Abstract
This paper proposes a distributed attack detection and mitigation technique based on distributed estimation over a multi-agent network, where the agents take partial system measurements susceptible to (possible) biasing attacks. In particular, we assume that the system is not locally observable via the measurements in the direct neighborhood of any agent. First, for performance analysis in the attack-free case, we show that the proposed distributed estimation is unbiased with bounded mean-square deviation in steady-state. Then, we propose a residual-based strategy to locally detect possible attacks at agents. In contrast to the deterministic thresholds in the literature assuming an upper bound on the noise support, we define the thresholds on the residuals in a probabilistic sense. After detecting and isolating the attacked agent, a system-digraph-based mitigation strategy is proposed to replace the attacked measurement with a new observationally-equivalent one to recover potential observability loss. We adopt a graph-theoretic method to classify the agents based on their measurements, to distinguish between the agents recovering the system rank-deficiency and the ones recovering output-connectivity of the system digraph. The attack detection/mitigation strategy is specifically described for each type, which is of polynomial-order complexity for large-scale applications. Illustrative simulations support our theoretical results.
Highlights
D ATA regarding many real-world systems, such as wireless sensor networks, multi-agent robotic systems, block-chain and cloud-computing, smart energy networks, are naturally distributed over large geographical regions [1], [2]
We propose our attack detection and mitigation strategy based on this specific agent classification
Several papers in the literature (e.g., [55]–[59]) assume constrained noise |ν k| < δ and/or |ζ k| < δ, where the upper bound δ on the noise support sets the deterministic thresholds for attack detection
Summary
D ATA (or measurements) regarding many real-world systems, such as wireless sensor networks, multi-agent robotic systems, block-chain and cloud-computing, smart energy networks, are naturally distributed over large geographical regions [1], [2]. We consider distributed detection and mitigation of biasing attacks at sensors/agents performing distributed estimation over a large-scale dynamical system. This requires considerably more communication traffic and information exchange over the network This implies that the biased (attacked) measurement affects the residual (defined as the deviation of the estimated/expected output from the original system output [36]) at more agents, making it harder to locally isolate the faulty sensor. Main contributions: (i) Our observer-based detection strategy is localized and distributed over the multi-agent network with no local observability assumption at any agent, but global observability at the group of agents This is key in large-scale, as it enables each agent to detect a (possible) attack on its received output with no central coordination, in contrast.
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call