**1. Introduction**

122 Optical Communications Systems

Y. Sun, Zyskind J.L. and Srivastava A. K., "Average Inversion Level, Modeling and Physics

Thyagarajan K., Kakkar Charu, "Novel Fiber Design for Flat Gain Raman Amplification

Yun Seok Hyun, Lee Bong Wan Lee, Kim Hyang Kyun and Kim Byoung Yoon, "Dynamic

Vol. 3, no. 4, pp. 991-10007, Aug.1997.

pp. 1229-1231, Oct. 1999.

*Technology Letters,* Vol.22, pp. 2279-2286, Oct. 2004.

of Erbium Doped Fiber Amplifiers*," Journal of IEEE Sel. Topics Quantum Electronics*.,

Using Single Pump and Dispersion Compensation in S-Band*", IEEE Photonics* 

Erbium Doped Fiber Amplifier Based on Active Gain Flattening with Fiber Acousto-Optic Tunable Filters*", IEEE Photonics Technology Letters*, Vol. 11, No. 10,

> For the past decades, network traffic has been showing immense growth trends, as we are witnessing the rapid development of network applications such as Internet Protocol TV (IPTV), peer-to-peer traffic, grid computing, multi-player gaming etc. Optical fiber, with its huge capacity of up to 50 THz, low bit error rate of 10-12, low loss of 0.2 dB/km and low noise and interference characteristics has been widely accepted as a viable future-proof solution to meet the ever-increasing network bandwidth demands. In comparison with the available fiber capacity, the speed of edge electronic equipment of only a few Gb/s creates a bottleneck, so fiber bandwidth is divided into independent wavelength sets, each capable of carrying traffic between a pair of nodes at different speeds. This is the underlying principle of Wavelength Division Multiplexing (WDM), where different wavelengths supporting communication between different end users are multiplexed and carried simultaneously over the same physical fiber. Under normal operating conditions, carried wavelengths do not significantly interfere with each other inside the fiber. At the receiver's side, they are demultiplexed or filtered to ensure that every receiver receives the intended wavelength. An illustration of WDM principle is shown in figure 1.

In Transparent Optical Networks (TONs), signals do not undergo optical-electronical-optical (OEO) conversion at the intermediate nodes they traverse. Communication takes place entirely in the optical domain, via all-optical channels called lightpaths. The process of establishing lightpaths consists of finding a physical route and assigning a wavelength to

Physical-Layer Attacks in Transparent Optical Networks 125

components as a legitimate user (or impersonating one) or by otherwise breaching into the network. The attacker may be an outsider or, equally likely, a person with inside access to

Depending on the intentions of the attacker, physical-layer attacks can be divided into two

a. Tapping attacks - aimed at gaining unauthorized access to data and using it for traffic

b. Service Disruption attacks - aimed at degrading the Quality of Service (QoS) or causing

Tapping attacks imply breaches in communication privacy and confidentiality. Occurrences of these attacks have been recorded in the past, e.g. in 2000 when three main trunk lines of the Deutsche Telekom network were breached at Frankfurt Airport in Germany or when an illegal eavesdropping device was discovered attached to Verizon's optical network in 2003 (Miller, 2007). The most likely purpose of these attacks was industrial espionage. Estimates indicate that only in the year 2000, corporate espionage cost US companies approximately

The goal of service disruption attacks is to deteriorate the signal quality of legitimate communication channels. Depending on the severity of these attacks, their consequences may range from slight deterioration of the signal-to-noise ratio (SNR) to complete loss of service availability. They can also be aimed at manipulating communication by injecting false information or undermining the integrity of the transmitted data. Most commonly, these attacks are realized by injecting a malicious high-powered jamming signal which interferes with legitimate signals inside various network components. Methods of exploiting the vulnerabilities of the key building blocks of TONs (i.e. optical fibers, amplifiers and switches) to perform tapping and service disruption attacks are described in the following

Optical fibers are immune to electromagnetic interference, which eliminates the possibility of eavesdropping through observation of side-channel effects, but, unless shielded, they are still susceptible to eavesdropping through other means. Namely, under normal operating conditions, light is kept inside the fiber core through total internal reflection, where the angle between the light beam and the core inner surface exceeds the critical angle and the beam is totally reflected back into the core. Bending the fiber violates the condition of total internal reflection of light inside the fiber core and causes part of the signal to be radiated out of the fiber, as shown in figure 2. If a photodetector is placed at the fiber bend, it can pick up such leakage and deliver the transmitted content to the intruder. Commercial tapping devices which introduce losses below 0.5 dB can be found on the market. There are also techniques which introduce losses below 0.1 dB, making such attacks extremely

Some of these devices may cause a short interruption of service due to the necessity of cutting the fiber in order to install the device, after which the transmission is re-established. If this interruption is noticed, the technical personnel is quite likely to find the location of

the network facilities, according to (Richardson, 2008).

\$20 billion in purely technical means (Oyster Optics Inc., 2002).

difficult to detect by network monitoring systems.

analyses or eavesdropping purposes.

main groups:

subsections.

**2.1 Optical fibers** 

service denial.

each of them, called Routing and Wavelength Assignment (RWA). The set of established lightpaths then comprises a so-called virtual topology over the given physical topology. Intermediate nodes perform wavelength-switching without regenerating or even interpreting the carried signals. Namely, full 3R (re-amplification, re-shaping, re-timing) signal regeneration in the optical domain is still in the experimental phase. Therefore, optical signals can only be re-amplified (1R) in the optical domain, while re-shaping and retiming require OEO conversion. We are currently witnessing the evolution of optical networking from opaque networks with all-electronic switching, implying OEO conversion at every node, to transparent networks with all-optical switching and no OEO conversions at intermediate nodes. Networks in which most of the nodes are transparent and some of them are strategically equipped with 2R and/or 3R regenerators to improve the quality of analog optical signals are called translucent (Shen & Tucker, 2007).

The absence of lightpath regeneration in transparent optical networks not only provides signal transparency to bit rates, protocols and modulation formats but also reduces the costs and energy consumption associated with OEO conversion. However, transparency introduces significant changes to the security paradigm of optical networks by allowing signals whose characteristics fall out of the protocol-specific bounds or component working ranges to propagate through the network undetected. This creates a security vulnerability which can be exploited by a malevolent user to perform deliberate attacks aimed at degrading the proper functioning of the network. Due to the high data rates and latency employed in back-bone optical networks, even sporadic attacks of short duration can cause large data and revenue losses.

Section 2 gives an overview of different types and methods of physical-layer attacks in TONs, along with experimental evaluation of some of the vulnerabilities of network components that can be exploited by malicious users. Section 3 gives an overview of the current issues and trends in attack management and control in TONs, as well as some methods and guidelines for increasing network resilience to attacks. Finally, Section 4 concludes this chapter.
