skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: REDUCED-RANK ADAPTIVE FILTERING IN THE PRESENCE OF BYZANTINE SENSORS
In this paper, we study the impact of the presence of byzantine sensors on the reduced-rank linear least squares (LS) estimator. A sensor network with N sensors makes observations of the physical phenomenon and transmits them to a fusion center which computes the LS estimate of the parameter of interest. It is well-known that rank reduction exploits the bias-variance trade-off in the full-rank estimator by putting higher priority on highly informative content of the data. The low-rank LS estimator is constructed using this highly informative content, while the remaining data can be discarded without affecting the overall performance of the estimator. We consider the scenario where a fraction of the N sensors are subject to data falsification attack from byzantine sensors, wherein an intruder injects a higher noise power (compared to the unattacked sensors) to the measurements of the attacked sensors. Our main contribution is an analytical characterization of the impact of data falsification attack of the above type on the performance of reduced-rank LS estimator. In particular, we show how optimally prioritizing the highly informative content of the data gets affected in the presence of attacks. A surprising result is that, under sensor attacks, when the elements of the data matrix are all positive the error performance of the low rank estimator experiences a phenomenon wherein the estimate of the mean-squared error comprises negative components. A complex nonlinear programming-based recipe is known to exist that resolves this undesirable effect; however, the phenomenon is oftentimes considered very objectionable in the statistical literature. On the other hand, to our advantage this effect can serve to detect cyber attacks on sensor systems. Numerical results are presented to complement the theoretical findings of the paper.  more » « less
Award ID(s):
1744129
PAR ID:
10148819
Author(s) / Creator(s):
; ;
Date Published:
Journal Name:
Conference on Information Sciences and Systems
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; (, 2017 IEEE 56th Annual Conference on Decision and Control (CDC))
    Consider a setup in which a central estimator seeks to estimate an unknown deterministic parameter using measurements from multiple sensors. Some of the sensors may be adversarial in that their utility increases with the Euclidean distance between the estimate of the central estimator and their own local estimate. These sensors may misreport their measurements to the central estimator at a falsification cost. We formulate a Stackelberg game in which the central estimator acts as the leader and the adversarial sensors act as the follower. We present the optimal linear fusion scheme for the estimator and the optimal attack pattern for the adversarial sensors in the Nash equilibrium sense. Interestingly, the estimate at the central estimator may be better than if the measurements from the adversarial sensors were altogether ignored. 
    more » « less
  2. ; ; ; (, IEEE Real-Time Systems Symposium (RTSS))
    While many research efforts on Cyber-Physical System (CPS) security are devoted to attack detection, how to respond to the detected attacks receives little attention. Attack response is essential since serious consequences can be caused if CPS continues to act on the compromised data by the attacks. In this work, we aim at the response to sensor attacks and adapt machine learning techniques to recover CPSs from such attacks. There are, however, several major challenges. i) Cumulative error. Recovery needs to estimate the current state of a physical system (e.g., the speed of a vehicle) in order to know if the system has been driven to a certain state. However, the estimation error accumulates over time in presence of compromised sensors. ii) Timely response. A fast response is needed since slow recovery not only comes with large estimation errors but also may be too late to avoid irreparable consequences. To address these challenges, we propose a novel learning-based solution, named sequence-predictive recovery (or SeqRec). To reduce the estimation error, SeqRec designs the first sequence-to-sequence (Seq2Seq) model to uncover the temporal and spatial dependencies among sensors and control demands, and then uses the model to estimate system states using the trustworthy data logged in history. To achieve an adequate and fast recovery, SeqRec designs the second Seq2Seq model that considers both the current time step using the remaining intact sensors and the future time steps based on a given target state, and embeds the model into a novel recovery control algorithm to drive a physical system back to that state. Experimental results demonstrate that SeqRec can effectively and efficiently recover CPSs from sensor attacks. 
    more » « less
  3. (, 2020 American Control Conference (ACC))
    The work provides a general model of communication attacks on a networked infinite dimensional system. The system employs a network of inexpensive control units consisting of actuators, sensors and control processors. In an effort to replace a reduced number of expensive high-end actuating and sensing devices implementing an observer-based feedback, the alternate is to use multiple inexpensive actuators/sensors with static output feedback. In order to emulate the performance of the high-end devices, the controllers for the multiple actuator/sensors implement controllers which render the system networked. In doing so, they become prone to communication attacks either as accidental or deliberate actions on the connectivity of the control nodes. A single attack function is proposed which models all types of communication attacks and an adaptive detection scheme is proposed in order to (i) detect the presence of an attack, (ii) diagnose the attack and (iii) accommodate the attack via an appropriate control reconfiguration. The reconfiguration employs the adaptive estimates of the controller gains and restructure the controller adaptively in order to minimize the detrimental effects of the attack on closed-loop performance. Numerical studies on a 1D diffusion PDE employing networked actuator/sensor pairs are included in order to further convey the special architecture of detection and accommodation of networked systems under communication attacks. 
    more » « less
  4. ; (, Information)
    Anomaly-based attack detection methods depend on some form of machine learning to detect data falsification attacks in smart living cyber–physical systems. However, there is a lack of studies that consider the presence of attacks during the training phase and their effect on detection and false alarm performance. To improve the robustness of time series learning for anomaly detection, we propose a framework by modifying design choices such as regression error type and loss function type while learning the thresholds for an anomaly detection framework during the training phase. Specifically, we offer theoretical proofs on the relationship between poisoning attack strengths and how that informs the choice of loss functions used to learn the detection thresholds. This, in turn, leads to explainability of why and when our framework mitigates data poisoning and the trade-offs associated with such design changes. The theoretical results are backed by experimental results that prove attack mitigation performance with NIST-specified metrics for CPS, using real data collected from a smart metering infrastructure as a proof of concept. Thus, the contribution is a framework that guarantees security of ML and ML for security simultaneously. 
    more » « less
  5. ; (, IEEE Transactions on Dependable and Secure Computing)
    False power consumption data injected from compromised smart meters in Advanced Metering Infrastructure (AMI) of smart grids is a threat that negatively affects both customers and utilities. In particular, organized and stealthy adversaries can launch various types of data falsification attacks from multiple meters using smart or persistent strategies. In this paper, we propose a real time, two tier attack detection scheme to detect orchestrated data falsification under a sophisticated threat model in decentralized micro-grids. The first detection tier monitors whether the Harmonic to Arithmetic Mean Ratio of aggregated daily power consumption data is outside a normal range known as safe margin. To confirm whether discrepancies in the first detection tier is indeed an attack, the second detection tier monitors the sum of the residuals (difference) between the proposed ratio metric and the safe margin over a frame of multiple days. If the sum of residuals is beyond a standard limit range, the presence of a data falsification attack is confirmed. Both the ‘safe margins’ and the ‘standard limits’ are designed through a ‘system identification phase’, where the signature of proposed metrics under normal conditions are studied using real AMI micro-grid data sets from two different countries over multiple years. Subsequently, we show how the proposed metrics trigger unique signatures under various attacks which aids in attack reconstruction and also limit the impact of persistent attacks. Unlike metrics such as CUSUM or EWMA, the stability of the proposed metrics under normal conditions allows successful real time detection of various stealthy attacks with ultra-low false alarms. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email