Binary Hypothesis Testing with Byzantine Sensors: Fundamental Trade-off Between Security and Efficiency

TL;DR

This paper explores the fundamental trade-off between security and efficiency in binary hypothesis testing with potentially compromised sensors, proposing optimal strategies and analyzing special cases and extensions.

Contribution

It establishes the fundamental limits of security-efficiency trade-offs in sensor hypothesis testing and proposes strategies to achieve these limits, including special cases with no trade-off.

Findings

Fundamental limits of security-efficiency trade-off are characterized.

Proposed detection strategy achieves the fundamental limits.

Special case where security and efficiency are simultaneously maximized.

Abstract

This paper studies binary hypothesis testing based on measurements from a set of sensors, a subset of which can be compromised by an attacker. The measurements from a compromised sensor can be manipulated arbitrarily by the adversary. The asymptotic exponential rate, with which the probability of error goes to zero, is adopted to indicate the detection performance of a detector. In practice, we expect the attack on sensors to be sporadic, and therefore the system may operate with all the sensors being benign for extended period of time. This motivates us to consider the trade-off between the detection performance of a detector, i.e., the probability of error, when the attacker is absent (defined as efficiency) and the worst-case detection performance when the attacker is present (defined as security). We first provide the fundamental limits of this trade-off, and then propose a detection strategy that achieves these limits. We then consider a special case, where there is no trade-off between security and efficiency. In other words, our detection strategy can achieve the maximal efficiency and the maximal security simultaneously. Two extensions of the secure hypothesis testing problem are also studied and fundamental limits and achievability results are provided: 1) a subset of sensors, namely "secure" sensors, are assumed to be equipped with better security countermeasures and hence are guaranteed to be benign, 2) detection performance with unknown number of compromised sensors. Numerical examples are given to illustrate the main results.