Xubin Fang, Rick S. Blum, Ramesh Bharadwaj et al.
Due to possible devastating consequences, counteracting sensor data attacks is an extremely impor- tant topic, which has not seen sufficient study. To the best of our knowledge, this paper develops the first meth- ods that accurately identify/eliminate only the problem- atic attacked sensor data presented to a sequence es- timation/regression algorithm under any attack from our attack model. The approach does not assume a known form for the statistical model of the sensor data, allow- ing data-driven and machine learning sequence estima- tion/regression algorithms to be protected. A simple pro- tection approach for attackers not endowed with knowledge of the details of our protection approach is first developed, followed by additional processing for attacks based on pro- tection system knowledge. Experimental results show that the simple approach achieves performance indistinguish- able from that for an approach which knows which sensors are attacked. For cases where the attacker has knowledge of the protection approach, experimental results indicate the additional processing can be configured so that the worst-case degradation under the additional processing and a large number of sensors attacked can be made signif- icantly smaller than the worst-case degradation of the sim- ple approach, and close to an approach which knows which sensors are attacked, with just a slight degradation under no attacks. Mathematical descriptions of the worst-case attacks are used to demonstrate the additional processing will provide similar advantages for cases for which we do not have numerical results. All the data-driven/machine learning processing used in our approaches employ only unattacked training data.