Model-based Randomness Monitor for Stealthy Sensor Attacks
This addresses security vulnerabilities in autonomous systems, but it is incremental as it builds on existing statistical methods for anomaly detection.
The paper tackles the problem of stealthy sensor attacks in autonomous cyber-physical systems by proposing a run-time monitor that uses statistical tests to detect non-randomness in sensor measurements, validated through simulations and experiments on an unmanned ground vehicle.
Malicious attacks on modern autonomous cyber-physical systems (CPSs) can leverage information about the system dynamics and noise characteristics to hide while hijacking the system toward undesired states. Given attacks attempting to hide within the system noise profile to remain undetected, an attacker with the intent to hijack a system will alter sensor measurements, contradicting with what is expected by the system's model. To deal with this problem, in this paper we present a framework to detect non-randomness in sensor measurements on CPSs under the effect of sensor attacks. Specifically, we propose a run-time monitor that leverages two statistical tests, the Wilcoxon Signed-Rank test and Serial Independence Runs test to detect inconsistent patterns in the measurement data. For the proposed statistical tests we provide formal guarantees and bounds for attack detection. We validate our approach through simulations and experiments on an unmanned ground vehicle (UGV) under stealthy attacks and compare our framework with other anomaly detectors.