Secure Distributed Estimation Against Data Integrity Attacks in Internet-of-Things Systems

Abstract

A secure distributed estimation method against data integrity attacks is presented for general Internet-of-Things (IoT) systems. By exploiting the spatial sparsity of the attacks, a robust optimal estimation objective to protect the entire IoT system is established. Then, a false data processor is developed to suppress the bad effects of the attacks. The convergence of the presented method is analyzed. It shows that, under accessible conditions, the estimation error will converge to be uniformly bounded for all cases, i.e., all communication links and transmitted data are arbitrarily compromised. Furthermore, by utilizing the property of persistence, a quantitative trust model is established for IoT systems based on the past behaviors of the nodes. Then, a trust-based distributed estimation method is proposed to enhance security. Simulation results by considering an IoT system with 50 nodes and 145 edges are also provided to verify our theoretical results. <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Note to Practitioners</i> —The increasingly serious attack events that happened in recent years demonstrate the importance of security in the development of Internet-of-Things (IoT) systems. Different from the traditional Internet, IoT systems are usually constrained by computing and storage resources. Then, complex encryption and authentication algorithms or protocols will not be applicable to IoT systems. Distributed estimation plays an important role in the collaborative control, monitoring, and management of IoT systems. Inevitably, attacks to distributed estimation could make false data spread throughout the networks and further cause terrible consequences, while the issues of network security have not been yet taken into consideration in the existing design of distributed estimation. In this article, we propose a secure distributed estimation method. By adding a security mechanism into the distributed estimation algorithm, the ability of resistance to any data integrity attacks can be achieved. Moreover, the possible damage will be completely controllable for arbitrary attacks. That is, our method can guarantee that the estimation performance will always be acceptable even in the worst case. Besides, it is simple and lightweight, and no additional communication consumption and hardware devices are needed for its deployment and operations.