be detected, for example by using OTDR. Therefore, this
method of eavesdropping is relatively little used. In practice, eavesdropping
devices are commercially available and cost approximately 250Eur.

2.1.3 Evanescent tapping

Evanescent tapping is performed by diverting a small portion of the light into

another optical fiber without bending. The method consists in polishing the optical
fiber surface by removing a portion of the sheath. When these polished fibers are
physically connected, there is a crosstalk between them, that is, a "leakage" of the
basic mode of the legitimate signal into the attacker's fiber. The advantage of this
method is that it has no bending and is difficult to locate.
 5

2.1.4 Raleigh Scatter - tapping

Rayleigh scattering occurs due to change in material density optical fibers in

certain parts of the fiber due to not perfection processing. This property of optical
fibers can be used as an object of natural crosstalk that occurs in a fiber. In this
case of eavesdropping, the attacker uses a special device to detect the small
amount of light emitted by the fiber due to scattering. The device uses ball lenses
located next to a fiber that focus light into the attacker's receiving fiber through
which it is transmitted for further analysis and reading of data. Eavesdropping
using Rayleigh scattering is the most difficult to detect because it does not use a
useful legitimate signal budget. Table 1.1. an overview of the tapping attack was
given.

Table 1.1. Overview tapping attack on a physical level AON.

Tapping
Type of attack Characteristic of attack
attack
Insider attacks on service ports
Insider attacks
or system monitoring ports.
The most common form of
attack. Equipment for this type
Bend tapping of attack is inexpensive and
commercially available, but it is
easy to detection.
It requires extremely precise
Evanescent tapping fiber processing, the more
difficult it is to detect.
Requires extremely accurate
Raleigh Scatter tapping
equipment, it is undetectable.

3. Types of protection against tappig attack at the physical

level network

AON's main feature is to ensure high-speed data transmission. Operators

during exploitation AON face the new challenges of maintaining a system which
is significantly different from the challenges to existing copper networks. The
primary objective of maintaining network security is to provide the information
triad: reliability / integrity / availability. A block diagram of network security at
the physical level is given in Figure 2. Network resistance may be impaired by
system errors (component failure, etc.) or illegal attack. In both cases, the steps to
solve the problem are the same.
6

Figure 2. Structure of mechanisms protection to Network survivability. [8].

Addressing security issues during AON design is the best and most effective
method of protecting AON. The original ON security was only ensured by
encoding the data when transmitting it. However, this protection has proved to be
insufficient so that encoding and encryption are now used to protect the three
basic security postulates. The basic problem-solving protocol at the physical level
is the detection of the problem, after which the problem is specifically located and
protection is performed from the detected attack. Finally, make reconstruction or
restoration system.
In order to detect a problem that is not a physical break in the AON network,
there must be certain methods. Locating and detecting attacks are performed by
methods of statistical analysis and comparison of AON status across different
periods. Deviation in the power level, deviation in the spectrum of transmitted
signals, increase of BER (Bit Eror Rate) indicate changes in the parameters of the
AON communication channel. If these changes are not announced and planned
then arises suspicion - activates the alarm for intentional unauthorized access to
resources AON. So any changes to the system are recorded and a statistical
analysis is made indicating the anomalies that need to be addressed. Trial
measurements - a pilot signal, then monitoring measurements with OTDR also
indicate system anomalies that alarm a possible attack on AON security.

3.1.1. Attack protection by encryption and encodnig

Until the first physical level attacks were detected, the protection of AON
security in the domain of transmission of light signals was done through their
encoding. The encoding was done more because of the efficient use of the
waveband, but it was also considered to provide a sufficient level of protection
due to the technical complexity of the coding system. However, after the detection
of the attack at the physical level, additional encryption protection is installed and
 7

also performed. Eavesdropping violates the principle of data confidentiality.

3.1.2. OCDMA encoding in AON

OCDMA (Optical Code-Division Multiple-Access) is the most used code in

AON [6]. The confidentiality provided by OCDMA is based on the
encoding/decoding process with the use of coding keys. Each AON user is
assigned a unique key, which is used to encode and decode the messages the user
sends or receives. This in admission implies that from the optical fiber, which is a
free medium transmitted by WDM or TDM (Time Division Multiplexing), the
specific data user decoder can take and read the data that has been exclusively
designed for him. Other data cannot be decoded correctly by the decoder and
discarded. Thus, before each send, the user's decoder encodes the data with its
unique key and sends the encoded data to the destination. On the receiving side,
data is taken from a multi-access channel (optical fiber, access node) and, based
on the correct exchanged keys, the receiving decoder accurately decodes the sent
data. If another eavesdropper picks up data from a multi-access channel, it will not
be able to read it correctly without having a correct decoding key. This means that
encoding provides some degree of authentication in AON.
OCDMs are divided into coherent and non coherent codes. A typical coherent
OCDMA is realized by spectral phase encoding of SPE (Spectral Phase
Encoding). SPE coding applies different phase shifts for multiple coherent spectral
components. On the receiving side, the reverse process of spectral return of
coherent components to the phase is performed. An example of a typical
incoherent OCDMA encoding is WHTS (Wavelenght Hopping and Time
Spreading) is given schematically. Figure 3. The main disadvantage of OCDMA
encoding is the feature that when only one signal is encoded and transmitted the
attacker by tapping can perform simple detection and decoding of the data based
on the change in signal intensity. To avoid such situations, an M-ary modulation
has been developed that breaks every 0 or 1 into M symbols, thereby averaging
the signal peaks and hiding the symbol transition.
8

Slika 12. a) OCDMA sistem kodiranja, b) Zaštitni ruta realizovana na OCDMA modelu [6].

The advantage of OCDMA encoding is its large cardinal number and soft
blocking. Soft blocking denotes adaptability to the needs of communication
channels. Soft blocking implies that the addition or subtraction of simultaneous
transmissions in the AON access nodes can be done without further modifications
to the hardware. The soft blocking feature gives more scalability to OCDMA than
WDM or TDM technologies. OCDMA on the same fiber count as WDM or TDM
has much higher spectral efficiency. The soft blocking feature can be used to form
protective routes. If the security routes are formed at the physical level then for
protection option 1: N we have N standby protection routes that are activated if the
work route interrupts. In the case of the 1 + N protection option, N protection
routes are provided that run in parallel, the first being the primary route, and if it
cancels its role, the next route takes over. This type of protection is designed only
for very important golden users. Using the advantages of OCDMA on the same
route in the same transmission band, transmission links with different transmission
rates can be formed. This feature allows it to perform protection with a fast-
primary communication link and with a slow security link. If the high-speed
channel interrupts the complete data transmission, the router is routed to the slow
protection channel. Disrupting a fast link does not cause a service interruption but
results in a partial decline in QoS quality.

3.1.2. Protection against tapping by encription

Another way to protect AON against tapping is encryption. AON physical layer
data privacy protection could be done by encrypting the original content. By
encryption definition, encrypted data cannot be translated by an attacker into the
original message without a unique key. Compared to electrical encryption,
encryption in the light domain has less wait time for data processing - lower
latency and higher speed. In addition, encryption, as a process, does not produce
additional lateral electromagnetic waves that could serve an attacker to discover a
 9

unique key and compromise transmission confidentiality. Various methods have

been developed for cryptography at the AON physical layer.
The cited literature describes in detail the various cryptographic models in ON.
The most important encryption models are listed here.
The literature [19] describes a model of OFDM optical polarization encoding
with chaotic encryption based on chaotic encryption for physical-layer security.
The literature [20] provides an overview of cryptography at the physical level
using chaos theory with application to OFDM-PON (Orthogonal frequency
division multiple passive optical network).
The literature [21] provides a model for enhancing the security of AON
physical layer based on the use of OCDMA and multi-code compliant coding
(Optical-CDMA With Multi-code Keying Encryption).
An example of Optical Encryption with Interleaved Wavebad Switching will be
discussed below. This encryption model is based on FWM Four Wave Mixing.
FWM is an inter-modulating property of an optical fiber whereby they interact
with each other between 3 wavelengths to produce a fourth wavelength. In the
case of interlaced wave encryption, the non-linear FWM effect occurs in a 35 cm
long non-linear Bismuth Oxide fiber (Bi-NLF). Waveguide encryption works with
two FWM pumps that generate the orthogonal keys KEY and KEY # [22]. On the
transmitter side, the data and orthogonally polarized keys are routed via Bi-NLF
through the capler and thus encoded by the formation of FWM Figures 13. The
orthogonally polarized keys KEY and KEY# are slightly frequency shifted so that
they overlap spectrally in the communication channel. This rendering of encrypted
text makes it difficult for an attacker to eavesdrop to read blocks of data based on
a change in signal intensity.

Slika 13. Kriptovanje sa prepletenim valnim opsezima. LD laser diode;

PolM polarization modulator; BPF optical bandpass filter [22].
10

The encryption data and orthogonally polarized keys are propagated via a 3 dB
lossy capler, then amplified via an EDFA (Erbium Doped Fiber Amplifaer)
amplifier and fed to the BI-NLF in which the FWM signal encryption effect
occurs. The undesirable effect is that additional bi-polarized signals are obtained
in Bi-NLF. These additional lateral signals are filtered with BPF [23]. On the
receiving side, a reverse process takes place, wavelength reconversion, decoding
and decryption are done. The result of encryption of the OCDM sequence by band
interleaving is given in Figure 14.

Slika 14. a) CDMA ulazni podaci, b) NOR CDMA, c) Kriptovani signal, d)

Dekriptovani signal [22].

Encryption based on interleaved waveband switching modulation has the

advantage that the encryption key can be increased, thereby preventing the
attacker from decrypting the data he / she is tapping.
Cryptography is an essential segment of AON security, and as attackers are
constantly working to develop methods and tools for breaking down encryption
and encryption systems, so are researchers working to develop new encryption
models.

4. Conclusion

The large amount of data they transmit makes AON a permanent target for attacks
and a potential network security issue. Protection on the logical part of the
network is in constant development and implementation. However, protection on
logical level is roof top protection that is not complete without protection at the
 11

physical level of the optical network. This paper deals with the main weaknesses
of optical networks in the domain of security at the physical level. In this gives
work reviews the types of eavesdropping attacks that attackers can perform, as
well as potential attack sites. A description of the damage they cause is also given
for all attacks. The second part deals with countermeasures, ie types of protection
against various attacks. In addition, the encryption and encryption on the physical
layer of optical networks were processed. There is no complete security of the
physical layer of optical networks. Security is built and improved primarily by
increasing the loyalty of the technical network operational staff of optical
networks, the full implementation of existing surveillance and protection systems,
and the constant development of new security methods.

References
[1] Uvod u optičke mreže, Digital Broadcasting and Broadband Technlogies (Master Studies)
Erasmuss Projecet No.561688-EPP-1-2015-1-XK-EPPKA2-CBHE-JP
[2] Stamatios V. Kartalopoulos, Next Generation Intelligent Optical Networks, Springer 2008.
[3] Godišnji izvještaj o razvoju BiH 2018, Državna Direkcija za planiranje ekonomskog
razvoja BiH 2019.
[4] K. Manousakis, G. Ellinas, Attack-aware planning of transparent optical networks, Optical
Switching and Networking (2015), http://dx.doi.org/10.1016/j.osn.2015.03.005i
[5] Mable P. Fok, Zhexing Wang, Yanhua Deng, , and Paul R. Prucnal, Optical Layer
Security in Fiber-Optic Networks, IEEE Transactions on information forensics and security,
Vol. 6, No. 3 1556-6013, Septembar 2011.
[6] Josua S.White, Adam W. Pilbeam, An analaysis of Coupling Attack in High Speed Fiber
Optic Networks, Enable Photonic Tecnologies for Defense 2011. SPIE DOI:
10.1117/12883550
[7] Fiber-Tapping Detection with the ONMSI Optical Network Monitoring System, © 2015
Viavi Solutions Inc. Product specifications and descriptions fiber-tapping-an-fop-nse-ae
30176152 900 0415
[8] Nina Skorin-Kapov, Marija Furdek, Szilard Zsigmond, and Lena Wosinska, Physical-Layer
Security in Evolving Optical Networks, IEEE Communications Magazine • August 2016
[9] Marija Furdek and Nina Skorin-Kapov, Physical-Layer Attacks in Transparent Optical
Networks, Intechopen, DOI: 10.5772/29836, march 2012
[10] A. Teixeira, at - all, Security Issues in Optical Networks Physical Layer, ICTON 2008 978-
1-4244-2626-3/08/$25.00 ©2008 IEEE
[11] Nina Skorin-Kapov, Jiajia Chen, and Lena Wosinska, A New Approach to Optical
Networks Security: Attack-Aware Routing and Wavelength Assignment, IEEE/ACM
TRANSACTIONS ON NETWORKING, VOL. 18, NO. 3, JUNE 2010
[12] R. Rejeb, M.S. Leeson, R.J. Green, Multiple attack localization and identification in all-
optical networks, Optical Switching and Networking 3 (2006) 41–49
[13] Y. Xiao, et al., Polar coded optical OFDM system with chaotic encryption for physical-
layer security, Optics Communications (2018),
https://doi.org/10.1016/j.optcom.2018.10.015
 12

[14] Xuelin Yang, Chaotic Signal Scrambling for Physical Layer Security in OFDM-PON, 978-
1-4673-7880-2/15/$31.00 ©2015 IEEE
[15] Ayushi Sharma, Varun Kumar Kakar, Security Performance and Enhancement of Physical
Layer in Optical- CDMA With Multicode Keying Encryption, Conference Paper (PDF
Available) · November 2017 DOI: 10.1109/ICETCCT.2017.8280295
[16] Mable P. Fok* and Paul R. Prucnal, All-optical encryption based on interleaved waveband
switching modulation for optical network security, Optical Society of America 0146-
9592/09/091315-3 2009
[17] Paul R. Prucnal, Mable P. Fok, Yanhua Deng, and Zhenxing Wang, Physical layer security
in fiber-optic networks using optical signal processing, SPIE-OSA-IEEE/ Vol. 7632
76321M-1
[18] Haoshuo Chen and A.M.J. (Ton) Koonen, Spatial Division Multiplexing, Springer
International Publishing Switzerland 2017, Fibre Optic Communication,Springer Series in
Optical Sciences 161, DOI 10.1007/978-3-319-42367-8_1
[19] Ivan B. Djordjevic and Xiaole Sun, Spatial Modes-Based Physical-Layer Security, 978-1-
5090-1467-5/16/$31.00 ©2016 IEEE
[20] Kyle Guan, Peter J. Winzer, Emina Soljanin, Information-Theoretic Security in Space-
Division Multiplexed Fiber Optic Networks, 978-1-55752-950-3/12/$31.00 ©2012 Optical
Society of America