Compromised Sensor Research Articles

Detection of sensors used for adversarial examples against machine learning models

Machine learning (ML) systems that utilize sensor inputs have become integral in various applications; however, they remain vulnerable to sensor-based adversarial example (AE) attacks, where compromised sensors can be exploited to manipulate system outputs. This study addresses the critical issue of safeguarding these systems by identifying and mitigating compromised sensors, thereby enhancing their resilience. This study introduces a novel detection method using a feature-removable model (FRM), which allows the selective removal of features to identify inconsistencies in the model's outputs when different sensor features are altered. The methodology was validated on a human activity recognition (HAR) model utilizing sensors placed on the chest, wrist, and ankle, with a focus on identifying attacker-compromised sensors. The results demonstrated the efficacy of the method, achieving an average Recall of detected sensors of 0.92 and an average Precision of detected sensors of 0.72, highlighting the ability of the approach to accurately detect and identify compromised sensors. This study significantly contributes to advancing the security and robustness of ML systems against sensor-based AE attacks.

GLHAD: A Group Lasso-Based Hybrid Attack Detection and Localization Framework for Multistage Manufacturing Systems

Abstract As Industry 4.0 and digitization continue to advance, the reliance on information technology increases, making the world more vulnerable to cyberattacks, especially cyber-physical attacks that can manipulate physical systems and compromise sensor data integrity. Detecting cyberattacks in multistage manufacturing systems (MMS) is crucial due to the growing sophistication of attacks and the complexity of MMS. Attacks can propagate throughout the system, affecting subsequent stages and making detection more challenging than in single-stage systems. Localization is also critical due to the complex interactions in MMS. To address these challenges, a group lasso regression-based framework is proposed to detect and localize attacks in MMS. The proposed algorithm outperforms traditional hypothesis testing-based methods in expected detection delay and localization accuracy, as demonstrated in a simple linear multistage manufacturing system.

Stealth Data Injection Attacks With Sparsity Constraints

Sparse stealth attack constructions that minimize the mutual information between the state variables and the observations are proposed. The attack construction is formulated as the design of a multivariate Gaussian distribution that aims to minimize the mutual information while limiting the Kullback-Leibler divergence between the distribution of the observations under attack and the distribution of the observations without attack. The sparsity constraint is incorporated as a support constraint of the attack distribution. Two heuristic greedy algorithms for the attack construction are proposed. The first algorithm assumes that the attack vector consists of independent entries, and therefore, requires no communication between different attacked locations. The second algorithm considers correlation between the attack vector entries which results in larger disruption and smaller probability of detection at the expense of coordination between different locations. We numerically evaluate the performance of the proposed attack constructions on IEEE test systems and show that it is feasible to construct stealth attacks that generate significant disruption with a low number of compromised sensors.

A Novel Diagnosis Scheme against Collusive False Data Injection Attack.

The collusive false data injection attack (CFDIA) is a false data injection attack (FIDA), in which false data are injected in a coordinated manner into some adjacent pairs of captured nodes of an attacked wireless sensor network (WSN). As a result, the defense of WSN against a CFDIA is much more difficult than defense against ordinary FDIA. This paper is devoted to identifying the compromised sensors of a well-behaved WSN under a CFDIA. By establishing a model for predicting the reading of a sensor and employing the principal component analysis (PCA) technique, we establish a criterion for judging whether an adjacent pair of sensors are consistent in terms of their readings. Inspired by the system-level fault diagnosis, we introduce a set of watchdogs into a WSN as comparators between adjacent pairs of sensors of the WSN, and we propose an algorithm for diagnosing the WSN based on the collection of the consistency outcomes. Simulation results show that the proposed diagnosis scheme achieves a higher probability of correct diagnosis.

An Observer With Cooperative Interaction Structure for Biasing Attack Detection and Secure Control

This article studies state estimation and attack reconstruction problems for sensor and actuator biasing attack detection and secure control in cyber–physical systems (CPSs) through the observer techniques. The considered unknown bounded biasing attacks are produced from any dynamical system satisfying the error system between it and its equilibrium to be input-to-state stable, so that some reported biasing attacks are contained as a special case. In order to deal with potential compromised sensor output signals, an auxiliary filter is first introduced. Then, an augmented system, including the CPS and filter dynamics is constructed. Furthermore, with the aid of the system structure and input–output data, fictitious systems comprising the information of attack reconstruction errors are given. And then, by the cooperative interaction between the dynamics of observer’s estimation errors and virtual systems, an observer with a cooperative interaction structure is proposed, where the fictitious systems can be viewed as co-workers conducing to the accurate state estimation and attack reconstruction. By the Lyapunov approach, it is shown that state estimations and reconstructed attack signals, respectively, converge to the small set around system states and real attack signals, and the set bound can be reduced by adjusting the observer’s parameter. The applications of the observer to biasing attack detection and secure control are further given. Finally, an illustrative example validates the proposed methods.

Zonotopic resilient state estimation for unmanned surface vehicles subject to integrity attacks

This work concerns the problem of resilient state estimation for unmanned surface vehicle systems subject to integrity attacks under peak-bounded perturbations. A novel resilient remote state estimation method is proposed based on zonotopic reachability analysis. The compromised sensors are identified based on the so-called predicted output set and zonotope support strip. Then, a resilient state reachable set is obtained by using the sensor data from the remaining benign measurements. For enhancing the performance of estimation, segment minimization is introduced to optimize the obtained state reachable set. Simulation results are provided to testify the effectiveness of the proposed method.

LQG Reference Tracking With Safety and Reachability Guarantees Under Unknown False Data Injection Attacks

We investigate a linear quadratic Gaussian (LQG) tracking problem with safety and reachability constraints in the presence of an adversary who mounts a false data injection attack on an unknown set of sensors. For each possible set of compromised sensors, we maintain a state estimator disregarding the sensors in that set, and calculate the optimal LQG control input at each time based on this estimate. We propose a control policy which constrains the control input to lie within a fixed distance of the optimal control input corresponding to each state estimate. The control input is obtained at each time step by solving a quadratically constrained quadratic program. We prove that our policy can achieve a desired probability of safety and reachability using the barrier certificate method. Our control policy is evaluated via a numerical case study.

MDESops: An Open-Source Software Tool for Discrete Event Systems Modeled by Automata

The salient features of the new software tool MDESops are presented. MDESops is Python-based and open-source. Its focus is the analysis and control of discrete event systems (DES) modeled by finite-state automata. MDESops has core functions to manipulate deterministic and nondeterministic automata, including parallel composition and determinization. It has functions to analyze diagnosability and opacity properties. MDESops also includes functions that implement both standard and more recent algorithmic procedures from the theory of supervisory control of DES, including synthesis of supervisors for partially-observed systems, synthesis of attackers in systems with compromised sensors, and synthesis of supervisors resilient to deception attacks. It is the hope that MDESops can serve as a useful platform for algorithm development and prototyping in DES research.

Symmetrical Simulation Scheme for Anomaly Detection in Autonomous Vehicles Based on LSTM Model

Technological advancement has transformed traditional vehicles into autonomous vehicles. Autonomous vehicles play an important role since they are considered an essential component of smart cities. The autonomous vehicle is an intelligent vehicle capable of maintaining safe driving by avoiding crashes caused by drivers. Unlike traditional vehicles, which are fully controlled and operated by humans, autonomous vehicles collect information about the outside environment using sensors to ensure safe navigation. Autonomous vehicles reduce environmental impact because they usually use electricity to operate instead of fossil fuel, thus decreasing the greenhouse gasses. However, autonomous vehicles could be threatened by cyberattacks, posing risks to human life. For example, researchers reported that Wi-Fi technology could be vulnerable to cyberattacks through Tesla and BMW autonomous vehicles. Therefore, further research is needed to detect cyberattacks targeting the control components of autonomous vehicles to mitigate their negative consequences. This research will contribute to the security of autonomous vehicles by detecting cyberattacks in the early stages. First, we inject False Data Injection (FDI) attacks into an autonomous vehicle simulation-based system developed by MathWorks. Inc. Second, we collect the dataset generated from the simulation model after integrating the cyberattack. Third, we implement an intelligent symmetrical anomaly detection method to identify false data cyber-attacks targeting the control system of autonomous vehicles through a compromised sensor. We utilize long short-term memory (LSTM) deep networks to detect False Data Injection (FDI) attacks in the early stage to ensure the stability of the operation of autonomous vehicles. Our method classifies the collected dataset into two classifications: normal and anomaly data. The experimental result shows that our proposed model’s accuracy is 99.95%. To this end, the proposed model outperforms other state-of-the-art models in the same study area.

Haunted House: Physical Smart Home Event Verification in the Presence of Compromised Sensors

In this article, we verify physical events using data from an ensemble of smart home sensors. This approach both protects against event sensor faults and sophisticated attackers. To validate our system’s performance, we set up a “smart home” in an office environment. We recognize 22 event types using 48 sensors over the course of two weeks. Using data from the physical sensors, we verify the event stream supplied by the event sensors to detect both masking and spoofing attacks. We consider three threat models: a zero-effort attacker, an opportunistic attacker, and a sensor-compromise attacker who can arbitrarily modify live sensor data. For spoofed events, we achieve perfect classification for 9 out of 22 events and achieve a 0% false alarm rate at a detection rate exceeding 99.9% for 15 events. For 11 events the majority of masking attacks can be detected without causing any false alarms. We also show that even a strong opportunistic attacker is inherently limited to spoofing few select events and that doing so involves lengthy waiting periods. Finally, we demonstrate the vulnerability of a single-classifier system to compromised sensor data and introduce a more secure approach based on sensor fusion.

Data Mining for the Security of Cyber Physical Systems Using Deep-Learning Methods

Cyber Physical Systems (CPSs) have become widely popular in recent years, and their applicability have been growing exponentially. A CPS is an advanced system that incorporates a computation unit along with a hardware unit, allowing for computing processes to interact with the physical world. However, this increased usage has also led to the security concerns in them, as they allow potential attack vendors to exploit the possibilities of committing misconduct for their own benefit. It is of paramount importance that these systems have comprehensive security mechanisms to mitigate these security threats. A typical attack vector for a CPS is malicious data supplied by compromised sensors that are part of the CPSs. To combat this attack vector, many systems are secured through fault tolerance, including methods such as checkpointing to recover the system. Looking at the diverse nature of attacks and their ever growing complexities, traditional security approaches may not counter them efficiently, which creates a vacuum to be filled with sophisticated state-of-the-art techniques. In this paper, Deep Learning methods such as autoencoders, and Support Vector Machines are proposed to secure CPSs against these attacks. The networks in these applied methods are trained with a normal data profile devoid of any malicious data. Data collected from the system’s sensors at specified intervals is used to form a data series and input to the neural networks. The networks compare and analyze new data to the normal profile to detect anomalies, if there is any. In the presence of anomalous data, the networks generate corrective action(s) for these sensors and the physical states they are recording. Through detection of anomalies, effective security of CPSs may be improved in addition to providing protection for the sensors. Moreover, the proposed method of securing CPSs opens up the possibility of further research by showcasing the applicability of neural networks in securing CPSs.

Asymptotic Optimality in Byzantine Distributed Quickest Change Detection

The Byzantine distributed quickest change detection (BDQCD) is studied, where a fusion center monitors the occurrence of an abrupt event through a bunch of distributed sensors that may be compromised. We first consider the binary hypothesis case where there is only one post-change hypothesis and prove a novel converse to the first-order asymptotic detection delay in the large mean time to a false alarm regime. This converse is tight in that it coincides with the currently best achievability shown by Fellouris et al.; hence, the optimal asymptotic performance of binary BDQCD is characterized. An important implication of this result is that, even with compromised sensors, a 1-bit link between each sensor and the fusion center suffices to achieve asymptotic optimality. To accommodate multiple post-change hypotheses, we then formulate the multi-hypothesis BDQCD problem and again investigate the optimal first-order performance under different bandwidth constraints. A converse is first obtained by extending our converse from binary to multi-hypothesis BDQCD. Two families of stopping rules, namely the simultaneous d-th alarm and the multi-shot d-th alarm, are then proposed. Under sufficient link bandwidth, the simultaneous d-th alarm, with d being set to the number of honest sensors, can achieve the asymptotic performance that coincides with the derived converse bound; hence, the asymptotically optimal performance of multi-hypothesis BDQCD is again characterized. Moreover, although being shown to be asymptotically optimal only for some special cases, the multi-shot d-th alarm is much more bandwidth-efficient and energy-efficient than the simultaneous d-th alarm. Built upon the above success in characterizing the asymptotic optimality of the BDQCD, a corresponding leader-follower Stackelberg game is formulated and its solution is found.

Optimal Switching Attacks and Countermeasures in Cyber-Physical Systems

The work analyzes dynamic responses of a healthy plant under optimal switching data-injection attacks on sensors and develops countermeasures from the vantage point of optimal control. This is approached in a cyber-physical system setting, where the attacker can inject false data into a selected subset of sensors to maximize the quadratic cost of states and the energy consumption of the controller at a minimal effort. A 0-1 integer program is formulated, through which the adversary finds an optimal sequence of sets of sensors to attack at optimal switching instants. Specifically, the number of compromised sensors per instant is kept fixed, yet their locations can be dynamic. Leveraging the embedded transformation and mathematical programming, an analytical solution is obtained, which includes an algebraic switching condition determining the optimal sequence of attack locations (compromised sensor sets), along with an optimal state-feedback-based data-injection law. To thwart the adversary, however, a resilient control approach is put forward for stabilizing the compromised system under arbitrary switching attacks constructed based on a set of state-feedback laws, each of which corresponds to a compromised sensor set. Finally, an application using power generators in a cyber-enabled smart grid is provided to corroborate the effectiveness of the resilient control scheme and the practical merits of the theory.

Attack Resilient Trust and Signature-based Intrusion Detection Systems

Wireless sensor networks have been widely applied in many areas due to their unique characteristics. These have exposed them to different types of active and passive attacks. In the literature, several solutions have been proposed to mitigate these attacks. Most of the proposed solutions are too complex to be implemented in wireless sensor networks considering the resource-constraint of sensor nodes. In this work, we proposed a hierarchical trust mechanism based on clustering approach to detect and prevent denial of service attacks in wireless sensor networks. The approach was validated through simulation using Network Simulator (NS2). The following metrics were used to evaluation the proposed scheme: packet delivery ratio, network lifetime, routing delay, overhead, and number of nodes. The proposed approach is capable of detecting compromised sensor nodes vulnerable to a denial of service attacks. Moreover, it is able to detect all sensed data that have been compromised during transmission to the base station. The results show that our method can effectively detect and defend against denial of service attacks in sensor wireless sensor networks.

Efficient Resource Allocation in Hybrid Wireless Networks Increase the Capacity

In many wireless sensor network (WSN) the Mobile sinks(MSs) are very essential applications for efficient data gathering, restricted sensor reprogramming, and for distinguishing and revoking compromised sensors. The sensor network that formulate use of the existing 2-tier security structure, elevate a new protection challenge i.e an attacker can easily create a replicated node and can gain control of the data in the network. This project describes a polynomial pool based approach hybrid three-tier general framework that permits the use of any pairwise key predistribution scheme as its basic component. In this technique we implement a special kind of sensor node, which is called as polynomial pool. This sensor node not the part of actual communication. Polynomial pool checks all key of that intruder node and if key matches it allowed that node into network otherwise throwaway from the network. In this project we implemented a new technique with an algorithm named GNDA Good Node Detection Algorithm Based Approach technique with Wireless Sensor Networks. As we all know that, secured files are easily hacked by attacked by they are using several software. In my project the main aim is to avoid this kind of attackers & also increase the capacity by sending by files. Propose a Hybrid Distributed Three-hop Data Routing protocol (HDTR). HDTR protocol improves the Network efficiency and reduces the Overhead. This will also identify the good neighbor node to transfer the data.

INTRUSION DETECTION FRAMEWORK FOR GEO-SENSOR NETWORK

Wireless Geo-Sensor Network (GEONET) is suitable for critical applications in hostile environments due to its flexibility in deployment. However, low power geo-sensor nodes are easily compromised by security threats like battery exhaustion attacks, which may give rise to unavoidable circumstances. In this type of attack, the intruder forcefully resists legitimate sensor nodes from going into a low-power sleep state. So that compromised sensor nodes' battery power is drained out, and they stop working. Due to sensor nodes' limited capability, it is complicated to prevent a sensor node from this type of attack, which appears as innocent interaction. This paper proposes a secure GEONET model (SEGNET) based on a dynamic load distribution mechanism for a heterogeneous environment. It implements a hybrid detection approach using three modules for anomaly detection, intrusion confirmation, and decision making to reduce the probability of false detection.

Design and Analysis of Secure Distributed Estimator for Vehicular Platooning in Adversarial Environment

Platooning of connected vehicles is a solution geared toward improving traffic throughput, highway safety, driving comfort, and fuel efficiency. These vehicles are equipped with Cooperative Adaptive Cruise Controller (CACC) that integrates information from dedicated short-range communication (DSRC) radio and sensors for safe navigation. The possibility of malicious attacks such as Denial of Service (DoS) or False Data Injection (FDI) on sensor data or control inputs tends to affect reliability, and jeopardize the safety of connected vehicles. Thus, securing sensor data of these vehicles from DoS or FDI attacks is essential to avoid unwanted consequences. To withstand sensor attacks, resilient state estimators have been developed for networked cyber-physical systems (CPS). However, such estimators do not perform well as the number of compromised sensors of the system increases. As such, we propose a novel convex optimization based Resilient Distributed State Estimator (RDSE) that bounds the state estimation error, irrespective of the magnitude of the attack and the number of compromised sensors. We theoretically prove that the proposed estimator has similar performance compared to the state-of-the-art Distributed Kalman Filter (DKF) under attack free and noise free scenarios. While under attack, our RDSE outperforms the DKF and we provide a theoretical bound on state estimation error generated by RDSE during an attack. We also demonstrate the effectiveness of RDSE against FDI attacks in a platoon with five vehicles and compare its performance during attack against the DKF and the Resilient Distributed Kalman Filter (RDKF).

Fast Attack-Resilient Distributed State Estimator for Cyber-Physical Systems

The performance of resilient state estimators developed for cyber-physical systems (CPSs) decreases as the number of compromised sensors of the system increases. Furthermore, some of these algorithms leverage computationally expensive optimization techniques to incorporate resiliency. As such, we propose a fast resilient distributed state estimator (FRDSE), which is a novel resilient distributed algorithm that produces bounded state estimation errors regardless of the magnitude of the attack and the number of compromised sensors. Our algorithm converges to the true state in an attack-free and noise-free scenario and it produces bounded estimation errors during an attack. Compared to existing algorithms, FRDSE is more computationally efficient. We provide theoretical guarantees on the convergence of FRDSE in attack-free scenario and prove its resiliency during an attack. We demonstrate the performance of our algorithm against false data injection (FDI) attack in a platoon of vehicles and compare its runtime against existing algorithms. We observe that on a platoon of eight vehicles, runtime of our algorithm is 0.102 s, much lower than the state-of-the-art solutions.

Improved Model for the Stability Analysis of Wireless Sensor Network Against Malware Attacks

Ensuring security in a communication network is one of the underlying challenges of wireless sensor network due to critical operational constraints. Wireless sensor network (WSN) is an easy target of malware (worm, virus, malicious code, etc.) attacks due to weak security mechanism. Malware propagation outsets from a compromised sensor node and spreads in the whole WSN using wireless communication. Owing to epidemic nature of worm transmission in the network, it is essential to implement a defence mechanism against worm attacks. Motivated by malware quarantine, we propose an improved mathematical model which aggregates quarantine and vaccination techniques. We obtain the equilibrium points and other crucial parameters of the proposed model. We analyse the system stability under different conditions. Basic reproduction number determines whether malware is extinct in the system or not. It helps in the calculation of cutoff limit of the node density and communication radius. The impingement of various parameters in this model is analysed. The performance is observed to be significantly ameliorated than existing models and verified by extensive simulation results in terms of reducing the number of infectious nodes and decreasing the rate of malware propagation.

Colonel Blotto Game for Sensor Protection in Interdependent Critical Infrastructure

Securing the physical components of a city's interdependent critical infrastructure (ICI), such as power, natural gas, and water systems is a challenging task due to their interdependence and a large number of involved sensors. In this article, using a novel integrated state-space model that captures the interdependence, a two-stage cyberattack on an ICI is studied in which the attacker first compromises the ICI's sensors by decoding their messages, and, subsequently, it alters the compromised sensors' data to cause state estimation errors. To thwart such attacks, the administrator of each critical infrastructure (CI) must assign protection levels to the sensors based on their importance in the state estimation process. To capture the interdependence between the attacker and the ICI administrator's actions and analyze their interactions, a Colonel Blotto game framework is proposed. The mixed-strategy Nash equilibrium of this game is derived analytically. At this equilibrium, it is shown that the administrator can strategically randomize between the protection levels of the sensors to deceive the attacker. Simulation results coupled with theoretical analysis show that using the proposed game, the administrator can reduce the state estimation error by at least 50% compared to a nonstrategic approach that assigns protection levels proportional to sensor values.