基于KL散度检测器下的最优线性欺诈攻击

王彩云; 李芳菲

doi:10.14135/j.cnki.1006-3080.20200802001

基于KL散度检测器下的最优线性欺诈攻击

doi: 10.14135/j.cnki.1006-3080.20200802001

王彩云,
李芳菲^,

华东理工大学数学学院，上海 200237

基金项目: 国家自然科学基金面上项目（61773161）；上海市探索项目（18ZR1409800）；华东理工大学杰出青年培育基金（JKM012016023）；高等学校学科创新引智计划（111计划）（B17017）

详细信息

作者简介:
王彩云（1996-），女，安徽人，硕士生，主要研究信息安全。E-mail：wangcaiyun@mail.ecust.edu.cn

通讯作者:
李芳菲， E-mail：li_fangfei@163.com

中图分类号: TP3
计量
- 文章访问数: 858
- HTML全文浏览量: 420
- PDF下载量: 9
- 被引次数: 0
出版历程
- 收稿日期: 2020-08-02
- 网络出版日期: 2020-12-16

Optimal Linear Deception Attack Based on KL Divergence Detector

WANG Caiyun,
LI Fangfei^,

School of Mathematics, East China University of Science and Technology, Shanghai 200237, China

摘要

摘要: 信息物理系统 (Cyber-Physical System, CPS) 进行远程状态估计时，攻击者容易通过篡改无线传输的测量数据对系统进行攻击，从而对系统性能造成损失。根据攻击者对系统知识的了解程度，分两种情况研究了传输过程中容易发生的线性欺诈攻击，同时分析了在KL散度检测器下两种情况的估计性能以及最优攻击策略，并且将最优攻击问题转化为凸优化问题。最后，给出了一维情况下的最优攻击的闭式表达式以及使用数值仿真来验证所得结论的有效性。
- 信息物理系统 /
- KL散度 /
- 线性欺诈攻击 /
- 远程状态估计
Abstract: When the cyber-physical system (Cyber-Physical System, CPS) performs remote state estimation, it is easy for an attacker to attack the system by tampering with wirelessly transmitted measurement data, etc., thereby causing loss of system performance. In order to defend against attacks, we need to fully understand the attacker's attack strategy. According to the attacker's understanding of the system knowledge, we divide the research into two situations: one is that the attacker has limited ability and cannot directly obtain the transmission data, but can use additional sensors to get a measurement; the other one is that the attacker has a good understanding of the system, and can either directly obtain the transmission data or use its own additional sensors to measure the data. We analyze estimation performance of the attacker's optimal linear deception attack strategy under the KL divergence detector for these two situations, and transform the optimal attack problem into a convex optimization problem. Finally, we give a closed-form expression of the optimal linear deception attack in a one dimensional situation. We compare the estimation error covariance caused by the optimal attack in the two cases, and conclude that the more the attacker understands the system knowledge and the greater the impact of the attack on system performance. At the same time, it is also compared with the existing literature in terms of estimation performance and optimal attack, and use numerical simulation to verify the effectiveness of the proposed results.
- Cyber physical system /
- KL divergence /
- linear deception attack /
- remote state estimation

HTML全文

图 1 具有攻击下的系统框架图

Figure 1. System framework diagram under attack

下载: 全尺寸图片幻灯片

图 2 第一种情况下当阈值$ \delta =0.5 $时不同攻击对远程估计误差协方差的影响

Figure 2. Influence of different attacks on the remote estimation error covariance at $ \delta =0.5 $ in the first case

下载: 全尺寸图片幻灯片

图 3 第二种情况下当阈值$ \delta =0.5 $时不同攻击对远程估计误差协方差的影响

Figure 3. Influence of different attacks on the remote estimation error covariance at $ \delta =0.5 $in the second case

下载: 全尺寸图片幻灯片

图 4 两种情况下最优攻击的估计误差协方差比较（$\delta = $$ 0.5$）

Figure 4. Comparison of estimation error covariance of optimal attack in two cases（$ \delta =0.5 $）

下载: 全尺寸图片幻灯片

图 5 在最优攻击下阈值$ \delta $的不同对远程估计误差协方差的影响

Figure 5. Influence of different threshold $ \delta $ on the covariance of remote estimation error under optimal attack

下载: 全尺寸图片幻灯片

图 6 第一种情况下系统有无扰动对不同检测器的检测率的影响

Figure 6. In the first case, the impact of system disturbance on the detection rate of different detectors

下载: 全尺寸图片幻灯片

图 7 第二种情况下系统有无扰动对不同检测器的检测率的影响

Figure 7. In the second case, the impact of system disturbance on the detection rate of different detectors

下载: 全尺寸图片幻灯片

图 8 第一种情况下$ \delta =0 $时的最优攻击与文献[5]中的最优攻击相同

Figure 8. Optimal attack is the same as the optimal attack in Reference[5] at $\delta =0 $in the first case

下载: 全尺寸图片幻灯片

图 9 第二种情况下$ \delta =0 $时的最优攻击与文献[5]中的最优攻击相同

Figure 9. Optimal attack is the same as the optimal attack in Reference[5] at $\delta =0 $in the second case

下载: 全尺寸图片幻灯片

图 10 第一种情况下$ \delta =0 $时的最优攻击的估计性能与文献[5]中的相同

Figure 10. Estimation performance of the optimal attack is the same as in Reference[5] at $\delta =0 $in the first case

下载: 全尺寸图片幻灯片

图 11 第二种情况下KL检测器阈值$ \delta =0 $时的最优攻击的估计性能与文献[5]中的相同

Figure 11. Estimation performance of the optimal attack when the KL detector threshold $ \delta =0 $ is the same as in Reference[5] in the second case

下载: 全尺寸图片幻灯片

参考文献(17)

[1]	WU S, GUO Z, SHI D, et al. Optimal innovation-based deception attack on remote state estimation[C]// American Control Conference (ACC). Seattle USA: [s.n.] 2017: 3017-3022.
[2]	BAI C, PASQUALETTI F, GUPTA V. Security in stochastic control systems: Fundamental limitations and performance bounds[C]// American Control Conference (ACC). Chicago IL USA: [s.n.] 2015: 195-200.
[3]	WANG J, SHI L. Optimal DoS attacks on remote state estimation with a router[C]// IEEE Conference on Decision and Control (CDC). FL USA: [s.n.] 2018: 6384-6389.
[4]	GUO Z, SHI D, JOHANSSON K H, et al. Optimal linear cyber-attack on remote state estimation[J]. IEEE Transactions on Control of Network Systems, 2016, 4(1): 4-13. doi: 10.1109/TCNS.2016.2570003
[5]	GUO Z, SHI D, JOHANSSON K H, et al. Worst-case stealthy innovation-based linear attack on remote state estimation[J]. Automatica, 2018, 89: 117-124. doi: 10.1016/j.automatica.2017.11.018
[6]	GUO Z, SHI D, JOHANSSON K H, et al. Worst-case innovation-based integrity attacks with side information on remote state estimation[J]. IEEE Transactions on Control of Network Systems, 2018, 6(1): 48-59. doi: 10.1109/TCNS.2018.2793664
[7]	LIU Y, NING P, REITER M K. False data injection attacks against state estimation in electric power grids[J]. ACM Transactions on Information and System Security (TISSEC), 2011, 14(1): 1-33. doi: 10.1145/1952982.1952995
[8]	BAI C Z, GUPTA V, PASQUALETTI F. On Kalman filtering with compromised sensors: Attack stealthiness and performance bounds[J]. IEEE Transactions on Automatic Control, 2017, 62(12): 6641-6648. doi: 10.1109/TAC.2017.2714903
[9]	孔令霖, 林家骏, 周昆. 一种抗CPS控制层欺骗攻击的算法[J]. 华东理工大学学报(自然科学版), 2015, 41(4): 198-204.
[10]	吴庆涛, 张有根, 邵志清. 基于网络连接统计的分布式拒绝服务攻击检测[J]. 华东理工大学学报(自然科学版), 2006, 32(5): 583-586. doi: 10.3969/j.issn.1006-3080.2006.05.019
[11]	MO Y, CHABUKSWAR R, SINOPOLI B. Detecting integrity attacks on SCADA systems[J]. IEEE Transactions on Control Systems Technology, 2013, 22(4): 1396-1407. doi: 10.1109/TCST.2013.2280899
[12]	HUANG J, HO D W C, LI F, et al. Secure remote state estimation against linear man-in-the-middle attacks using watermarking[J]. Automatica, 2020, 121: 109182. doi: 10.1016/j.automatica.2020.109182
[13]	MIAO F, ZHU Q, PAJIC M, et al. Coding schemes for securing cyber-physical systems against stealthy data injection attacks[J]. IEEE Transactions on Control of Network Systems, 2016, 4(1): 106-117. doi: 10.1109/TCNS.2016.2573039
[14]	BAI C, PASQUALETTI F, GUPTA V. Security in stochastic control systems: Fundamental limitations and performance bounds[C]// Chicago, IL, USA: IEEE, 2015 American Control Conference, 2015: 195-200.
[15]	LI Y, SHI L, CHEN T. Detection against linear deception attacks on multi-sensor remote state estimation[J]. IEEE Transactions on Control of Network Systems, 2017, 5(3): 846-856. doi: 10.1109/TCNS.2017.2648508
[16]	MO Y, SINOPOLI B. False data injection attacks in control systems[C]// 49th IEEE Conference on Decision and Control (CDC). [s. 1.]: [s.n.]. 2010: 1-6.
[17]	KUNG E, DEY S, SHI L. Optimal stealthy attack under KL divergence and countermeasure with randomized threshold[J]. IFAC PapersOnLine, 2017, 50(1): 9496-9501. doi: 10.1016/j.ifacol.2017.08.1587