AU2021102263A4 - Robust diffusion least mean square algorithm against false data injection attacks - Google Patents

Robust diffusion least mean square algorithm against false data injection attacks Download PDF

Info

Publication number
AU2021102263A4
AU2021102263A4 AU2021102263A AU2021102263A AU2021102263A4 AU 2021102263 A4 AU2021102263 A4 AU 2021102263A4 AU 2021102263 A AU2021102263 A AU 2021102263A AU 2021102263 A AU2021102263 A AU 2021102263A AU 2021102263 A4 AU2021102263 A4 AU 2021102263A4
Authority
AU
Australia
Prior art keywords
sample
node
lof
dlms
calculate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
AU2021102263A
Inventor
Feng Chen
Qiuxin Liu
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southwest University
Original Assignee
Southwest University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southwest University filed Critical Southwest University
Priority to AU2021102263A priority Critical patent/AU2021102263A4/en
Application granted granted Critical
Publication of AU2021102263A4 publication Critical patent/AU2021102263A4/en
Ceased legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • G06F17/10Complex mathematical operations
    • G06F17/16Matrix or vector computation, e.g. matrix-matrix or matrix-vector multiplication, matrix factorization
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • G06F17/10Complex mathematical operations
    • G06F17/18Complex mathematical operations for evaluating statistical data, e.g. average values, frequency distributions, probability functions, regression analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/23Clustering techniques
    • G06F18/232Non-hierarchical techniques
    • G06F18/2321Non-hierarchical techniques using statistics or function optimisation, e.g. modelling of probability density functions
    • G06F18/23213Non-hierarchical techniques using statistics or function optimisation, e.g. modelling of probability density functions with fixed number of clusters, e.g. K-means clustering
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices
    • H04W88/04Terminal devices adapted for relaying to or from another terminal or user

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Mathematical Physics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computational Mathematics (AREA)
  • Software Systems (AREA)
  • Pure & Applied Mathematics (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Analysis (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Computing Systems (AREA)
  • Evolutionary Biology (AREA)
  • Algebra (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Probability & Statistics with Applications (AREA)
  • Databases & Information Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Operations Research (AREA)
  • Signal Processing (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Evolutionary Computation (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

This patent is mainly to solve the problem of how to obtain a distributed optimal estimation in the case of a wireless sensor being attacked by an attacker in an adversarial environment. To tackle with this problem, a robust diffusion least mean square strategy against false data injection attacks(R-dLMS) is proposed in this patent. The proposed strategy is mainly based on local outlier factor(LOF) and 2-median clustering. Through the cooperation of LOF and 2-median clustering, R-dLMS can detect the attacked sensor nodes, and replacing its information with the information of the safe node, and further obtaining the distributed optimal estimation of the network. Finally, some simulations are performed to show the effectiveness of the proposed R-dLMS algorithm under false data injection (FDI ) attacks. Fig.1. Spatial difference between abnormal data and normal data uIput sample point matrix W Get the number of samples n (the number of columns of the matrix 0f Calculate the sum of the local reachable density of all samples (except itself) in the k neighborhood of the i-th sample Define the value of Irdksuim(i) Calculate the Euclidean distance matrix D(i, j) between the i-th sample Calculate the outliers of the i-t Sample and the j-th sample e I Ofg) _ Irdk sum(i) 4 kxirdk(i) Get the k distance dk(i) of andthe sample point l n Calculate the local reachable density End lrdk(i) o f the i-th sample Fig.2. Flow chart for calculating LOF value of sample points Obtained the reliable data sellRand unreliable data set U ofthisclustering Yes Update thercenter pointH6c fR and UG_cof U in this clustering Ftg.3. Flow chart for 2-mean clusterng 5,5 I-F -1 -2 -3 -2 -1 d 1 2 3 Fig.4.networktopology with 20nodes

Description

This patent is mainly to solve the problem of how to obtain a distributed optimal
estimation in the case of a wireless sensor being attacked by an attacker in an
adversarial environment. To tackle with this problem, a robust diffusion least mean
square strategy against false data injection attacks(R-dLMS) is proposed in this patent.
The proposed strategy is mainly based on local outlier factor(LOF) and 2-median
clustering. Through the cooperation of LOF and 2-median clustering, R-dLMS can
detect the attacked sensor nodes, and replacing its information with the information of
the safe node, and further obtaining the distributed optimal estimation of the network.
Finally, some simulations are performed to show the effectiveness of the proposed
R-dLMS algorithm under false data injection (FDI ) attacks.
Fig.1. Spatial difference between abnormal data and normal data
uIput sample point matrix W
Get the number of samples n (the number of columns of the matrix 0f Calculate the sum of the local reachable density of all samples (except itself) in the k neighborhood of the i-th sample Define the value of Irdksuim(i)
Calculate the Euclidean distance matrix D(i, j) between the i-th sample Calculate the outliers of the i-t Sample and the j-th sample e IOfg) _ Irdk sum(i) 4 kxirdk(i) Get the k distance dk(i) of andthe sample point l n
Calculate the local reachable density End lrdk(i) o f the i-th sample
Fig.2. Flow chart for calculating LOF value of sample points
Obtained the reliable data sellRand unreliable data set U ofthisclustering
Yes Update thercenter pointH6c fR and UG_cof U in thisclustering
I-F
Ftg.3. Flow chart for 2-mean clusterng
5,5
-1
-2
-3 -2 -1 d 1 2 3
Fig.4.networktopology with 20nodes
1. Background and Purpose
Recently, the widespread use of wireless sensor networks (WSNs) has been recognized, because communication and computing power of wireless sensors have been greatly improved. Besides, thanks to many advantages of distributed estimation, such as strong robustness, good scalability, and low power consumption, distributed estimation methods in WSN have attracted a growing number of researches and attentions. Over the last few years, many distributed adaptive estimation algorithms have been proposed, such as recursive least squares (RLS), diffusion least mean squares (DLMS), distributed multitask network estimates, and adaptive estimates with entropy. However, most of these previous studies hypothesize that all sensors are normal and safe in WSNs. However, wireless sensors nodes may not always be in a secure environment. In an adversarial environment, some sensors may be easily compromised to transmit malicious data, which causes severe consequences and even leads to huge economic losses. So the safety of WSNs has attracted abroad attention. In general, attacks can be divided into two categories in WSNs: denial of service (DoS) attack and spoofing attack. DoS attack aims to prevent the communication between sensors while spoofing attack aims to tamper with the transmitted information. DoS attack has been detected by many efficient algorithms. At present, FDI attack is also studied by many researchers, resilient attack detection estimators are delicately constructed to detect FDI attack. To give a good estimation performance over WSNs in the presence of both compromised sensors and compromised communications, in this patent, a robust diffusion least mean square algorithm against false data injection attacks has been proposed. The proposed strategy is mainly based on local outlier factor(LOF) and 2-median clustering. Through the cooperation of LOF and 2-median clustering, R-dLMS can detect the attacked sensor nodes, and replacing its information with the information of the safe node, and further obtaining the distributed optimal estimation of the network. The main contributions of this patent are summarized below. 1) A novel distributed adaptive algorithm based on LOF and 2-median clustering is proposed to against FDI attack. 2) For the compromised nodes attacked by FDI, we propose a new data fusion strategy to weaken the impact of them.
2. Preliminaries and Problem Formulation A. Diffusion LMS Without Attacks In this section, we briefly introduce the normal DLMS algorithm without FDI attack, and then the FDI attack model is formulated. Considering a WSN consisting of N wireless sensors, spatially distributed over some region with a certain topological
structure in this patent. Let Nk denote the set of neighbors of sensor node k including itself. At every time instant i, each node k can access to a real-valued temporal
wide-sense stationary process d*(i),U,, where dk(i) is a scalar measurement and
is an L-dimensional row regression vector. The measurements k(i)anduk are related by a linear model as follows: d*(i)= Ukw"+ n(1
Where w° is an L-dimensional unknown column vector and nk(i) is the contaminated noise. The objective of distributed estimation is to generate an estimate of w° at each node k by exchanging and combining the intermediate estimated value from its neighbors. The ATC dLMS is implemented by ~ -QjkJi-1) Adapt) (Pk ik Wkl1 PU kt- ,i p) u'i(d* (i)-(w l)A
=wkli c e (Combine) (2)
where P is a constant step-size for each node k, (*,i is an intermediate variables for each node k, and the nonnegative real coefficients cik, which is the element number of fusion matrix C, satisfy I T C= T andck=0, ifteNk (3) where I denotes an N-dimensional column vector consisting of all ones. The following assumptions, generally used in distributed estimation, are assumed. Al: The regressors Uk,, are independent in time and space with covariance
R' = E [ ukiuk A2: The noise is zero-mean Gaussian, which is identically independent distributed (i.i.d.) in time and also spatially independent, i.e., E[nk(i)nj 3 -] =k 2kjQ
A3: The network is connected such that each node can access to the information of the whole network through diffusion. A4: For each node k, the number of the attacked nodes is less than I , where |Nk |is the cardinality of the set of neighbors Nk.
B. Problem Formulation of Distributed Estimation Under Attacks
In this patent, we consider the problem of distributed estimation in the presence of FDI attack, which are defined as: dk(i)=d*(i)+y k, (4)
where d*(i) follows the data model (1) and yk(i) is a linear combination of the regression vector Uki with regard to a M-dimensional error vector attk , i.e.,
y@) -- u=U,iat . (5)
Next, for convenience, regardless of whether the sensor node is attacked or not, its data model is uniformly denoted as: dk()=uk (w + attk)+nk (6)
Where attk equals to a zero vector for a normal sensor, but a nonzero vector for a compromised sensor. Our objective is to develop a secure distributed cooperation strategy such that each node can give a good estimate of w" in the presence of FDI attack.
3. Related work
A. Local Outlier Factor(LOF)
LOF is a density-based anomaly detection algorithm, which is often used in data mining to clean data and eliminate invalid and abnormal data. As shown in Fig.1, The blue dots represent normal data, and the red dots represent abnormal data. Normal data samples are very close in space, they will form a dense area, and abnormal data samples will deviate from normal data samples, which is the principle of outlier detection by LOF. Next, in order to calculate the LOF value of the sample, some relevant definitions are made:
i.The distance between two points Wkand W;
The distance between sample points Wk and W1 is defined by Euclidean distance: d(w, ) - w, -- w, 2 (7) ii. k-distance
The k distance dk(Wk,) for point Wk is defined as follows:
dk(wk,i)= d(wk, w) , which satisfy: a) There are at least k points w, not including Wk in the set W E CX IX # Wk ,and d(wk,w)< d(wkw,) (8) b) There are at most k- points excluding wk inthe set W E CjX X# Wk},and d(wk,w,)< d(wkw,) (9) iii. k-distance neighborhood of Wk
The k distance neighborhood Nk(w) of point Wk is defined as all points within the k distance of Wk , including the point at the k-th distance. Therefore, the number of points in the k neighborhood of Wk satisty INk(wk)I !k. iv.The k-th reach-distance
The k-th reachable distance from point w, to point w, is defined as:
reach-distance (wk,w, ) = max{dk(wk), d(wk,w,)} (10)
v.local reachability density of a point Wk
The local reachability density of a point Wk is expressed as the reciprocal of the average
reachable distance from a point in the k neighborhood of the point Wk toWk
Irdk( wk ) = W, ENk(P) reach - distk (w, W, (11)
INk( wk)I
vi. local outlier factor (LOF)
The LOF value of a point wkis defined as the average of the ratio of the
local reachable density of the neighboring point Nk(wk) of the pointwkto the
local reachable density of the point wk .
lrdk(w,) WI ENk(Wk ) Irdk( wk LOF(w) INk(wk)I
Therefore, the smaller the value of LOF, the closer Wk is to its neighboring points, that is, the greater the density of Wk is, and it is a dense point. On the contrary, if the value of LOF is larger, it means that the density ofWk is less than the density of its neighboring points, so the more likely it is an abnormal point. As is shown Fig.2, we can calculate the LOF value of the input sample W. B. 2-median clustering 2-mean clustering is an improvement of the K-means clustering algorithm. The difference between them lies in the selection of clustering centers and the value is 2. The center of the 2-median clustering is the median of the sample, but the center of the K-mean clustering is the average of the sample, so the advantage of the 2-median clustering over the K-median cluster is that it can resist abnormalities value. As is shown Fig.3, 2-mean clustering algorithm will separate the data samples X into 2 cluster.
4. Robust diffusion least mean square algorithm against false data
injection attacks
In this patent, a R-dLMS is proposed for achieving reliable distributed estimation in an adversarial environment. The proposed R-dLMS algorithm is mainly based on local outlier factor(LOF) and K-median clustering. Through the cooperation of LOF and K-median clustering, R-dLMS can detect the attacked sensor nodes, and replacing its information with the information of the safe node, and further obtaining the distributed optimal estimation of the network. From the viewpoint of implementation, the R-dLMS mainly includes four steps, adaptation, communication, detection, and combination. In the adaptation step, each node updates the intermediate estimates based on its individual measurements. In the communication step, each node sends its intermediate estimates to its neighbors and also receives the intermediate estimates from its neighbors. In the detection step, each nodek will calculate the LOF(l) value of each neighbor node 1 based on process in the Fig2. Then we can use the 2-median clustering on the LOF() value to obtain two clusters, one of which is a normal node, another cluster is an abnormal node under attack. In the combination step, the intermediate estimated value from the trusted neighbor node of node k can be fused to obtain the instantaneous estimated value of node k. Next, these four steps are
illustrated in detail one by one. A. Adaption In this step, for each node k, no matter it is compromised or not, it adapts the intermediate estimates at first. Based on the local measurement{dk(),Uk, satisfying the data model (6), each node k adaptively updates the intermediate estimate as follows:
( k - ,iup ,(df,(i)-UWki) (13)
where Pk,i denotes the intermediate estimates at node k and time i.
B. Communication Once each node k finishes the local adaptation, it sends the current estimates of 9Pi to its neighbors, and also receives the estimates cpN, tE Nkfrom its neighbors. C. Detection As mentioned above, In a WSN environment where there is no attack, once each node receives the estimates from its neighbors, it implements the combination step given in (2). However, this cannot be directly performed in an adversarial environment since the compromised sensors may ruin the estimates of the whole network through distributed cooperation. In an adversarial environment, to achieve secure distributed data fusion, it is necessary to detect the trust neighbors of each node at first. In this section, we propose a new method to detect the secure nodes. The main concept of our proposed design is that, for each node k , it will receives the estimates cp /,kE Nkfrom its neighbors. These estimates can form a set:
From the viewpoint of attack, the most effective attack is to drive the estimator of the unknown parameter vector away from its true value. That is to say, if a node is attacked, its intermediate estimate will be far away from the estimate of other nodes that have not been attacked. So the LOF value of intermediate estimate of the attacked node will become larger. When each node k receives the intermediate estimated value Wk, from the neighbor node, it will calculate the LOF(l) of each node 1, le Nk . The
obtained LOF value is divided into two clustersRkandU,, by using 2-median
clustering to divide the neighbor nodes of node k. A clusterRkjis a node that is not
attacked, and a clusterUkis a node that is attacked. After the clustering process is
completed, the attack detection process ends.
D. Combination Through the process of detection, the instantaneous set of trust neighbors of each node k, R,, can be identified. Then, we can design the combination weights based on
the detected secure network topology. It is noted that as R, is dynamic, the
combination matrix C,={ci, is dynamic, where the index i denotes the
instantaneous value at time i to enforce the causality. Several rules for designing combination weights from graph theory , such as the Metropolis rule, the relative degree rule, and the uniform rule. In these cooperation strategies, the local estimate of each sensor itself is always trusted. In an adversarial environment, due to the existence of the attacked sensors (whose local estimates are unreliable), the above
combination rules must be modified. The combination weights (c 1 ,ijin this patent
can be designed as follows:
middle k,i if ,Rk U '/LOF) Uk = Nk 0 f ifteUkj
eki= Cmiddlefk = k(14) Z middle,,k4 '
ne N
Where Rk is the set of neighbor nodes trusted by node k at time i,andUkisthe
set of neighbor nodes that node k is attacked at time i .
Based on the coefficients clk and p,, from neighbors, the combination step of
the R-dLMS is performed as Wk- c,,P,, (15) Ce Afk,,
5. Brief Description of the Drawings
Fig.1 is spatial difference between abnormal data and normal data Fig.2 is the flow chart for calculating LOF value of sample points Fig.3 is the flow chart for 2-mean clustering Fig.4 is network topology with 20 nodes. Fig.5 is variance of input signal. Fig.6. is variance of output noise. Fig.7. is ransient network MSD. Fig.8. is steady-state network MSD verus node.
6. Detailed Description
In this section, in order to illustrate the effectiveness of R-dLMS algorithms under FDI attack, some experiments are performed. In the following examples, we consider WSNs composed of 20 wireless sensors, which are randomly distributed. The topological graph is shown in Fig. 4 . In addition, in order to facilitate the implementation of the later experiments, the topology graph is set to a fixed topology. In all experiments, the unknown ideal parameter is set to a random vector with L = 6. The regression vector uk is generated from a Gaussian model with a zero mean and Fig. 6 shows the variance of each node. The noise variance of each node is set to a fixed value, as shown in Fig. 6. The step size of each node is uniformly set to 0.02. Also, each experiment is performed 50 times independently, and the average results of experiments are presented. In experiments, the continual and time-sharing attacks will be presented. To verify the performance of the proposed algorithms in the following simulations, the DLMS with attack algorithm, the R-dLMS without attack algorithm and the DLMS without attack algorithm are adopted to provide the comparison. In order to verify that the proposed algorithms are universal, we randomly pick two ordinary nodes, which are attacked by FDI, namely nodes 8 and 15. The attacks on two nodes are set to same FDI attack. Meanwhile, FDI attack is continuous. Fig. 7 depicts the learning curve for different LMS algorithms. It can be seen that when the network is subjected to FDI attack, the MSD performance will decline significantly. Therefore, if a network is not resistant to FDI attack, it will lead to a serious impact. However, it is obvious that when the distributed network adopts three R-dLMS algorithms, they can weaken the impact of FDI attack to some extent. Simultaneously, it can be found that R-dLMS performs best and can be beyond to the normal DLMS algorithm without attack thanks to a novel data fusion strategy. Fig. 8 shows the steady-state MSDs of different algorithms, in which the values are obtained by averaging the last 300 samples over 50 simulations. From Fig. 8 and the learning curve of DLMS with FDI attack, we can find that when some nodes in the network are attacked by FDI, the impact of FDI attack will reduce the performance of the entire network through the diffusion strategy. We can also find that R-dLMS algorithms will weaken the impact of FDI attack.
Robust diffusion least mean square algorithm against false
data injection attacks
In this patent, a R-dLMS is proposed for achieving reliable distributed estimation in an adversarial environment. The proposed R-dLMS algorithm is mainly based on local outlier factor(LOF) and K-median clustering. Through the cooperation of LOF and K-median clustering, R-dLMS can detect the attacked sensor nodes, and replacing its information with the information of the safe node, and further obtaining the distributed optimal estimation of the network. From the viewpoint of implementation, the R-dLMS mainly includes four steps, adaptation, communication, detection, and combination. In the adaptation step, each node updates the intermediate estimates based on its individual measurements. In the communication step, each node sends its intermediate estimates to its neighbors and also receives the intermediate estimates from its neighbors. In the detection step, each nodek will calculate the LOF() value of each neighbor node I based on process in the Fig2. Then as shown in Fig3, we can use the 2-median clustering on the LOF(l) value to obtain two clusters, one of which is a normal node, another cluster is an abnormal node under attack. In the combination step, the intermediate estimated value from the trusted neighbor node of node k can be fused to obtain the instantaneous estimated value of node k. Next, these four steps are illustrated in detail one by one. A. Adaption In this step, for each node k, no matter it is compromised or not, it adapts the intermediate estimates at first. Based on the local measurement{dk(i),Uki)satisfying the data model (6), each
node k adaptively updates the intermediate estimate as follows:
=k,i Wki-1 + ,'(d (i)-UCWk-1) (13)
where (P, denotes the intermediate estimates at node k and time i.
B. Communication Once each node k finishes the local adaptation, it sends the current estimates of (,, to its neighbors, and also receives the estimates (O , ENkfrom its neighbors. C. Detection
As mentioned above, In a WSN environment where there is no attack, once each node receives the estimates from its neighbors, it implements the combination step given in (2). However, this cannot be directly performed in an adversarial environment since the compromised sensors may ruin the estimates of the whole network through distributed cooperation. In an adversarial environment, to achieve secure distributed data fusion, it is necessary to detect the trust neighbors of each node at first. In this section, we propose a new method to detect the secure nodes. The main concept of our proposed design is that, for each node k , it will receives the estimatesrpt,,, te N, from its neighbors. These estimates can form a set:
Wj={we'i.. W~e~i e". . , 1.~ I}
From the viewpoint of attack, the most effective attack is to drive the estimator of the unknown parameter vector away from its true value. That is to say, if a node is attacked, its intermediate estimate will be far away from the estimate of other nodes that have not been attacked. So the LOF value of intermediate estimate of the attacked node will become larger. When each node k receives the intermediate estimated value
Wkfrom the neighbor node, it will calculate the LOF(l) of each node 1, le Nk. The
obtained LOF value is divided into two clustersRkjandUk,, by using 2-median
clustering to divide the neighbor nodes of node k. A cluster Rk, is a node that is not
attacked, and a cluster Ukiis a node that is attacked. After the clustering process is
completed, the attack detection process ends. D. Combination Through the process of detection, the instantaneous set of trust neighbors of each node k, Rkj can be identified. Then, we can design the combination weights based on the detected secure network topology. It is noted that as R' is dynamic, the combination matrix C c,,} ={ is dynamic, where the index i denotes the instantaneous value at time i to enforce the causality. Several rules for designing combination weights from graph theory , such as the Metropolis rule, the relative degree rule, and the uniform rule. In these cooperation strategies, the local estimate of each sensor itself is always trusted. In an adversarial environment, due to the existence of the attacked sensors (whose local estimates are unreliable), the above combination rules must be modified. The combination weights (CJ} in this patent can be designed as follows:
Middle 1/LOF(l) 0 if if R Ukl ' Re kUi kj Nk
middle (14) = Cmidlk,
/ nE Nk
Where Rk is the set of neighbor nodes trusted by node k at time i , and Uk,is the
set of neighbor nodes that node k is attacked at time i
. Based on the coefficients clk, and p from neighbors, the combination step of
the R-dLMS is performed as Wk= Cekj(Pe, (15)
Fig.1. Spatial difference between abnormal data and normal data 2021102263
Fig.2. Flow chart for calculating LOF value of sample points
Fig.3. Flow chart for 2-mean clustering
Fig.4. network topology with 20 nodes
Fig.5. variance of input signal.
Fig.6. variance of output noise.
Fig.7. Transient network MSD.
Fig.8. Steady-state network MSD verus node.
AU2021102263A 2021-04-29 2021-04-29 Robust diffusion least mean square algorithm against false data injection attacks Ceased AU2021102263A4 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2021102263A AU2021102263A4 (en) 2021-04-29 2021-04-29 Robust diffusion least mean square algorithm against false data injection attacks

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
AU2021102263A AU2021102263A4 (en) 2021-04-29 2021-04-29 Robust diffusion least mean square algorithm against false data injection attacks

Publications (1)

Publication Number Publication Date
AU2021102263A4 true AU2021102263A4 (en) 2021-06-17

Family

ID=76327693

Family Applications (1)

Application Number Title Priority Date Filing Date
AU2021102263A Ceased AU2021102263A4 (en) 2021-04-29 2021-04-29 Robust diffusion least mean square algorithm against false data injection attacks

Country Status (1)

Country Link
AU (1) AU2021102263A4 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114757000A (en) * 2022-06-14 2022-07-15 山东嘉通专用汽车制造有限公司 High-precision adaptive spring steel drawing process optimization control method
CN116886355A (en) * 2023-07-03 2023-10-13 华北电力大学 DDOS and false data injection collaborative attack optimization method of power system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114757000A (en) * 2022-06-14 2022-07-15 山东嘉通专用汽车制造有限公司 High-precision adaptive spring steel drawing process optimization control method
CN114757000B (en) * 2022-06-14 2022-08-12 山东嘉通专用汽车制造有限公司 High-precision self-adaptive spring steel drawing process optimization control method
CN116886355A (en) * 2023-07-03 2023-10-13 华北电力大学 DDOS and false data injection collaborative attack optimization method of power system
CN116886355B (en) * 2023-07-03 2024-01-23 华北电力大学 DDOS and false data injection collaborative attack optimization method of power system

Similar Documents

Publication Publication Date Title
AU2021102263A4 (en) Robust diffusion least mean square algorithm against false data injection attacks
Yang et al. A secure clustering protocol with fuzzy trust evaluation and outlier detection for industrial wireless sensor networks
AU2019100008A4 (en) Secure Distributed Estimation against False Data Injection Attack
CN104469836A (en) Method for building multi-dimension trust model in underwater sensor network
CN113891244B (en) Wireless sensor network positioning method under DoS attack
CN110120836B (en) Method for determining and positioning crosstalk attack detection node of multi-domain optical network
Korba et al. Anomaly-based intrusion detection system for ad hoc networks
Dongare et al. Implementing energy efficient technique for defense against Gray-Hole and Black-Hole attacks in wireless sensor networks
Nayak et al. Impact of black hole and sink hole attacks on routing protocols for WSN
CN106301627B (en) Distributed collaborative frequency spectrum sensing method in a kind of cognitive self-organizing network
jit Kaur et al. Enhanced routing in heterogeneous sensor networks
Xia et al. Distributed anomaly event detection in wireless networks using compressed sensing
CN116055384A (en) Edge importance identification method considering network structure and transmission performance
Kshirsagar Malicious Node Detection in Adhoc Wireless Sensor Networks Using Secure Trust Protocol
AU2021105169A4 (en) Distributed detection algorithm against false data attacks in networks
Venuturumilli et al. Obtaining robust wireless sensor networks through self-organization of heterogeneous connectivity
Makani et al. Trust-based-tuning of Bayesian-watchdog intrusion detection for fast and improved detection of black hole attacks in mobile ad hoc networks
Sirajuddin et al. Efficient and secured route management scheme against security attacks in wireless sensor networks
Shivaji et al. Energy efficient intrusion detection scheme based on bayesian energy prediction in WSN
Wang et al. Learning-based attack schedule against remote state estimation in cyber-physical systems
Shakhov On efficiency improvement of energy harvesting wireless sensor networks
Shin et al. Reduced overhead distributed consensus-based estimation algorithm
CN114338517B (en) Distributed network-oriented multilayer connected dominating set construction method
Zhu et al. An estimator model for distributed estimation in heterogenous wireless sensor networks
AU2021105176A4 (en) Diffusion Least-Mean Squares Algorithm With time-varying combiner

Legal Events

Date Code Title Description
FGI Letters patent sealed or granted (innovation patent)
MK22 Patent ceased section 143a(d), or expired - non payment of renewal fee or expiry