Detection of Stealthy False Data Injection Attacks Against Cyber-Physical Systems: A Stochastic Coding Scheme

This paper, from the view of a defender, addresses the security problem of cyber-physical systems (CPSs) subject to stealthy false data injection (FDI) attacks that cannot be detected by a residual-based anomaly detector without other defensive measures. To detect such a class of FDI attacks, a stochastic coding scheme, which codes the sensor measurement with a Gaussian stochastic signal at the sensor side, is proposed to assist an anomaly detector to expose the FDI attack. In order to ensure the system performance in the normal operational context, a decoder is adopted to decode the coded sensor measurement when received at the controller side. With this detection scheme, the residual under the attack can be significantly different from that in the normal situation, and thus trigger an alarm. The design condition of the coding signal covariance is derived to meet the constraints of false alarm rate and attack detection rate. To minimize the trace of the coding signal covariance, the design problem of the coding signal is converted into a constraint non-convex optimization problem, and an estimation-optimization iteration algorithm is presented to obtain a numerical solution of the coding signal covariance. A numerical example is given to verify the effectiveness of the proposed scheme.