Defending Data Poisoning Attacks in DP-Based Crowdsensing: A Game-Theoretic Approach

Differential privacy (DP) is widely used for protecting privacy in crowdsensing by adding noises. However, malicious attackers can exploit noise to launch covert data poisoning attacks. In this paper, we propose a game-based defense approach to resist such data poisoning attacks in DP-based crowdsensing systems. In this approach, attackers are believed to be powerful as they can refine their attack strategy based on the observations of deployed defenders' defense strategy. Specifically, the defenders formulate the defense as a functional minimization problem (which cannot be directly solved by numerical optimization algorithms because its decision variable is a set of functions), resisting data poisoning attacks by deleting data shared by identified malicious workers through the log-likelihood ratio test. To obtain a current defense strategy, the decision variable of the problem is relaxed into the coefficients of basis-based linear combinations through the variable-basis approximation, and then solved using the simulated annealing genetic algorithm. Correspondingly, the attackers formulate their attack strategy as a bi-level maximization problem (which is an NP-hard problem), biasing crowdsensing results as much as possible while remaining undetected. Since the attackers can know the defense strategy, they may bypass the defenders by constraining the expected log-likelihood ratio test. Additionally, the attackers can evade truth discovery methods deployed in crowdsensing using DP noise. To determine a current attack strategy, the bi-level problem is decomposed into upper-level and lower-level sub-problems, wherein the upper-level sub-problem is solved by the variational methods, and then these sub-problems are alternately optimized. Finally, we propose a local minimax points calculating algorithm to obtain an equilibrium point in the defenders-attackers game, thereby finding an optimal defense strategy to resist the powerful data poisoning attack. Extensive experiments on real-world and synthetic datasets show that the proposed game-based defense approach can effectively defend powerful and covert attackers.