Data Falsification Attacks And Its Defense Methods In Consensus-based Distributed Detection

Distributed detection is one of important applications of distributed information processing.In the consensus-based distributed detection system without fusion center(FC),each sensor node obtains the measurements of the target,then exchanges information with its neighbors and updates its local state using consensus algorithm,finally makes its own decision on whether the target is present or absent in the region of interest(ROI).However,due to the open and cooperative natures of distributed system,the network security is under threat of malicious attacks.Data falsification attack is one of typical attacks,which tamper with measurements or inject false data into the unprotected procedure to degrade the detection performance.Moreover,the false data will spread to the whole network through data exchange between neighbors,causing continuing impacts on the distributed detection system.In order to ensure the reliability and robustness of the distributed detection system,it is significant to study the data falsification attack and its defense methods in the consensus-based distributed detection system.In terms of the data falsification attack in the consensus-based distributed detection system,the thesis studies the malicious behavior of the data falsification attack and its impact on detection performance.Data falsification attack can be classified into two categories:sensing data falsification(SDF)attack and iterating data falsification(IDF)attack.In this paper,we propose generic models of these two attacks and analyze their influence.For the SDF attack,two kinds of probabilistic attack models based on local decision are defined,which called inverse attack model and offset attack model.Taking the detection probability,false-alarm probability and error probability as the performance metrics,the steady-state and transient-state detection performance of distributed detection under the SDF attack was analyzed.Using the deflection coefficient as objective function.we deduce the attack strategy of malicious nodes when the distributed detection system is invalid.For the IDF attack,we consider two kinds of attack model according to the properties of injection data,which called deterministic attack model and random attack model.We provide necessary and sufficient conditions for the convergence of the distributed system under IDF attack and derive the attack condition that makes the system unable to converge.In addition,we analyze the convergence result under the IDF attack with resource constraint.Finally,an optimization problem with the objective of minimizing energy while maximizing deviation is formulated to find the optimal attack strategy.In terms of the SDF attack,the thesis studies the defense method against the SDF attack from the perspective of efficient identification of malicious nodes.According to the potential relationship among the measurements,we notice that the observations of sensor nodes are related to the signal propagation characteristics,but the results tampered by malicious nodes may not follow this rule.Combining the location information of the nodes and the propagation characteristics of the transmitted signal,a detection method based on random sample consensus algorithm(RANSAC)is proposed to identify the malicious nodes.Our proposed method requires only one snapshot measurement data to discover the malicious nodes and then isolate them from the system,which reduces the communication overhead and is suitable for many kinds of attacks.Then isolate the identified malicious nodes to protect the system from the SDF attack.Simulation results verify that our proposed method can shorten the detection time while ensuring the detection performance compared with the existing detection methods,that is,achieves a good trade-off between detection accuracy and efficiency.In terms of the IDF attack,the thesis studies the defense method against the IDF attack from the perspective of effective guarantee of system convergence performance.According to the node state update rule of the distributed system,the state constraint condition is obtained using the information of the neighbors.By observing whether the neighbor's state is within the constraint to evaluate its trust,then a trust evaluation based defense method is proposed against the IDF attack.In addition,the recovery mechanism is added to compensate negative effect on the system caused by the injecting false data.Our proposed method only uses one-hop neighbors' information without the knowledge of the whole network and saves computational resources.It can be proved that the proposed defense method can not only identify the malicious nodes effectively,but also ensure the convergence of the system and the convergence accuracy of the normal nodes.Simulation results show that the defense method can deals with many kinds of attacks,and the state of the nodes can approximately converge to the actual value.