Attack Detection in Sensor Network Target Localization Systems with Quantized Data
Abstract
We consider a sensor network focused on target localization, where sensors measure the signal strength emitted from the target. Each measurement is quantized to one bit and sent to the fusion center. A general attack is considered at some sensors that attempts to cause the fusion center to produce an inaccurate estimation of the target location with a large meansquareerror. The attack is a combination of maninthemiddle, hacking, and spoofing attacks that can effectively change both signals going into and coming out of the sensor nodes in a realistic manner. We show that the essential effect of attacks is to alter the estimated distance between the target and each attacked sensor to a different extent, giving rise to a geometric inconsistency among the attacked and unattacked sensors. Hence, with the help of two secure sensors, a class of detectors are proposed to detect the attacked sensors by scrutinizing the existence of the geometric inconsistency. We show that the false alarm and miss probabilities of the proposed detectors decrease exponentially as the number of measurement samples increases, which implies that for sufficiently large number of samples, the proposed detectors can identify the attacked and unattacked sensors with any required accuracy.
Target localization, attack detection, spoofing attack, maninthemiddle attack, malfunction, sensor network, large deviations theory.
1 Introduction
Sensor networks find wide applications ranging from inexpensive commercial systems to complex military and homeland defense surveillance systems and have seen ever growing interest in recent years [1]. One important application of sensor networks is to estimate the location of a target in a region of interest (ROI) [2, 3, 4]. Recent technological advances in digital wireless communications and digital electronics have led to the dominance of digital transmission and processing using quantized data in such systems. Hence, a great deal of attention has focused on target localization in sensor networks using quantized data, see [5, 6, 7] for instance.
Typically, largescale sensor networks are comprised of lowcost and spatially distributed sensor nodes with limited battery capacity and low computing power, which makes the system vulnerable to cyberattacks by adversaries. This has led to a vast interest in studying the vulnerability of sensor networks in various applications and from different perspectives, see [8, 9, 10, 11, 12, 13, 14, 15] and the references therein. Depending on the place where the attack is launched, there are generally three categories of attacks in sensor networks, namely spoofing attacks, hacking attacks, and maninthemiddle attacks (MiMA). To be specific, the spoofing attack changes the phenomenon observed by the attacked sensors and tampers with the observations coming into the sensors. For example, datainjection attack is one type of spoofing attack [10]. The hacking attack aims at hacking into the sensors, modifying the hardware, and/or reprogramming the devices, with the goal of disrupting the data processing in the attacked senors. Note that malfunctions of sensors can also be considered as hacking attacks. The MiMA takes place between the sensors and a fusion center (FC), which maliciously falsifies the data transmitted from the attacked sensors to the FC, see [7, 11, 12] for instance. The main goal of the adversaries is to undermine the sensor network and render the FC to reach an inaccurate estimate of the target location in terms of large meansquare estimation error. A simple and intuitive method to combat the attacks is to identify the attacked sensors so that the FC can either discard data from these sensors, or make use of attacked data to improve its estimate of the target location via jointly estimating the target location and the attacks [11, 12, 15].
1.1 Summary of Results and Main Contributions
In this paper, we consider a sensor network containing two widely separated secure sensors which have a very high level of security and thereby are guaranteed to be tamperproof. The rest of sensors are unsecure, which are subject to arbitrary forms of attacks. In practice, the two secure sensors can be well protected, built with powerful chips, and supplied with sufficient power, thereby highly sophisticated encryption algorithms and security procedures can be implemented.
This paper aims at developing a general detection approach which does not rely on the form of the attacks or attack parameters, to identify the attacked sensors in the sensor network with provable detection performance guarantee. It is worth mentioning that the problem of attack detection in target localization systems is difficult, since the statistical model of sensor data depend on the target location and the attack strategy which are both unknown to the FC. By exploring the impact of the attacks on the statistical model of the sensor data, we reveal that the essential effect of attacks is to alter the estimated distance between the target and each attacked sensor to a different extent, giving rise to a geometric inconsistency among the attacked and unattacked sensors. Motivated by this fact, a class of detectors are proposed to detect the attacked sensors via scrutinizing the existence of the geometric inconsistency. To be specific, a naive maximum likelihood estimator (NMLE), the MLE formulated under the assumption of no attack, is first employed to estimate the distance between the target and each sensor. For each unsecure sensor, a circle is generated which is centered at the sensor with radius equal to the NMLE of its distance to the target. For each of the two secure sensors, a ring with some constant width is generated. This ring is centered at the sensor and is bisected by a circle with radius equal to the NMLE of the distance from the sensor to the target. If the circle of an unsecure sensor passes through the common area of the two rings, the sensor is declared unattacked; otherwise, we declare that it is under attack. A thorough performance analysis is carried out for the proposed detectors, showing that the false alarm and miss probabilities decrease exponentially as the number of data samples at each sensor grows, which implies that if for a sufficiently large number of samples, the proposed detectors can identify the attacked sensors with an arbitrary level of accuracy.
1.2 Related Works
With the proliferation of sensor network applications, there is an increasing concern about the security of sensor networks, see [8, 16, 9, 17, 18, 19] for instance. Most existing works on the security in sensor network target localization systems only consider analog measurements. However, for a typical sensor network with limited resources, it is desirable that only quantized data is transmitted from sensors to the FC [5, 6, 7]. Moreover, there is a lack of theoretical performance analysis of attack detection strategies.
Attack detection in the context of target localization with quantized data has not been well investigated in the literature. In [7], a specific attack model is considered and a practical approach is proposed to detect attacks in target localization systems. In particular, several secure sensors are employed to provide a coarse estimate of the target location, and then the expected behaviors of attacked and unattacked sensors are calculated based on the coarse estimate and the attack model. This method is based on heuristic and there is no detection performance guarantee. In our proposed approach, the estimate of the target location is not required, and moreover, the attack detection performance is rigorously investigated, which demonstrates that any identification accuracy can be achieved if the number of data samples is sufficiently large. In addition, the approach in [7] requires the knowledge of the statistical model of the attack, which is not required by our proposed approach.
The remainder of the paper is organized as follows. Section 2 describes the system and adversary model. In Section 3, a class of detectors are proposed to identify the attacked sensors in the sensor network. Section 4 investigates the performance of the proposed detectors. In Section 5, several numerical results are provided to corroborate our theoretical analysis. Finally, Section 6 provides our conclusions.
2 System and Adversary Models
In this section, the system and general attack models are introduced. We also demonstrate how the general attack model relates to some popular forms of attacks in practice.
2.1 System Model
Consider a sensor network consisting of sensors and a FC to estimate the location of a target at , where and denote the coordinates of the target location on the twodimensional plane. For the th sensor, we use to denote its location. Besides the sensors, there also exist two secure sensors in the sensor network which are labeled as the th and th sensors, respectively. These two secure sensors are well protected and thereby are guaranteed to be tamper proof, while the other sensors are unsecure, which are subject to threat from adversaries. We assume that the signal radiated from the target obeys an isotropic power attenuation model, and each sensor observes data samples. The th data sample at the th sensor is described as
(1) 
where the distance between the th sensor and the target is defined by
(2) 
the quantity is the power measured at a reference distance , is the pathloss exponent, and denotes the additive noise sample with probability density function (pdf) .
We assume that , , , , and are known to the FC. Moreover, we assume are independent, and for each , is an identically distributed sequence. In addition, we assume that the target stays in a specified ROI where no sensor exists. By defining
(3)  
(4) 
we know that for any ,
(5) 
Regarding the secure sensors and the ROI , we make the following assumption.
Assumption 1
The secure sensors are widely separated so that
(6) 
for some positive constant . In addition, the ROI is contained in one of the two half spaces produced by dividing the whole space by the line passing through the two secure sensors. By the triangle inequality of sides, we assume
(7) 
for some positive constant .
Due to the lowrate communication constraint between the sensors and the FC, each sensor quantizes its sample to one bit and then transmits the bit to the FC. For simplicity, we assume that the sensors employ the following threshold quantizers
(8) 
where is the threshold employed at the th sensor and we assume that the thresholds are known to the FC.
We assume that is continuous, and exists and is differentiable over the open interval for each . Noticing that , the differentiability of implies over , and therefore, is strictly increasing over .
It is clear that if there exists some such that
(13) 
then , and hence, the quantized data from the th sensor is useless in estimating . To this end, we assume that the quantizers are well designed, and thereby , and satisfy
(14) 
which yields
(15) 
since is strictly increasing, from (10) and (11), we know
(16) 
2.2 Adversary Model
We consider a general attack model which brings about a change in the statistical model of . Let and denote the set of unattacked and attacked sensors, respectively.
In general, if , three types of possible attacks can affect the th sensor, which are illustrated in Fig. 1 (b). First, the adversaries can tamper with the observations . Such attacks are called spoofing attacks, which can be represented by a mapping . The second type of attack which we call hacking, aims at modifying the sensor hardware and/or software, and thereby modifying the quantizer to in the attacked sensors as shown in Fig. 1 (b). The last type of possible attack occurs between the sensors and the FC, which is referred to as maninthemiddle attacks (MiMA). The MiMA can be described by a mapping that modifies the quantized data before it arrives at the FC. Therefore, the post attack quantized data can be generally expressed as
(17) 
With regard to the alphabet set of , we make the following assumption.
Assumption 2
We assume that if , then the alphabet set of is still . Otherwise, the detection of attacks is trivial.
Define
(18) 
where the quantity represents the impact of the attacks on the statistical model of the data. Clearly, if , then we can ignore the corresponding attack, since it is ineffective from the perspective of the FC. Hence, without loss of generality, if , then we assume , while if , then .
To illustrate (18) in a concrete way, we take the MiMA as an example. Under a class of MiMAs [7, 11, 12], the quantized data is flipped with probability if for , i.e., if the th sensor is attacked,
(19) 
where . Using (19), we have
(20)  
(21) 
Besides the maninthemiddle attacks, the spoofing attacks can also be shown to agree with (18) [8, 9, 15].
From a practical point of view, the following assumptions on the attacks are made throughout this paper.
Assumption 3

Subtle Attacks. By the strong law of large numbers, we know that as , almost surely. Thus, if , then with sufficient observations, the attack against the th sensor can be detected at the FC by checking whether is in the range . For this reason, in order to reduce the possibility of being detected, the adversaries should ensure
(22) 
Significant Attacks. In order to bring about sufficient impact on the statistical characterization of the bits from the attacked sensors, every adversary is required to guarantee a minimum distortion, i.e.,
(23) for some positive constant . Otherwise, the attacks can be ignored.
Our problem is to design an efficient strategy for the FC to identify the attacked sensors, based on the binary observations it receives from all sensors, and to provide a performance analysis on the proposed attack detection strategy.
3 Attack Detectors Based on Naive Maximum Likelihood Estimator
In this section, we first show that by employing a naive maximum likelihood estimator (NMLE), a geometric inconsistency among each attacked sensor and other unattacked sensors can be utilized to distinguish between the attacked and unattacked ones. Then, a class of detectors which are based on the NMLE are proposed to detect the attacks in the sensor network.
3.1 Naive Maximum Likelihood Estimator and Geometric Inconsistency
For any , from (9) and by employing the existence of , we can obtain
(24) 
Then the NMLE, which is the MLE under the assumption of no attack, of is given by
(25) 
(26) 
Furthermore, define
(27) 
It is seen from (27) that is a monotonic function of , and since from (23), we know , we have . What’s more, by the strong law of large numbers, we know
(28) 
This implies that, from the perspective of the NMLE, if , the essential effect of the attack is a falsification of the distance between the target and the th sensor to some different . This gives rise to a geometric inconsistency between the th sensor and the two secure sensors, which is illustrated in terms of the difference between Fig. 3 and Fig. 3. Specifically, if , as illustrated in Fig. 3, the three circles centered at the th, th and th sensors and with radii , and , respectively, intersect at the point ; while if , then the three circles do not intersect at as illustrated in Fig. 3.
Motivated by this fact, consider three circles centered at the th, th and th sensors and with radii , and , respectively. If , then from (28), we know that with sufficiently large and Assumption 3, it is impossible for these three circles to intersect at a common point. This observation forms the basis of the proposed attack detection strategy.
3.2 Attack Detection Strategy
In order to mathematically formulate the attack detector, we first define three geometric shapes. According to Assumption 1, the ROI is contained in one of the two half spaces produced by dividing the whole space by the line passing through the two secure sensors. We use to represent this half space. Let denote the intersection of and the circle centered at and with radius , i.e.,
(29) 
which is illustrated by the blue curve in Fig. 6. Let denote the intersection of and the ring centered at , with radius and width , i.e.,
(30) 
The region enclosed by the blue boundary in Fig. 6 depicts an example of . Let denote the intersection of and the ball centered at and with radius , i.e.,
(31) 
which is the blue region in Fig. 6.
It is worth mentioning that even though , due to the estimation error with finite , the three circles centered at the th, th and th sensors and with radii , and , respectively, typically will not intersect at a common point. Thus, for finite , checking the geometric inconsistency among , and cannot reliably tell whether the th sensor is unattacked or not. To overcome this, we replace and with and for some , respectively, and scrutinize whether pass through the common area of and instead.
To be specific, for the th sensor, , we consider the following hypothesis testing problem
(32) 
and a class of detectors
(33) 
for some constant , where is defined in (25).
The geometric illustration of the proposed detector in (33) is depicted in Fig. 7, where the region enclosed by the red curves is the common area of and which plays an important role in the attack detection process. It is worth noticing that the center of this common area is determined by two random variables and , and thereby is randomly located. To this end, this common area may not cover the true target location . In addition, the size of the common area of and depends on the parameter which impacts the false alarm and miss probabilities of the proposed detector.
4 Performance Analysis of the Proposed Detector
In this section, the detection performance of the proposed detector in (33) is investigated. We will show that the false alarm and miss probabilities of the proposed detector decay exponentially fast as the number of data samples at each sensor increases.
To start with, we provide the following lemma regarding the lower and upper bounds on the common area of and .
Lemma 1
If
(34) 
then
(35) 
which implies
(36) 
Refer to Appendix 7.
As demonstrated by Lemma 1, the common area of and can be bounded by two balls from below and above. Moreover, the radii of these two balls are both increasing functions of the given . It will be shown later that by employing the two balls to approximate the irregular area from below and above, the detection performance analysis of the proposed detector in (33) can be considerably facilitated.
4.1 Upper Bound on False Alarm Probability
From (33), the false alarm and miss probabilities of the proposed detector are given by and , respectively, where denotes the probability measure under hypothesis .
Let denote the event
(37) 
and denotes the complement of the event . The false alarm probability of the detector in (33) can be expressed as
(38) 
4.2 Upper Bound on Miss Probability
On the other hand, the miss probability of the detector in (33) can be bounded from above as per
(46)  
(47) 
where (46) is due to the fact that if and occur, then
(48) 
Since the first term in (47) is hard to deal with, we employ an upper bound on it which is provided in the following lemma.
Lemma 2
Refer to Appendix 8.